Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bWqQYqOupAK48qav6tx90UQXoEQ.roa
File: bWqQYqOupAK48qav6tx90UQXoEQ.roa (raw, json)
Hash identifier: uZIyONiQ+S6YTnQB9kRvFQpsobFiysjAiq90gPCTmfA=
Subject key identifier: 6D:6A:90:62:A3:AE:A4:02:B8:F2:A6:AF:EA:DC:7D:D1:44:17:A0:44
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 076858CE
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bWqQYqOupAK48qav6tx90UQXoEQ.roa
Signing time: Thu 10 Feb 2022 11:33:32 +0000
ROA not before: Thu 10 Feb 2022 11:33:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.144.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124278990 (0x76858ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 10 11:33:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d6a9062a3aea402b8f2a6afeadc7dd14417a044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:db:5d:59:79:6b:68:1e:ba:01:02:29:65:79:
86:3f:98:99:44:7b:6f:9d:52:37:2e:64:96:80:f7:
26:ba:3c:14:c7:b2:5f:b6:84:c7:e6:d7:e7:89:7f:
f0:51:d2:0c:c7:31:ec:aa:b7:80:51:5a:f7:6e:02:
b5:89:43:19:d9:c7:fc:62:bf:32:9c:72:48:f4:c2:
2f:bd:88:5b:c0:64:b7:4b:b2:2c:dd:0b:be:e3:8b:
cd:df:42:c5:e7:a5:5b:d7:8b:79:90:17:fc:85:af:
cb:7b:9d:43:44:85:41:3f:33:57:c6:4a:34:b9:1b:
a2:5d:a2:5e:c9:67:d7:9a:ad:32:f5:77:c5:75:a4:
dd:94:32:63:b1:ba:a6:b4:69:c8:e6:8d:55:d5:d5:
0b:6a:14:d1:ad:d0:3a:76:71:d1:98:90:d6:8d:51:
90:ec:31:7c:bf:aa:c5:b8:33:fe:41:66:bc:2a:e5:
ac:bf:ce:cf:2e:0a:f5:69:e0:ab:d0:88:81:8e:07:
3f:55:fb:98:2b:f4:24:8a:ba:63:aa:12:93:f9:2e:
ec:d8:83:67:24:55:66:c8:60:77:e4:a0:77:4f:50:
e7:27:7c:d7:30:cd:74:6f:6e:5b:ae:4e:1b:55:9a:
03:18:f8:7a:27:1e:92:7c:ce:7c:36:b1:76:a7:78:
cd:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6A:90:62:A3:AE:A4:02:B8:F2:A6:AF:EA:DC:7D:D1:44:17:A0:44
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bWqQYqOupAK48qav6tx90UQXoEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
77.90.157.0/24
77.90.164.0/24
77.90.173.0/24
185.230.15.0/24
213.209.144.0/24
213.209.146.0/24
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
38:0f:6d:4a:c8:c0:cf:af:fd:70:68:3f:5b:40:57:7e:a1:e4:
e8:6d:b2:0b:00:03:1d:72:f4:fe:4f:c2:49:51:9d:41:cd:5f:
72:48:e0:cc:49:10:37:2b:96:25:31:a8:74:8f:6a:f3:a6:87:
75:fe:93:b9:a9:52:fa:dc:00:4f:82:87:65:56:a5:a5:6d:a6:
0a:78:f3:a6:e2:8d:d0:ca:a1:1f:8e:a9:14:b4:c7:b7:d9:92:
0d:3d:07:a5:b5:c4:85:e0:79:55:31:20:2f:60:49:d8:c0:d4:
69:60:96:c7:20:15:d7:40:f6:d7:4c:2d:85:03:b2:c3:90:88:
1d:92:7c:aa:56:71:56:56:34:6f:30:7e:4c:df:ed:b4:bd:4b:
a2:8d:28:d6:69:8d:ac:af:e1:26:af:3d:47:59:9e:df:97:c2:
30:24:bb:1e:11:b3:89:2c:76:e7:52:c1:bc:97:5a:82:bb:45:
48:03:5d:97:bf:b9:58:7f:eb:8b:1e:b3:a3:7b:45:18:54:03:
41:dd:a4:91:71:8b:3b:17:18:42:3b:ec:6b:a9:37:4c:21:31:
b9:fe:07:27:4a:d2:99:5e:db:82:5f:36:64:bf:c5:1a:11:59:
ad:c9:88:f2:f4:14:da:9b:42:ac:50:ef:65:51:2e:90:08:c0:
84:47:9e:66
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEB2hYzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDIx
MDExMzMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ2YTkwNjJhM2Fl
YTQwMmI4ZjJhNmFmZWFkYzdkZDE0NDE3YTA0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTbXVl5a2geugECKWV5hj+YmUR7b51SNy5kloD3Jro8FMey
X7aEx+bX54l/8FHSDMcx7Kq3gFFa924CtYlDGdnH/GK/MpxySPTCL72IW8Bkt0uy
LN0LvuOLzd9CxeelW9eLeZAX/IWvy3udQ0SFQT8zV8ZKNLkbol2iXsln15qtMvV3
xXWk3ZQyY7G6prRpyOaNVdXVC2oU0a3QOnZx0ZiQ1o1RkOwxfL+qxbgz/kFmvCrl
rL/Ozy4K9Wngq9CIgY4HP1X7mCv0JIq6Y6oSk/ku7NiDZyRVZshgd+Sgd09Q5yd8
1zDNdG9uW65OG1WaAxj4eiceknzOfDaxdqd4zW0CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBRtapBio66kArjypq/q3H3RRBegRDAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2JXcVFZcU91cEFLNDhxYXY2dHg5MFVRWG9FUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAE1amQMEAE1anQMEAE1apAMEAE1a
rQMEALnmDwMEANXRkAMEANXRkgMEANXRnjANBgkqhkiG9w0BAQsFAAOCAQEAOA9t
SsjAz6/9cGg/W0BXfqHk6G2yCwADHXL0/k/CSVGdQc1fckjgzEkQNyuWJTGodI9q
86aHdf6TualS+twAT4KHZValpW2mCnjzpuKN0MqhH46pFLTHt9mSDT0HpbXEheB5
VTEgL2BJ2MDUaWCWxyAV10D210wthQOyw5CIHZJ8qlZxVlY0bzB+TN/ttL1Loo0o
1mmNrK/hJq89R1me35fCMCS7HhGziSx251LBvJdagrtFSANdl7+5WH/rix6zo3tF
GFQDQd2kkXGLOxcYQjvsa6k3TCExuf4HJ0rSmV7bgl82ZL/FGhFZrcmI8vQU2ptC
rFDvZVEukAjAhEeeZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org