Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/NtmoG_HKeqDKBgXrKbgbqR2knOI.roa
File: NtmoG_HKeqDKBgXrKbgbqR2knOI.roa (raw, json)
Hash identifier: DReDLtmXNv1mf4c5/T0mohfX1CFcB98dg57WQJgh+90=
Subject key identifier: 36:D9:A8:1B:F1:CA:7A:A0:CA:06:05:EB:29:B8:1B:A9:1D:A4:9C:E2
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 098DB40D
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/NtmoG_HKeqDKBgXrKbgbqR2knOI.roa
Signing time: Mon 13 Jun 2022 11:50:32 +0000
ROA not before: Mon 13 Jun 2022 11:50:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 77.90.188.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160281613 (0x98db40d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 13 11:50:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36d9a81bf1ca7aa0ca0605eb29b81ba91da49ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:fc:c6:c2:16:7a:20:93:0c:6e:38:48:fa:de:
ad:ff:92:1c:cb:24:a9:40:fe:ef:ca:f3:43:43:4d:
a1:fb:87:0a:17:8f:24:e4:0f:8e:4c:24:b0:4e:b9:
55:ad:9b:84:ee:6a:b0:18:61:49:84:fc:a4:66:7f:
b7:e1:d2:23:27:c5:34:8d:1e:c3:1d:75:2f:c8:77:
be:45:6c:03:0a:fb:d6:a3:b1:4d:27:a9:03:26:83:
19:81:a2:35:0b:06:3d:3b:d7:ce:e4:cb:03:22:a4:
a6:81:4f:75:45:64:35:3c:ec:dd:b4:80:9b:28:df:
f1:f4:1f:8d:bb:27:f3:6a:55:14:47:e8:97:bc:f3:
da:cd:49:85:7d:a3:b2:4a:7d:92:70:6e:df:78:c9:
4c:bf:23:91:16:55:40:d1:3a:4e:55:0d:ee:49:63:
4e:42:7a:84:3a:ad:2b:6e:a1:47:f0:24:42:3d:49:
90:a7:24:c6:87:f5:3b:bb:c1:77:7c:0e:01:60:d9:
1a:4a:19:42:71:ab:a5:5d:51:b3:0e:18:07:e6:58:
f2:5a:e9:f2:38:b8:5f:ab:39:97:32:d3:c4:8e:b5:
70:12:6a:53:85:cc:a6:b6:35:de:c2:41:b0:a2:09:
c8:84:13:6b:d0:41:58:34:6b:e4:19:7a:2c:ad:a0:
b4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D9:A8:1B:F1:CA:7A:A0:CA:06:05:EB:29:B8:1B:A9:1D:A4:9C:E2
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/NtmoG_HKeqDKBgXrKbgbqR2knOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
77.90.155.0-77.90.156.255
77.90.184.0/24
77.90.188.0/24
185.230.12.0/24
213.209.133.0-213.209.134.255
213.209.149.0/24
213.209.157.0/24
Signature Algorithm: sha256WithRSAEncryption
22:10:75:83:78:31:8a:8c:9c:98:40:a8:d1:21:85:2c:3b:81:
bb:98:81:d9:40:11:29:04:8d:fe:6a:86:9f:43:42:f9:46:6a:
b6:89:99:52:ba:45:d2:71:3b:b0:6a:6b:10:b3:6d:c1:8b:32:
31:00:ab:1c:a2:fa:35:4a:4b:d2:60:00:ee:a5:9e:5e:eb:3c:
e9:7e:4b:79:ae:c4:39:67:f6:d8:9a:fe:09:04:42:94:5f:ef:
f6:c8:4d:54:d7:f2:b2:c7:d3:99:9c:ce:f5:26:00:87:7b:f3:
cb:ab:5f:04:d6:23:5f:f7:6c:a1:21:1c:e4:e0:d5:9d:79:4c:
48:69:e0:24:56:2a:db:78:a3:51:6a:77:28:2c:98:76:04:13:
d2:18:72:55:97:7b:e7:da:f6:f7:79:3e:2b:98:ff:1e:b1:f5:
4d:72:36:88:61:91:c9:15:6a:ec:04:5b:ad:bd:e7:61:f6:3c:
e1:35:86:ee:0d:14:be:c7:09:1d:d0:66:fc:ab:7c:50:0a:27:
fd:10:ef:37:07:72:6a:60:81:82:58:fd:8f:35:af:7b:32:4a:
04:24:6c:a0:ca:1d:d4:fc:47:95:fc:64:ee:8c:53:a5:d6:c3:
86:48:8e:df:e6:45:a7:7c:5d:3c:f5:fe:06:ed:4d:1a:0e:95:
9a:d5:cd:05
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIECY20DTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYx
MzExNTAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZkOWE4MWJmMWNh
N2FhMGNhMDYwNWViMjliODFiYTkxZGE0OWNlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOf8xsIWeiCTDG44SPrerf+SHMskqUD+78rzQ0NNofuHCheP
JOQPjkwksE65Va2bhO5qsBhhSYT8pGZ/t+HSIyfFNI0ewx11L8h3vkVsAwr71qOx
TSepAyaDGYGiNQsGPTvXzuTLAyKkpoFPdUVkNTzs3bSAmyjf8fQfjbsn82pVFEfo
l7zz2s1JhX2jskp9knBu33jJTL8jkRZVQNE6TlUN7kljTkJ6hDqtK26hR/AkQj1J
kKckxof1O7vBd3wOAWDZGkoZQnGrpV1Rsw4YB+ZY8lrp8ji4X6s5lzLTxI61cBJq
U4XMprY13sJBsKIJyIQTa9BBWDRr5Bl6LK2gtJ0CAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBQ22agb8cp6oMoGBespuBupHaSc4jAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L050bW9HX0hLZXFES0JnWHJLYmdicVIya25PSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEAE1akTAMAwQATVqbAwQATVqcAwQA
TVq4AwQATVq8AwQAueYMMAwDBADV0YUDBADV0YYDBADV0ZUDBADV0Z0wDQYJKoZI
hvcNAQELBQADggEBACIQdYN4MYqMnJhAqNEhhSw7gbuYgdlAESkEjf5qhp9DQvlG
araJmVK6RdJxO7BqaxCzbcGLMjEAqxyi+jVKS9JgAO6lnl7rPOl+S3muxDln9tia
/gkEQpRf7/bITVTX8rLH05mczvUmAId788urXwTWI1/3bKEhHOTg1Z15TEhp4CRW
Ktt4o1FqdygsmHYEE9IYclWXe+fa9vd5PiuY/x6x9U1yNohhkckVauwEW62952H2
POE1hu4NFL7HCR3QZvyrfFAKJ/0Q7zcHcmpggYJY/Y81r3sySgQkbKDKHdT8R5X8
ZO6MU6XWw4ZIjt/mRad8XTz1/gbtTRoOlZrVzQU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org