Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FD_pMwO7ZW-cxeP5q-wdu3Nz6sI.roa
File: FD_pMwO7ZW-cxeP5q-wdu3Nz6sI.roa (raw, json)
Hash identifier: nvFPtR5Q3mJddbBwwYkeKJzjNgCQK6cJTfCEHBZ++UI=
Subject key identifier: 14:3F:E9:33:03:BB:65:6F:9C:C5:E3:F9:AB:EC:1D:BB:73:73:EA:C2
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0181F7C11B8AF01943CC3B718F0F17DE7371
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FD_pMwO7ZW-cxeP5q-wdu3Nz6sI.roa
Signing time: Wed 13 Jul 2022 13:30:36 +0000
ROA not before: Wed 13 Jul 2022 13:30:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207795
IP address blocks: 213.209.131.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f7:c1:1b:8a:f0:19:43:cc:3b:71:8f:0f:17:de:73:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 13 13:30:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=143fe93303bb656f9cc5e3f9abec1dbb7373eac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e1:17:7d:9b:52:c9:3a:2d:a4:5e:eb:4f:ee:
06:dd:53:67:a0:31:db:fb:fe:3c:7b:b9:26:3d:eb:
36:9e:bc:0c:4a:88:fd:1e:9e:51:82:9b:b2:5f:b5:
e5:99:c7:40:17:4e:65:b6:52:b8:c5:53:e4:4b:49:
ea:53:2f:b9:2f:43:92:7b:75:fd:8f:8f:cb:e1:a8:
aa:40:6e:c1:b8:82:9a:8b:26:5f:5b:d9:99:22:49:
9d:e7:99:20:d7:c7:d9:ea:37:4a:44:36:c7:66:b2:
d1:07:9f:60:90:4b:9f:2c:b4:9d:3e:06:95:ad:1c:
36:7f:82:17:fb:06:d8:bb:4c:e1:f2:aa:d6:cd:0f:
3d:60:0f:33:4f:9e:56:ae:87:2a:9a:95:94:1f:94:
8f:fd:a9:b7:2a:7b:72:da:ed:4e:57:64:de:f6:b5:
2d:9a:f9:a5:50:60:a3:1b:2e:cd:54:da:19:7c:f6:
d7:94:9a:b3:29:36:e8:13:9a:33:b3:a3:53:34:ae:
52:c3:33:47:29:10:15:bd:6b:47:5d:83:4d:37:b0:
d7:8b:53:ba:93:8c:3d:34:a1:f4:61:c0:54:11:cd:
38:0d:9b:e4:4c:5c:39:f1:ea:08:1a:54:79:d8:c1:
34:1c:dc:32:4e:88:00:36:91:0b:83:98:5c:3b:4d:
af:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3F:E9:33:03:BB:65:6F:9C:C5:E3:F9:AB:EC:1D:BB:73:73:EA:C2
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FD_pMwO7ZW-cxeP5q-wdu3Nz6sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.159.0/24
77.90.177.0/24
77.90.183.0/24
213.209.131.0/24
Signature Algorithm: sha256WithRSAEncryption
50:b2:3b:e5:4d:48:e3:0c:8a:66:cd:5b:fe:05:29:7e:5c:a3:
ae:77:72:b1:58:71:3d:75:de:4f:2d:e5:50:98:d7:e1:0f:a2:
1c:ed:0b:6c:5d:c0:ed:d3:65:0c:0c:ff:a0:ee:7f:f4:25:56:
7e:db:56:40:5f:3b:41:fc:63:57:1e:ca:22:fa:4a:05:f5:15:
0f:cc:c9:7a:c2:a9:23:80:84:10:90:94:0d:0a:a9:b3:4a:46:
f7:48:98:55:86:ea:ef:97:5d:cc:a1:7d:6d:b2:2b:73:b1:05:
15:c2:4f:22:8c:f4:59:3a:65:62:df:06:bf:42:8b:30:c5:e7:
ec:64:47:db:b3:13:51:1f:aa:f8:3e:9c:07:88:dc:66:0b:ad:
1b:a7:37:76:8f:cd:24:63:dd:ab:0d:96:20:57:13:c9:50:a2:
66:0d:43:15:57:37:f9:6b:af:e4:f3:0b:05:2d:4b:a5:8d:16:
a2:51:80:94:39:bf:ba:cd:c5:23:62:8a:af:58:5b:6f:8e:83:
1e:04:27:f3:86:97:45:d7:e5:c4:86:65:0d:2e:db:83:67:73:
19:85:fc:d1:db:5d:11:ee:6e:4c:51:e6:32:a2:a6:eb:59:62:
07:0e:55:b3:dc:7b:3a:85:c7:8c:4a:80:18:7c:a4:99:fa:2f:
f5:8f:ee:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYH3wRuK8BlDzDtxjw8X3nNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzEzMTMzMDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDNmZTkzMzAzYmI2NTZmOWNjNWUzZjlhYmVjMWRiYjczNzNlYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeEXfZtSyTotpF7rT+4G3VNnoDHb
+/48e7kmPes2nrwMSoj9Hp5RgpuyX7XlmcdAF05ltlK4xVPkS0nqUy+5L0OSe3X9
j4/L4aiqQG7BuIKaiyZfW9mZIkmd55kg18fZ6jdKRDbHZrLRB59gkEufLLSdPgaV
rRw2f4IX+wbYu0zh8qrWzQ89YA8zT55WrocqmpWUH5SP/am3Knty2u1OV2Te9rUt
mvmlUGCjGy7NVNoZfPbXlJqzKTboE5ozs6NTNK5SwzNHKRAVvWtHXYNNN7DXi1O6
k4w9NKH0YcBUEc04DZvkTFw58eoIGlR52ME0HNwyTogANpELg5hcO02v2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBQ/6TMDu2VvnMXj+avsHbtzc+rCMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRkRfcE13TzdaVy1jeGVQNXEtd2R1M056NnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqfAwQA
TVqxAwQATVq3AwQA1dGDMA0GCSqGSIb3DQEBCwUAA4IBAQBQsjvlTUjjDIpmzVv+
BSl+XKOud3KxWHE9dd5PLeVQmNfhD6Ic7QtsXcDt02UMDP+g7n/0JVZ+21ZAXztB
/GNXHsoi+koF9RUPzMl6wqkjgIQQkJQNCqmzSkb3SJhVhurvl13MoX1tsitzsQUV
wk8ijPRZOmVi3wa/QoswxefsZEfbsxNRH6r4PpwHiNxmC60bpzd2j80kY92rDZYg
VxPJUKJmDUMVVzf5a6/k8wsFLUuljRaiUYCUOb+6zcUjYoqvWFtvjoMeBCfzhpdF
1+XEhmUNLtuDZ3MZhfzR210R7m5MUeYyoqbrWWIHDlWz3Hs6hceMSoAYfKSZ+i/1
j+4s
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org