Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/PtbtmN8J7JWVE10crZxFc3syeVk.roa
File: PtbtmN8J7JWVE10crZxFc3syeVk.roa (raw, json)
Hash identifier: oNTv3EiInDFMMDTH/CW/7MzhBV01+40PL7jY2zOToBg=
Subject key identifier: 3E:D6:ED:98:DF:09:EC:95:95:13:5D:1C:AD:9C:45:73:7B:32:79:59
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 06E18A18
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/PtbtmN8J7JWVE10crZxFc3syeVk.roa
Signing time: Sat 01 Jan 2022 07:00:17 +0000
ROA not before: Sat 01 Jan 2022 07:00:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 213.209.131.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.160.0/22 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.170.0/24 maxlen: 24
77.90.172.0/24 maxlen: 24
77.90.175.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.183.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115444248 (0x6e18a18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 1 07:00:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ed6ed98df09ec9595135d1cad9c45737b327959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:74:8a:4b:22:18:d4:c1:c6:44:20:8e:6a:90:
09:55:79:37:0c:a3:89:23:3f:70:3c:cc:38:74:02:
68:78:28:33:f1:7c:98:de:1b:7e:43:a2:e6:e2:0a:
4b:63:26:ff:18:5c:bc:37:0e:2e:a8:26:95:3a:82:
16:70:bf:3a:54:34:5d:31:6b:e2:a7:c6:04:3d:b9:
9b:aa:15:b4:f2:53:32:5b:64:96:95:94:42:58:6d:
ff:de:29:d7:e6:91:f6:f0:48:14:23:ee:6b:35:a8:
49:0a:cb:09:a3:85:b8:fc:e5:dd:d2:32:62:4d:9a:
65:a2:81:be:2f:85:80:e2:f6:5c:d3:fb:c3:70:1d:
00:cd:25:9d:5a:6c:eb:c2:f3:b0:63:f1:f3:1e:02:
6d:ae:8f:72:e3:39:2d:13:d2:ac:6a:49:ea:36:82:
30:f7:6a:52:6c:13:61:ad:a0:c6:c7:09:6e:98:24:
a5:8e:9f:b5:0a:47:96:af:3c:91:a9:83:ee:23:c6:
45:38:5d:04:6e:c9:0e:20:a6:c7:e5:55:3f:e6:bd:
36:05:86:b5:68:cf:92:b5:58:be:26:7e:d3:7d:b1:
16:51:00:5f:a4:ef:5a:4c:54:81:82:34:13:6f:21:
33:59:1d:05:18:a3:94:3c:49:c5:6f:b7:08:08:38:
59:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:D6:ED:98:DF:09:EC:95:95:13:5D:1C:AD:9C:45:73:7B:32:79:59
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/PtbtmN8J7JWVE10crZxFc3syeVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.159.0-77.90.163.255
77.90.169.0-77.90.172.255
77.90.175.0/24
77.90.177.0/24
77.90.183.0/24
77.90.186.0/24
213.209.131.0/24
213.209.139.0/24
213.209.152.0/24
Signature Algorithm: sha256WithRSAEncryption
72:b2:6a:2c:02:a1:07:e5:ab:5a:0a:c7:76:be:c4:bd:43:73:
11:ea:af:a4:f3:06:eb:e2:23:65:5d:ae:d0:33:b2:15:6a:02:
1d:a2:67:ec:6f:55:e8:7f:85:79:89:dd:0e:1e:36:c4:c8:99:
8a:fc:5a:6a:05:2a:17:ae:17:5a:5a:c3:6c:70:6f:c7:52:17:
88:85:e5:b3:9a:89:85:72:8c:f2:cc:a8:41:fc:d9:3d:d0:42:
8e:b7:4a:c0:d2:53:08:81:10:52:5b:15:df:e9:86:31:0e:46:
0d:12:19:41:d8:c2:f5:22:3e:e9:f8:7a:cf:dc:07:0d:b0:a6:
e8:eb:88:d2:2e:3f:78:65:02:20:ff:75:69:8d:ec:f5:2b:40:
d2:d4:ac:53:7c:03:85:b4:eb:ce:8e:ab:9b:c9:f0:4b:2f:7e:
2b:08:ad:b6:7f:13:a8:07:6a:61:bd:2c:24:07:6e:66:7d:fb:
14:19:0f:4f:fb:04:61:71:41:28:ec:34:36:8c:47:00:89:30:
a2:d0:e5:43:a0:87:0d:a0:f5:38:9b:6b:f3:1a:a6:3d:f1:8a:
43:b7:41:9e:a8:3c:f3:b0:92:cd:ab:1b:2a:19:eb:a6:9b:40:
16:1e:f8:a8:78:c3:a0:06:db:ca:1f:eb:10:d2:0b:f3:48:cb:
37:21:a6:17
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEBuGKGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDEw
MTA3MDAxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VkNmVkOThkZjA5
ZWM5NTk1MTM1ZDFjYWQ5YzQ1NzM3YjMyNzk1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJd0iksiGNTBxkQgjmqQCVV5NwyjiSM/cDzMOHQCaHgoM/F8
mN4bfkOi5uIKS2Mm/xhcvDcOLqgmlTqCFnC/OlQ0XTFr4qfGBD25m6oVtPJTMltk
lpWUQlht/94p1+aR9vBIFCPuazWoSQrLCaOFuPzl3dIyYk2aZaKBvi+FgOL2XNP7
w3AdAM0lnVps68LzsGPx8x4Cba6PcuM5LRPSrGpJ6jaCMPdqUmwTYa2gxscJbpgk
pY6ftQpHlq88kamD7iPGRThdBG7JDiCmx+VVP+a9NgWGtWjPkrVYviZ+032xFlEA
X6TvWkxUgYI0E28hM1kdBRijlDxJxW+3CAg4WfsCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBQ+1u2Y3wnslZUTXRytnEVzezJ5WTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1B0YnRtTjhKN0pXVkUxMGNyWnhGYzNzeWVWay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wTAQCAAEwRjAMAwQATVqfAwQCTVqgMAwDBABNWqkD
BABNWqwDBABNWq8DBABNWrEDBABNWrcDBABNWroDBADV0YMDBADV0YsDBADV0Zgw
DQYJKoZIhvcNAQELBQADggEBAHKyaiwCoQflq1oKx3a+xL1DcxHqr6TzBuviI2Vd
rtAzshVqAh2iZ+xvVeh/hXmJ3Q4eNsTImYr8WmoFKheuF1paw2xwb8dSF4iF5bOa
iYVyjPLMqEH82T3QQo63SsDSUwiBEFJbFd/phjEORg0SGUHYwvUiPun4es/cBw2w
pujriNIuP3hlAiD/dWmN7PUrQNLUrFN8A4W0686Oq5vJ8EsvfisIrbZ/E6gHamG9
LCQHbmZ9+xQZD0/7BGFxQSjsNDaMRwCJMKLQ5UOghw2g9Tiba/Mapj3xikO3QZ6o
PPOwks2rGyoZ66abQBYe+Kh4w6AG28of6xDSC/NIyzchphc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org