Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Z9_dkdsqVbyTmnikwXU_bKNAN3I.roa
File: Z9_dkdsqVbyTmnikwXU_bKNAN3I.roa (raw, json)
Hash identifier: YqHS7oq7O1p7MdJMpGTb+ThdlLTR9mc1UUPwCChoHgo=
Subject key identifier: 67:DF:DD:91:DB:2A:55:BC:93:9A:78:A4:C1:75:3F:6C:A3:40:37:72
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01820126B48746DDA9A9B3C137C8E60D72AD
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Z9_dkdsqVbyTmnikwXU_bKNAN3I.roa
Signing time: Fri 15 Jul 2022 09:18:09 +0000
ROA not before: Fri 15 Jul 2022 09:18:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.159.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:26:b4:87:46:dd:a9:a9:b3:c1:37:c8:e6:0d:72:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 15 09:18:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67dfdd91db2a55bc939a78a4c1753f6ca3403772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9c:38:66:43:f8:bc:64:b0:55:44:5a:ac:c0:
b7:bf:a6:c8:ac:9c:24:56:05:a1:bf:39:d9:71:5f:
66:0e:b3:b8:98:5f:2b:5c:58:68:79:2e:fd:21:2f:
c9:82:02:8c:61:8e:8c:fb:fd:05:a4:dc:0e:7f:13:
34:f8:e2:ed:02:2b:10:c8:57:fe:85:ae:7d:f6:5f:
3d:93:88:30:3d:13:23:87:82:37:3e:d1:7e:5e:7c:
a0:1e:fe:c0:f4:bf:68:46:b4:79:ed:5c:19:ff:45:
bc:4b:94:62:19:f7:6c:ac:64:34:6d:2d:f1:69:c9:
33:0e:12:4e:2a:ca:4d:53:30:f3:25:dc:aa:77:ae:
8f:07:23:31:f6:47:6f:80:b3:97:0a:13:57:86:89:
8b:77:a9:46:51:ee:55:54:ea:dd:5a:ca:93:de:71:
96:da:99:eb:0e:9f:06:64:3a:3a:7e:15:ac:f9:67:
c3:15:ee:85:d3:d7:85:d0:f9:01:38:9b:52:cf:ca:
b0:58:11:e5:54:5f:a9:63:94:46:3c:7d:f6:c8:2b:
25:bc:7b:5c:00:4a:ef:db:62:3b:6b:74:c4:da:f4:
ed:6b:d7:33:9d:35:2f:22:1e:0a:11:a0:7d:64:4f:
ca:ee:86:6c:6e:ad:07:d0:0c:d5:f7:40:f2:e8:6f:
cf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DF:DD:91:DB:2A:55:BC:93:9A:78:A4:C1:75:3F:6C:A3:40:37:72
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Z9_dkdsqVbyTmnikwXU_bKNAN3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.155.0/24
77.90.184.0/24
185.230.12.0/24
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
30:9c:51:bd:b3:b6:64:ca:a9:61:8d:62:9a:f0:13:d4:e9:36:
67:d8:6f:36:2d:1c:13:37:9e:76:c6:dd:ee:2d:be:b2:21:f0:
d0:b9:1f:75:b5:e5:6c:4d:88:92:6a:c1:4b:eb:e9:c8:52:d9:
03:49:07:34:81:85:57:e1:0b:c6:ca:06:b7:fc:34:98:b1:97:
e3:57:63:8d:d8:a1:be:bd:77:fa:39:34:a4:bb:1d:7e:99:f5:
64:8d:2a:62:d2:82:8b:4c:5f:4b:00:0a:01:92:54:2d:19:23:
76:f9:4f:c7:16:e4:35:c3:fb:8c:25:e8:98:ce:b0:af:e3:98:
40:14:59:5a:80:be:43:a5:a4:5b:16:32:8d:fa:4f:a9:f9:55:
d3:d5:4b:19:8a:fa:f2:c7:86:73:4b:6b:ef:66:12:23:62:d3:
72:71:79:4f:0b:7f:6a:e9:cd:ad:2f:f2:c6:db:8a:43:99:42:
60:c5:09:71:21:0a:f6:3f:2f:0a:9b:1e:5e:19:b0:eb:dd:a3:
26:48:4b:1a:4b:27:5d:11:ee:ae:fd:b2:99:69:3a:7c:69:48:
1c:c6:17:dd:f9:46:52:af:ac:d2:33:fc:1c:61:75:df:76:6a:
17:6e:31:2d:61:39:14:37:f6:0b:bb:ee:c5:1c:8a:04:c4:32:
cb:9f:b5:11
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYIBJrSHRt2pqbPBN8jmDXKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzE1MDkxODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2RmZGQ5MWRiMmE1NWJjOTM5YTc4YTRjMTc1M2Y2Y2EzNDAzNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5w4ZkP4vGSwVURarMC3v6bIrJwk
VgWhvznZcV9mDrO4mF8rXFhoeS79IS/JggKMYY6M+/0FpNwOfxM0+OLtAisQyFf+
ha599l89k4gwPRMjh4I3PtF+XnygHv7A9L9oRrR57VwZ/0W8S5RiGfdsrGQ0bS3x
ackzDhJOKspNUzDzJdyqd66PByMx9kdvgLOXChNXhomLd6lGUe5VVOrdWsqT3nGW
2pnrDp8GZDo6fhWs+WfDFe6F09eF0PkBOJtSz8qwWBHlVF+pY5RGPH32yCslvHtc
AErv22I7a3TE2vTta9cznTUvIh4KEaB9ZE/K7oZsbq0H0AzV90Dy6G/PtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGff3ZHbKlW8k5p4pMF1P2yjQDdyMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvWjlfZGtkc3FWYnlUbW5pa3dYVV9iS05BTjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqbAwQA
TVq4AwQAueYMAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQAwnFG9s7ZkyqlhjWKa
8BPU6TZn2G82LRwTN552xt3uLb6yIfDQuR91teVsTYiSasFL6+nIUtkDSQc0gYVX
4QvGyga3/DSYsZfjV2ON2KG+vXf6OTSkux1+mfVkjSpi0oKLTF9LAAoBklQtGSN2
+U/HFuQ1w/uMJeiYzrCv45hAFFlagL5DpaRbFjKN+k+p+VXT1UsZivryx4ZzS2vv
ZhIjYtNycXlPC39q6c2tL/LG24pDmUJgxQlxIQr2Py8Kmx5eGbDr3aMmSEsaSydd
Ee6u/bKZaTp8aUgcxhfd+UZSr6zSM/wcYXXfdmoXbjEtYTkUN/YLu+7FHIoExDLL
n7UR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org