Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Hmtl0UoQjxhwbiV6zxJPFjtIGcc.roa
File: Hmtl0UoQjxhwbiV6zxJPFjtIGcc.roa (raw, json)
Hash identifier: dGMoOddjzcwkMjv4TGizOG6UWxEs+TF84RPWF0s1iOg=
Subject key identifier: 1E:6B:65:D1:4A:10:8F:18:70:6E:25:7A:CF:12:4F:16:3B:48:19:C7
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 08CCBA02
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Hmtl0UoQjxhwbiV6zxJPFjtIGcc.roa
Signing time: Sat 23 Apr 2022 12:39:32 +0000
ROA not before: Sat 23 Apr 2022 12:39:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 185.230.14.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147634690 (0x8ccba02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 23 12:39:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e6b65d14a108f18706e257acf124f163b4819c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:cd:d7:71:d6:2f:81:d8:e5:1a:8c:37:dd:b4:
70:f7:e3:03:c4:f9:b7:a2:1e:d5:66:f5:65:17:e0:
42:b9:8c:70:21:ea:83:96:7b:27:b6:15:3b:1d:d9:
5b:f9:04:53:4a:58:22:2f:77:8f:91:fb:b9:2f:1f:
bb:f3:ce:94:7f:b6:81:89:82:58:8b:d4:ff:a8:50:
97:08:e6:38:f8:12:4b:4c:6a:34:cf:da:5c:1a:9f:
7e:d0:9d:f3:4a:6f:35:ec:ce:d5:7a:7a:72:ab:93:
af:74:c5:7d:b8:67:ea:8d:4c:12:5d:b1:b9:11:50:
4e:3d:d3:29:30:ab:2b:e7:12:63:53:14:9c:bd:45:
7c:12:a2:e4:b9:09:fa:c6:eb:70:64:67:78:6e:99:
c5:f0:34:ab:c4:3e:96:64:95:eb:ba:62:ae:3a:c1:
47:1c:cf:84:bd:f7:9a:4a:04:9d:b6:14:e5:40:9e:
e5:8c:9a:51:96:79:5f:7e:83:70:85:6f:8f:3a:08:
6b:0a:cc:b2:d6:6f:55:5c:80:c2:42:69:c2:ac:6f:
e2:d7:f0:2b:ac:7c:ba:2d:09:9f:3d:3c:46:27:29:
00:17:9a:70:f3:38:87:3c:71:da:46:83:6a:63:22:
04:4b:a4:9b:ec:e4:aa:d9:89:d3:02:f8:9f:73:8f:
c2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:6B:65:D1:4A:10:8F:18:70:6E:25:7A:CF:12:4F:16:3B:48:19:C7
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Hmtl0UoQjxhwbiV6zxJPFjtIGcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.149.0-77.90.150.255
77.90.153.0-77.90.155.255
77.90.157.0/24
77.90.179.0/24
185.230.14.0/24
213.209.129.0/24
213.209.133.0/24
213.209.143.0/24
213.209.145.0/24
213.209.150.0/24
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
50:86:61:a6:59:d0:5e:41:23:73:b1:d0:fd:31:9a:b5:d5:88:
da:98:67:4e:10:fc:0f:15:ee:ff:ac:1f:10:1f:9e:6f:6c:cb:
f2:dd:62:ba:33:43:0f:23:cd:59:18:18:cf:a6:56:8d:04:86:
50:8b:a4:4d:98:7c:8b:99:b3:56:ad:42:13:4f:b4:ca:42:34:
84:7c:e0:f1:f1:ae:12:17:30:67:06:f7:1a:79:98:74:47:a2:
f7:53:7d:32:88:cb:79:cc:57:24:e9:c3:7c:8f:40:d1:0b:f3:
a5:58:13:fa:0c:69:a3:c3:f5:71:af:55:de:02:f6:14:60:52:
3a:44:3c:a2:22:81:44:be:94:8e:24:7d:ee:28:47:53:4e:5a:
4d:ff:c8:99:e4:54:12:41:53:bc:47:2b:7d:a7:39:e9:ce:28:
44:5a:fc:db:0e:5e:5e:13:9d:47:08:10:dd:09:1a:7c:5d:7b:
17:ba:00:71:4b:00:5b:9a:42:cd:46:29:ee:f7:ab:7c:48:f1:
32:18:9c:8b:82:c6:b0:24:2d:85:f2:09:41:25:24:6b:bf:94:
50:d3:b9:33:4e:24:e6:52:87:e8:b1:82:76:24:a9:12:48:cd:
d2:7f:5b:a2:91:77:f5:f2:65:cc:a8:03:71:f6:69:01:5b:de:
2a:35:9c:a4
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIECMy6AjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQy
MzEyMzkzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU2YjY1ZDE0YTEw
OGYxODcwNmUyNTdhY2YxMjRmMTYzYjQ4MTljNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPPN13HWL4HY5RqMN920cPfjA8T5t6Ie1Wb1ZRfgQrmMcCHq
g5Z7J7YVOx3ZW/kEU0pYIi93j5H7uS8fu/POlH+2gYmCWIvU/6hQlwjmOPgSS0xq
NM/aXBqfftCd80pvNezO1Xp6cquTr3TFfbhn6o1MEl2xuRFQTj3TKTCrK+cSY1MU
nL1FfBKi5LkJ+sbrcGRneG6ZxfA0q8Q+lmSV67pirjrBRxzPhL33mkoEnbYU5UCe
5YyaUZZ5X36DcIVvjzoIawrMstZvVVyAwkJpwqxv4tfwK6x8ui0Jnz08RicpABea
cPM4hzxx2kaDamMiBEukm+zkqtmJ0wL4n3OPwssCAwEAAaOCAlUwggJRMB0GA1Ud
DgQWBBQea2XRShCPGHBuJXrPEk8WO0gZxzAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0htdGwwVW9Ranhod2JpVjZ6eEpQRmp0SUdjYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBr
BggrBgEFBQcBBwEB/wRcMFowWAQCAAEwUjAMAwQATVqVAwQATVqWMAwDBABNWpkD
BAJNWpgDBABNWp0DBABNWrMDBAC55g4DBADV0YEDBADV0YUDBADV0Y8DBADV0ZED
BADV0ZYDBADV0Z4wDQYJKoZIhvcNAQELBQADggEBAFCGYaZZ0F5BI3Ox0P0xmrXV
iNqYZ04Q/A8V7v+sHxAfnm9sy/LdYrozQw8jzVkYGM+mVo0EhlCLpE2YfIuZs1at
QhNPtMpCNIR84PHxrhIXMGcG9xp5mHRHovdTfTKIy3nMVyTpw3yPQNEL86VYE/oM
aaPD9XGvVd4C9hRgUjpEPKIigUS+lI4kfe4oR1NOWk3/yJnkVBJBU7xHK32nOenO
KERa/NsOXl4TnUcIEN0JGnxdexe6AHFLAFuaQs1GKe73q3xI8TIYnIuCxrAkLYXy
CUElJGu/lFDTuTNOJOZSh+ixgnYkqRJIzdJ/W6KRd/XyZcyoA3H2aQFb3io1nKQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org