Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HSYEpGo-3JsbBuhuMxtvBn8xBs4.roa
File: HSYEpGo-3JsbBuhuMxtvBn8xBs4.roa (raw, json)
Hash identifier: zSEwAZ/oavHXST3J7CCZV2ptQVozGBPqpfX7sGI+Ex8=
Subject key identifier: 1D:26:04:A4:6A:3E:DC:9B:1B:06:E8:6E:33:1B:6F:06:7F:31:06:CE
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0184136EB490A5500B97B3D057C226798B7D
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HSYEpGo-3JsbBuhuMxtvBn8xBs4.roa
Signing time: Wed 26 Oct 2022 08:35:32 +0000
ROA not before: Wed 26 Oct 2022 08:35:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 213.209.136.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:6e:b4:90:a5:50:0b:97:b3:d0:57:c2:26:79:8b:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 26 08:35:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d2604a46a3edc9b1b06e86e331b6f067f3106ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e2:a7:c9:61:81:e8:ff:d4:6f:b5:fa:56:0f:
43:ea:24:ee:b3:a0:9b:80:b4:d0:44:26:50:5e:bf:
9f:e3:59:e5:b3:60:6f:60:0b:41:b8:96:47:c9:32:
73:27:45:ac:57:59:1c:7c:c3:88:4f:18:b6:a3:c9:
9f:e9:21:ce:4c:0d:cf:24:f8:9f:42:e1:d9:67:3b:
80:5b:bb:01:46:7b:5c:ba:ae:73:0d:8f:2f:97:24:
b2:56:cd:a0:10:84:6a:0a:7c:4a:3d:89:0e:1c:39:
19:ed:1f:53:3f:6c:e7:96:f8:9f:e7:91:13:50:de:
c3:6c:46:0b:55:e6:63:fe:9e:b0:d5:90:ab:7e:04:
a6:13:d4:6f:59:1b:bb:0c:e2:a0:41:33:0c:14:b2:
87:8d:74:ff:3e:73:ae:7c:b8:d7:4b:f8:9f:90:16:
b0:ed:55:5b:3a:61:ca:14:65:d7:7b:22:4a:ec:80:
0c:94:c5:4c:8b:4a:ad:d8:84:4c:f6:22:c6:a5:20:
de:fa:8c:99:2f:b1:b9:c3:b4:92:b8:eb:25:0c:d4:
47:63:b2:5f:25:d4:34:9c:fb:c4:f7:ae:43:56:27:
97:ff:d7:da:91:3d:6b:f6:54:e1:60:cb:e7:e3:f1:
e4:0c:b2:5e:e7:fc:17:3d:01:2b:25:83:64:3f:6f:
e0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:26:04:A4:6A:3E:DC:9B:1B:06:E8:6E:33:1B:6F:06:7F:31:06:CE
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HSYEpGo-3JsbBuhuMxtvBn8xBs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.185.0/24
213.209.136.0/24
213.209.146.0/24
213.209.149.0/24
Signature Algorithm: sha256WithRSAEncryption
89:14:95:10:9c:d0:47:b7:8c:15:d9:34:27:fb:90:e5:d4:53:
6c:13:83:46:6a:0a:13:0e:af:54:5e:ac:90:33:fc:4c:6d:45:
9b:8c:8d:1a:29:f2:7c:77:35:a4:86:58:29:0e:a0:9a:fa:69:
5a:5a:3b:2c:28:f9:b1:4e:f3:00:62:0b:0d:c8:91:82:aa:15:
4a:02:63:0c:c9:76:ad:a6:95:37:f0:ef:e3:7c:61:70:91:67:
76:c3:9f:14:a1:c1:f7:d0:4d:93:2d:bd:6f:20:46:e3:9c:4c:
42:13:5a:10:22:eb:37:aa:6a:cd:71:35:10:c8:a4:8b:ae:54:
5e:ae:6f:42:39:52:37:ab:56:37:74:fc:04:3e:c9:5c:ea:49:
93:5b:4f:8f:0a:5b:73:c9:dc:d5:cb:75:a8:67:7f:8a:75:12:
26:3f:44:5d:e1:b7:6d:20:cf:05:fc:77:fc:39:35:42:ee:e8:
48:d5:8c:a8:47:2c:06:97:80:5c:9e:2c:d5:1b:99:c6:05:08:
47:80:ae:b4:e5:d1:2b:e3:51:9e:a1:14:5f:33:ae:fc:1d:5a:
45:38:19:b3:eb:a0:80:32:89:00:eb:73:36:42:85:1b:9b:1c:
e2:05:e0:b5:fe:10:93:83:08:71:26:51:7a:ea:2b:94:f5:88:
34:7d:f0:0e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQTbrSQpVALl7PQV8ImeYt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMDI2MDgzNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDI2MDRhNDZhM2VkYzliMWIwNmU4NmUzMzFiNmYwNjdmMzEwNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreKnyWGB6P/Ub7X6Vg9D6iTus6Cb
gLTQRCZQXr+f41nls2BvYAtBuJZHyTJzJ0WsV1kcfMOITxi2o8mf6SHOTA3PJPif
QuHZZzuAW7sBRntcuq5zDY8vlySyVs2gEIRqCnxKPYkOHDkZ7R9TP2znlvif55ET
UN7DbEYLVeZj/p6w1ZCrfgSmE9RvWRu7DOKgQTMMFLKHjXT/PnOufLjXS/ifkBaw
7VVbOmHKFGXXeyJK7IAMlMVMi0qt2IRM9iLGpSDe+oyZL7G5w7SSuOslDNRHY7Jf
JdQ0nPvE965DVieX/9fakT1r9lThYMvn4/HkDLJe5/wXPQErJYNkP2/gawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB0mBKRqPtybGwbobjMbbwZ/MQbOMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSFNZRXBHby0zSnNiQnVodU14dHZCbjh4QnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVq5AwQA
1dGIAwQA1dGSAwQA1dGVMA0GCSqGSIb3DQEBCwUAA4IBAQCJFJUQnNBHt4wV2TQn
+5Dl1FNsE4NGagoTDq9UXqyQM/xMbUWbjI0aKfJ8dzWkhlgpDqCa+mlaWjssKPmx
TvMAYgsNyJGCqhVKAmMMyXatppU38O/jfGFwkWd2w58UocH30E2TLb1vIEbjnExC
E1oQIus3qmrNcTUQyKSLrlRerm9COVI3q1Y3dPwEPslc6kmTW0+PCltzydzVy3Wo
Z3+KdRImP0Rd4bdtIM8F/Hf8OTVC7uhI1YyoRywGl4BcnizVG5nGBQhHgK605dEr
41GeoRRfM678HVpFOBmz66CAMokA63M2QoUbmxziBeC1/hCTgwhxJlF66iuU9Yg0
ffAO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org