Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TvGt_Id6xBgN-ye7tp0FuafnHho.roa
File: TvGt_Id6xBgN-ye7tp0FuafnHho.roa (raw, json)
Hash identifier: F/jNjITkVJyIF9gPuSNTx1J8GJ10l3GGr6VRWglHovI=
Subject key identifier: 4E:F1:AD:FC:87:7A:C4:18:0D:FB:27:BB:B6:9D:05:B9:A7:E7:1E:1A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 07FFDF2C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TvGt_Id6xBgN-ye7tp0FuafnHho.roa
Signing time: Thu 10 Mar 2022 19:09:09 +0000
ROA not before: Thu 10 Mar 2022 19:09:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399587
IP address blocks: 213.209.131.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.160.0/22 maxlen: 22
77.90.170.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.172.0/24 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.175.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
77.90.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134209324 (0x7ffdf2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 10 19:09:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ef1adfc877ac4180dfb27bbb69d05b9a7e71e1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:65:01:37:52:da:69:62:d9:82:4d:a3:53:cc:
81:8d:56:6d:3f:c6:8b:f9:d9:8a:19:7a:e6:10:37:
69:35:18:ea:ec:98:7f:d2:d0:35:70:34:8c:2c:7f:
10:e2:93:1a:c9:d2:f5:47:a4:55:36:f0:13:ca:99:
a7:92:78:03:f2:46:b9:ef:a6:92:11:65:db:b5:e4:
12:d1:96:d5:3d:0b:3a:93:e0:4e:28:b7:45:70:c7:
72:09:6a:41:15:d3:b2:c0:50:c1:2b:d7:47:11:40:
a7:55:4e:46:95:7e:99:85:b0:09:93:5a:e4:b5:a9:
87:38:8b:0a:e3:40:b8:f7:5d:5a:4c:31:f2:c1:c1:
69:78:ec:82:32:be:ea:55:3a:1f:64:1c:d1:bf:8e:
d0:cf:bb:01:72:f1:1d:17:fe:0a:d8:d6:ff:98:02:
3b:53:7d:e7:d6:96:dc:0a:74:35:b6:8b:80:ad:2d:
33:38:fb:c6:eb:41:08:bb:82:61:95:a7:75:d2:4a:
99:54:13:8b:a7:c0:ad:33:6f:fa:0c:db:95:38:45:
02:00:0b:a4:2a:43:4a:7d:b5:09:b3:99:72:b8:c9:
f2:b1:3c:d5:a1:4a:67:60:12:9d:ce:a3:86:bf:41:
f4:b5:d5:5e:1b:68:aa:e6:1f:4f:92:c7:b1:20:21:
a6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F1:AD:FC:87:7A:C4:18:0D:FB:27:BB:B6:9D:05:B9:A7:E7:1E:1A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TvGt_Id6xBgN-ye7tp0FuafnHho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.159.0-77.90.163.255
77.90.169.0-77.90.172.255
77.90.175.0/24
77.90.177.0/24
77.90.183.0/24
77.90.186.0/24
213.209.131.0/24
213.209.139.0/24
213.209.152.0/24
Signature Algorithm: sha256WithRSAEncryption
82:86:a6:ba:b1:a0:50:de:71:ac:24:1a:92:57:c2:07:da:ee:
8e:ce:dd:ea:a3:7d:71:68:e0:ca:7a:91:25:c9:27:52:79:36:
9f:40:2e:16:5f:31:4e:b2:4a:86:27:13:2b:33:71:19:b7:d7:
1a:11:cd:39:7f:2a:96:aa:52:8e:9e:c1:24:54:67:71:68:6c:
d7:b4:e0:f6:dc:96:37:e0:61:d9:4a:24:e8:33:78:f2:ee:ab:
68:87:af:50:85:f7:2a:0d:43:b8:21:30:95:b6:3a:be:5e:93:
56:8b:68:8a:12:c1:aa:bd:f5:5c:cd:4b:f6:99:f8:82:ac:47:
e1:6a:60:e9:2b:e5:19:39:cf:ea:38:4a:f8:52:e4:b6:33:d2:
34:47:da:33:a2:67:0b:73:f8:cd:a1:34:2c:0c:a9:3a:53:5d:
5d:c5:d4:0e:89:4b:33:82:03:8c:cf:b4:45:d0:d2:dc:d6:21:
dd:4d:75:ca:5e:9d:b6:a6:e1:63:10:4c:91:0f:93:32:1a:97:
25:f6:3a:81:6c:a4:fb:3e:3c:94:06:b9:f1:16:2f:ca:e1:e6:
0c:b7:05:d5:af:58:79:2f:d4:e0:8b:50:af:2b:ad:d5:30:39:
be:66:31:aa:96:9b:d7:49:74:e7:6a:53:af:56:6d:c8:5b:96:
0e:6e:d3:3a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEB//fLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMx
MDE5MDkwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVmMWFkZmM4Nzdh
YzQxODBkZmIyN2JiYjY5ZDA1YjlhN2U3MWUxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9lATdS2mli2YJNo1PMgY1WbT/Gi/nZihl65hA3aTUY6uyY
f9LQNXA0jCx/EOKTGsnS9UekVTbwE8qZp5J4A/JGue+mkhFl27XkEtGW1T0LOpPg
Tii3RXDHcglqQRXTssBQwSvXRxFAp1VORpV+mYWwCZNa5LWphziLCuNAuPddWkwx
8sHBaXjsgjK+6lU6H2Qc0b+O0M+7AXLxHRf+CtjW/5gCO1N959aW3Ap0NbaLgK0t
Mzj7xutBCLuCYZWnddJKmVQTi6fArTNv+gzblThFAgALpCpDSn21CbOZcrjJ8rE8
1aFKZ2ASnc6jhr9B9LXVXhtoquYfT5LHsSAhpqkCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBRO8a38h3rEGA37J7u2nQW5p+ceGjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1R2R3RfSWQ2eEJnTi15ZTd0cDBGdWFmbkhoby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wTAQCAAEwRjAMAwQATVqfAwQCTVqgMAwDBABNWqkD
BABNWqwDBABNWq8DBABNWrEDBABNWrcDBABNWroDBADV0YMDBADV0YsDBADV0Zgw
DQYJKoZIhvcNAQELBQADggEBAIKGprqxoFDecawkGpJXwgfa7o7O3eqjfXFo4Mp6
kSXJJ1J5Np9ALhZfMU6ySoYnEyszcRm31xoRzTl/KpaqUo6ewSRUZ3FobNe04Pbc
ljfgYdlKJOgzePLuq2iHr1CF9yoNQ7ghMJW2Or5ek1aLaIoSwaq99VzNS/aZ+IKs
R+FqYOkr5Rk5z+o4SvhS5LYz0jRH2jOiZwtz+M2hNCwMqTpTXV3F1A6JSzOCA4zP
tEXQ0tzWId1Ndcpenbam4WMQTJEPkzIalyX2OoFspPs+PJQGufEWL8rh5gy3BdWv
WHkv1OCLUK8rrdUwOb5mMaqWm9dJdOdqU69Wbchblg5u0zo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org