Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/a_2-rHNsbkPryKytL_JEticxYh4.roa
File: a_2-rHNsbkPryKytL_JEticxYh4.roa (raw, json)
Hash identifier: stOz41K5gkpsY6BN9RvgqeEEOfKa+31qKGQo83/wNDE=
Subject key identifier: 6B:FD:BE:AC:73:6C:6E:43:EB:C8:AC:AD:2F:F2:44:B6:27:31:62:1E
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 07FFDB72
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/a_2-rHNsbkPryKytL_JEticxYh4.roa
Signing time: Thu 10 Mar 2022 19:09:08 +0000
ROA not before: Thu 10 Mar 2022 19:09:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213296
IP address blocks: 213.209.131.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.160.0/22 maxlen: 22
77.90.172.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.170.0/24 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.175.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
77.90.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134208370 (0x7ffdb72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 10 19:09:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bfdbeac736c6e43ebc8acad2ff244b62731621e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b8:21:5f:fa:3f:2b:d7:25:0d:31:28:aa:c1:
e7:c0:be:bd:27:52:24:36:ba:68:d7:f7:06:67:50:
71:a1:20:c3:0e:1b:eb:1e:6e:ec:ba:4a:1c:84:2a:
df:3c:a9:08:81:db:23:f5:89:8e:20:45:3d:70:35:
66:e8:e1:46:5b:71:9e:35:4e:32:54:4d:da:e2:aa:
08:f9:2e:35:0b:73:bb:06:3f:25:9e:cc:bb:23:1a:
ee:99:f6:6d:08:05:17:65:62:e1:ab:83:eb:5c:a4:
3f:62:2f:96:38:32:6c:93:4e:d0:70:26:0e:a5:e8:
a5:14:c9:6b:90:3d:0d:03:57:a9:91:9d:d0:49:a0:
d5:1a:e7:4b:50:70:7d:0e:5a:91:57:6d:96:0e:6c:
3a:c2:5e:67:e1:42:3f:d7:47:26:35:3c:90:e2:d0:
77:4e:ab:7e:5a:11:10:5a:50:80:b9:47:9a:a7:54:
89:0b:63:1e:26:8b:0f:59:db:69:ec:85:0a:81:6b:
83:cc:1c:aa:06:64:11:ed:82:5e:8e:9d:1d:f0:c6:
07:9f:b8:81:33:22:27:57:c6:c4:66:c8:88:9d:53:
0b:e9:df:99:45:3b:89:eb:de:6f:20:0e:94:a3:ae:
f5:e5:b3:30:f7:1e:c7:a3:f5:04:a9:31:59:f2:69:
90:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:FD:BE:AC:73:6C:6E:43:EB:C8:AC:AD:2F:F2:44:B6:27:31:62:1E
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/a_2-rHNsbkPryKytL_JEticxYh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.159.0-77.90.163.255
77.90.169.0-77.90.172.255
77.90.175.0/24
77.90.177.0/24
77.90.183.0/24
77.90.186.0/24
213.209.131.0/24
213.209.139.0/24
213.209.152.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:47:61:af:69:f2:f6:2a:ef:05:d4:91:97:08:8f:61:62:16:
89:cf:a5:46:28:40:12:cb:c3:fb:ee:2c:f4:5f:06:a8:68:ad:
dc:d5:87:33:29:4c:fc:e8:bc:59:2f:e1:06:da:cc:c8:9c:57:
4f:47:3b:43:a9:01:bd:1f:28:2e:99:a7:9d:87:6c:5c:66:30:
da:8b:87:2c:8e:7f:e2:fe:36:b0:e3:bf:c0:29:9c:d6:bc:1e:
50:c4:8b:1f:3d:a6:06:e2:52:b3:fd:2f:b7:1c:df:e3:4a:df:
c9:d4:34:39:ad:92:6a:3a:fc:8b:2a:3f:34:e7:5d:d9:a4:fc:
fd:b2:61:4a:39:9e:5f:87:96:4e:09:24:33:75:11:ad:2c:35:
57:1f:c7:d9:8c:bf:46:23:2f:e1:56:a3:f4:1b:35:ae:ff:09:
fc:41:e7:5f:27:7a:a3:db:f4:55:c6:da:02:d7:a6:88:38:1a:
50:2a:44:a7:d7:30:0d:b5:e9:cd:85:63:af:18:82:f0:73:c8:
c6:8f:f3:e6:ca:54:e5:24:57:22:15:a1:c3:10:76:32:25:a0:
23:ee:24:1b:2d:d3:92:48:0d:4e:fa:44:39:e1:b1:84:2c:e3:
7e:66:92:99:d5:e2:80:ea:b5:81:0d:45:e6:80:12:3c:16:fa:
82:f9:f1:95
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEB//bcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMx
MDE5MDkwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmJmZGJlYWM3MzZj
NmU0M2ViYzhhY2FkMmZmMjQ0YjYyNzMxNjIxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM24IV/6PyvXJQ0xKKrB58C+vSdSJDa6aNf3BmdQcaEgww4b
6x5u7LpKHIQq3zypCIHbI/WJjiBFPXA1ZujhRltxnjVOMlRN2uKqCPkuNQtzuwY/
JZ7MuyMa7pn2bQgFF2Vi4auD61ykP2IvljgybJNO0HAmDqXopRTJa5A9DQNXqZGd
0Emg1RrnS1BwfQ5akVdtlg5sOsJeZ+FCP9dHJjU8kOLQd06rfloREFpQgLlHmqdU
iQtjHiaLD1nbaeyFCoFrg8wcqgZkEe2CXo6dHfDGB5+4gTMiJ1fGxGbIiJ1TC+nf
mUU7ievebyAOlKOu9eWzMPcex6P1BKkxWfJpkKcCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBRr/b6sc2xuQ+vIrK0v8kS2JzFiHjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2FfMi1ySE5zYmtQcnlLeXRMX0pFdGljeFloNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wTAQCAAEwRjAMAwQATVqfAwQCTVqgMAwDBABNWqkD
BABNWqwDBABNWq8DBABNWrEDBABNWrcDBABNWroDBADV0YMDBADV0YsDBADV0Zgw
DQYJKoZIhvcNAQELBQADggEBAEtHYa9p8vYq7wXUkZcIj2FiFonPpUYoQBLLw/vu
LPRfBqhordzVhzMpTPzovFkv4QbazMicV09HO0OpAb0fKC6Zp52HbFxmMNqLhyyO
f+L+NrDjv8ApnNa8HlDEix89pgbiUrP9L7cc3+NK38nUNDmtkmo6/IsqPzTnXdmk
/P2yYUo5nl+Hlk4JJDN1Ea0sNVcfx9mMv0YjL+FWo/QbNa7/CfxB518neqPb9FXG
2gLXpog4GlAqRKfXMA216c2FY68YgvBzyMaP8+bKVOUkVyIVocMQdjIloCPuJBst
05JIDU76RDnhsYQs435mkpnV4oDqtYENReaAEjwW+oL58ZU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org