Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/S8lEHPndtied6t1tv6xCmyiFFfY.roa
File: S8lEHPndtied6t1tv6xCmyiFFfY.roa (raw, json)
Hash identifier: QUuZ/OXMpTqLlL6NBxzzo8zaVAt7j68VcMUB7ZQHzm0=
Subject key identifier: 4B:C9:44:1C:F9:DD:B6:27:9D:EA:DD:6D:BF:AC:42:9B:28:85:15:F6
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 086598BF
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/S8lEHPndtied6t1tv6xCmyiFFfY.roa
Signing time: Fri 01 Apr 2022 12:51:35 +0000
ROA not before: Fri 01 Apr 2022 12:51:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208911
IP address blocks: 213.209.146.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140875967 (0x86598bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 1 12:51:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bc9441cf9ddb6279deadd6dbfac429b288515f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:61:c6:82:74:64:73:bd:80:6e:7c:0e:5a:14:
c3:1e:9c:f3:47:e4:e1:15:38:d3:42:ce:44:71:c2:
7c:2d:d3:ae:8a:e9:ca:02:b3:60:ce:42:5c:02:2e:
cd:13:2f:83:f2:27:24:3e:32:32:50:ea:7a:50:9f:
56:be:f0:f9:db:0a:b6:a4:6a:dc:f0:76:ba:4a:0e:
a0:aa:74:c8:f7:c8:17:a3:ae:0e:79:44:2a:07:0d:
b9:95:b3:97:87:78:9f:92:5d:4c:9a:06:a6:83:7e:
98:55:f4:29:c2:2d:e6:d4:32:a7:8a:f2:97:a5:d7:
de:01:3d:08:0c:18:d7:7b:6d:74:ee:59:84:e0:32:
c0:09:ae:d2:9c:9a:ff:99:65:e7:16:3b:37:a8:ad:
eb:1c:b5:60:89:c9:3a:34:57:65:4b:df:83:ee:0a:
80:2e:7e:fa:60:45:b9:5e:d1:c6:b4:38:8a:b3:8e:
fa:b3:ba:6b:2d:71:0e:85:2b:dc:8a:6b:94:4f:94:
87:0a:99:02:ce:07:d9:98:92:d3:ff:de:39:fa:80:
02:11:dd:af:4e:5a:0a:a7:ee:04:1e:44:fa:e0:a5:
91:3b:84:fb:7f:70:56:08:fe:a5:0d:d7:16:c9:ef:
e5:8f:82:7f:64:6b:cd:96:4a:38:a5:a6:da:bd:10:
e1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C9:44:1C:F9:DD:B6:27:9D:EA:DD:6D:BF:AC:42:9B:28:85:15:F6
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/S8lEHPndtied6t1tv6xCmyiFFfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.181.0/24
185.230.12.0/24
213.209.146.0/24
213.209.151.0/24
Signature Algorithm: sha256WithRSAEncryption
62:b9:a5:37:24:18:6e:2b:aa:cb:09:5c:12:b8:21:12:60:43:
b9:5e:6c:f3:72:fc:8a:13:8b:c6:13:75:e8:53:63:bd:07:9f:
10:bc:e3:5c:a5:07:a1:59:16:3d:cd:5a:b3:68:91:65:b6:b2:
35:15:bc:c7:19:62:75:9a:ed:81:34:6c:b9:41:f3:d9:c4:61:
92:12:01:aa:a5:38:5f:60:72:11:86:77:93:60:a7:62:9b:7c:
2d:dd:20:0d:d4:b5:35:cb:c0:e6:c3:a6:fb:76:bc:07:c6:95:
8e:61:f7:cb:a1:4a:0d:cf:30:5e:ee:91:21:99:92:66:2b:2f:
8a:02:14:85:52:90:d7:f5:1b:d5:bf:e0:0c:c0:83:8f:2c:22:
46:e2:e8:c4:78:09:25:ad:a5:91:d1:50:42:73:1b:64:29:ae:
9f:ca:9e:7a:7d:09:0c:39:17:75:8c:5a:80:f1:d0:cd:f0:1b:
0d:f0:8a:8d:3d:73:21:5c:4d:19:e3:a3:00:4c:d7:ed:38:6d:
e0:aa:46:65:57:6d:e0:91:93:ec:cb:09:94:91:93:69:5b:87:
a2:04:27:8c:2d:a1:76:51:42:ea:bf:c0:d1:2d:42:97:78:36:
ef:bb:e9:93:18:de:84:23:61:b9:d0:31:27:7f:a2:51:f3:b2:
9a:45:35:57
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECGWYvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQw
MTEyNTEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJjOTQ0MWNmOWRk
YjYyNzlkZWFkZDZkYmZhYzQyOWIyODg1MTVmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM9hxoJ0ZHO9gG58DloUwx6c80fk4RU400LORHHCfC3Trorp
ygKzYM5CXAIuzRMvg/InJD4yMlDqelCfVr7w+dsKtqRq3PB2ukoOoKp0yPfIF6Ou
DnlEKgcNuZWzl4d4n5JdTJoGpoN+mFX0KcIt5tQyp4ryl6XX3gE9CAwY13ttdO5Z
hOAywAmu0pya/5ll5xY7N6it6xy1YInJOjRXZUvfg+4KgC5++mBFuV7RxrQ4irOO
+rO6ay1xDoUr3IprlE+UhwqZAs4H2ZiS0//eOfqAAhHdr05aCqfuBB5E+uClkTuE
+39wVgj+pQ3XFsnv5Y+Cf2RrzZZKOKWm2r0Q4ZUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRLyUQc+d22J53q3W2/rEKbKIUV9jAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1M4bEVIUG5kdGllZDZ0MXR2NnhDbXlpRkZmWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAE1atQMEALnmDAMEANXRkgMEANXR
lzANBgkqhkiG9w0BAQsFAAOCAQEAYrmlNyQYbiuqywlcErghEmBDuV5s83L8ihOL
xhN16FNjvQefELzjXKUHoVkWPc1as2iRZbayNRW8xxlidZrtgTRsuUHz2cRhkhIB
qqU4X2ByEYZ3k2CnYpt8Ld0gDdS1NcvA5sOm+3a8B8aVjmH3y6FKDc8wXu6RIZmS
ZisvigIUhVKQ1/Ub1b/gDMCDjywiRuLoxHgJJa2lkdFQQnMbZCmun8qeen0JDDkX
dYxagPHQzfAbDfCKjT1zIVxNGeOjAEzX7Tht4KpGZVdt4JGT7MsJlJGTaVuHogQn
jC2hdlFC6r/A0S1Cl3g277vpkxjehCNhudAxJ3+iUfOymkU1Vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org