Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TD2iT5Nu5AGA3s8IU7BMHkF0rDQ.roa
File: TD2iT5Nu5AGA3s8IU7BMHkF0rDQ.roa (raw, json)
Hash identifier: YQ9ICAV6NyFzh5vQsHTgGpFtVOxbTFri9PD38cvoXpw=
Subject key identifier: 4C:3D:A2:4F:93:6E:E4:01:80:DE:CF:08:53:B0:4C:1E:41:74:AC:34
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 096754E2
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TD2iT5Nu5AGA3s8IU7BMHkF0rDQ.roa
Signing time: Thu 02 Jun 2022 06:46:20 +0000
ROA not before: Thu 02 Jun 2022 06:46:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 77.90.188.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157766882 (0x96754e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 2 06:46:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c3da24f936ee40180decf0853b04c1e4174ac34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:80:a0:db:6d:71:9a:47:ef:2f:c3:20:ca:41:
30:0f:b2:1f:67:a7:ee:05:d1:d4:ed:66:a7:b0:54:
d0:7b:a7:7b:e6:ec:a5:76:cb:87:bc:d9:d9:8d:47:
c7:f8:85:02:f5:f0:c1:9c:7e:e7:99:fc:d4:9c:e8:
9d:c7:23:f5:17:bf:b5:9a:11:86:2c:9d:96:f9:dd:
14:36:18:55:db:87:2f:cc:23:4a:3d:bc:1d:49:81:
47:5f:95:41:1b:7c:78:2d:62:91:9f:8a:fd:b1:86:
c6:5d:e6:a8:8c:20:90:a0:ce:05:99:80:19:74:18:
0f:4d:7a:d5:9b:3d:97:49:11:7f:ac:fe:4f:a7:3c:
2c:bb:4f:9f:3e:7c:d7:b6:b0:21:c7:cd:05:3f:35:
f0:64:d1:82:58:46:a6:21:be:73:73:dc:fe:70:05:
b2:62:c8:36:ae:54:a3:df:52:c9:ca:6a:25:13:d1:
b8:13:c7:21:3f:e4:65:d5:2b:50:f2:59:24:3c:b0:
84:cd:5c:5b:e6:23:0b:4f:f3:b5:a6:d6:6d:03:16:
4b:28:04:53:50:7b:79:69:2c:00:e1:15:50:27:14:
0d:07:72:dd:f9:14:54:6a:4a:10:a8:8a:db:40:d0:
bf:64:91:f2:86:6b:cd:ca:72:3f:39:05:8b:8a:48:
42:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3D:A2:4F:93:6E:E4:01:80:DE:CF:08:53:B0:4C:1E:41:74:AC:34
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TD2iT5Nu5AGA3s8IU7BMHkF0rDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.155.0-77.90.156.255
77.90.173.0/24
77.90.184.0/24
77.90.188.0/24
185.230.12.0/24
185.230.15.0/24
213.209.149.0/24
213.209.157.0/24
Signature Algorithm: sha256WithRSAEncryption
71:e3:ea:7a:9b:a6:84:b0:6c:82:cd:e6:f8:7a:ba:ba:2f:3b:
b7:84:f5:68:55:77:01:92:22:2d:0a:5b:b2:ce:60:4d:02:78:
22:20:24:b1:25:62:bf:0f:60:26:ef:45:45:11:43:1a:28:e2:
64:c7:72:8c:81:1a:b3:18:dd:1c:56:9a:48:d5:aa:2d:03:b6:
a0:4f:30:d5:b4:56:a4:d0:3c:c3:c1:95:74:aa:fa:22:d6:0c:
d4:9e:4b:11:9d:18:aa:6c:82:5e:a1:24:5d:bf:23:bd:b7:63:
5c:9d:87:c9:e9:dd:07:51:e5:11:49:73:eb:d3:cb:ef:be:3a:
9f:dc:04:e9:73:8c:62:2f:08:88:ea:72:40:14:2d:60:7b:9a:
4a:cc:48:2b:4c:57:97:10:9b:ad:12:7f:e4:93:e8:77:4a:f6:
25:ab:05:c5:1d:08:aa:ff:ef:ed:36:23:09:d8:28:18:b9:0b:
b7:47:1b:e3:3b:2b:29:fd:84:e5:d8:0c:ac:a5:7d:41:07:c4:
bd:0c:d0:d8:aa:20:07:56:6f:86:a5:17:9c:99:6d:c4:c3:61:
33:80:c2:12:2f:ef:28:12:43:33:cc:2f:4b:33:19:d6:fa:94:
b7:46:5a:db:c8:b5:a4:fc:0f:63:d2:2b:3d:92:31:2e:bd:fa:
e5:ad:7b:13
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIECWdU4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYw
MjA2NDYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGMzZGEyNGY5MzZl
ZTQwMTgwZGVjZjA4NTNiMDRjMWU0MTc0YWMzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANmAoNttcZpH7y/DIMpBMA+yH2en7gXR1O1mp7BU0Hune+bs
pXbLh7zZ2Y1Hx/iFAvXwwZx+55n81Jzonccj9Re/tZoRhiydlvndFDYYVduHL8wj
Sj28HUmBR1+VQRt8eC1ikZ+K/bGGxl3mqIwgkKDOBZmAGXQYD0161Zs9l0kRf6z+
T6c8LLtPnz5817awIcfNBT818GTRglhGpiG+c3Pc/nAFsmLINq5Uo99SycpqJRPR
uBPHIT/kZdUrUPJZJDywhM1cW+YjC0/ztabWbQMWSygEU1B7eWksAOEVUCcUDQdy
3fkUVGpKEKiK20DQv2SR8oZrzcpyPzkFi4pIQpcCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBRMPaJPk27kAYDezwhTsEweQXSsNDAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1REMmlUNU51NUFHQTNzOElVN0JNSGtGMHJEUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwODAMAwQATVqbAwQATVqcAwQATVqtAwQA
TVq4AwQATVq8AwQAueYMAwQAueYPAwQA1dGVAwQA1dGdMA0GCSqGSIb3DQEBCwUA
A4IBAQBx4+p6m6aEsGyCzeb4erq6Lzu3hPVoVXcBkiItCluyzmBNAngiICSxJWK/
D2Am70VFEUMaKOJkx3KMgRqzGN0cVppI1aotA7agTzDVtFak0DzDwZV0qvoi1gzU
nksRnRiqbIJeoSRdvyO9t2NcnYfJ6d0HUeURSXPr08vvvjqf3ATpc4xiLwiI6nJA
FC1ge5pKzEgrTFeXEJutEn/kk+h3SvYlqwXFHQiq/+/tNiMJ2CgYuQu3RxvjOysp
/YTl2AyspX1BB8S9DNDYqiAHVm+GpRecmW3Ew2EzgMISL+8oEkMzzC9LMxnW+pS3
RlrbyLWk/A9j0is9kjEuvfrlrXsT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org