Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bpqqqGZMFmxEtENnTCVDnDSYeqU.roa
File: bpqqqGZMFmxEtENnTCVDnDSYeqU.roa (raw, json)
Hash identifier: yPUhvgg4Rp+JsN1B+HuD+66jb65RCUsg2QuAOi0vzHw=
Subject key identifier: 6E:9A:AA:A8:66:4C:16:6C:44:B4:43:67:4C:25:43:9C:34:98:7A:A5
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0951D084
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bpqqqGZMFmxEtENnTCVDnDSYeqU.roa
Signing time: Thu 26 May 2022 15:34:13 +0000
ROA not before: Thu 26 May 2022 15:34:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 185.230.14.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156356740 (0x951d084)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 26 15:34:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e9aaaa8664c166c44b443674c25439c34987aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0e:d7:4e:46:1d:de:8f:98:58:1e:4f:fc:64:
52:66:78:64:4a:e9:6c:b1:4e:4e:83:de:d2:1e:fa:
bb:0a:34:c9:b9:3e:04:1c:e5:e6:94:c0:d7:9e:cd:
b6:46:57:3f:1b:80:58:00:27:72:3e:9a:9f:68:b0:
30:d9:1c:1c:a1:7d:4c:92:f7:89:f6:be:cc:7d:b5:
bb:0f:bb:b3:de:b0:ee:7f:d9:a9:9d:82:98:a5:47:
d9:4d:e5:89:04:ad:9c:ad:90:34:3f:a7:f6:be:e7:
8d:6c:30:b1:80:c0:0f:92:fa:70:3c:0f:11:4b:f8:
69:bb:be:6d:dc:0d:da:05:21:4f:d6:ce:eb:24:90:
77:6a:a1:79:19:26:24:55:76:99:88:89:d8:dd:7b:
45:78:a1:4e:ef:8e:13:84:00:e9:b3:fc:95:51:b1:
38:89:d2:6d:43:de:90:18:a5:47:b5:67:df:0e:1c:
18:9f:21:57:ca:a7:fe:7d:af:d0:5c:d9:e0:4b:23:
0e:56:42:ec:8c:43:3b:ba:23:9e:3b:e5:bb:1d:69:
e0:e2:36:4d:44:1b:9b:d7:4d:bf:a4:09:99:01:be:
ee:a3:2d:ae:74:2b:12:1f:58:ce:84:89:d2:99:7a:
79:76:ee:cf:91:d7:fc:ca:97:bf:27:bb:e2:c1:eb:
9b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:9A:AA:A8:66:4C:16:6C:44:B4:43:67:4C:25:43:9C:34:98:7A:A5
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bpqqqGZMFmxEtENnTCVDnDSYeqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.138.0/24
77.90.149.0-77.90.150.255
77.90.153.0/24
77.90.179.0/24
77.90.185.0/24
185.230.14.0/24
213.209.129.0/24
213.209.143.0/24
213.209.145.0-213.209.147.255
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:0b:77:c7:5b:af:97:d4:e1:2e:0f:ae:46:a5:22:16:cf:a2:
93:9b:98:ff:03:0b:60:93:12:40:b2:43:48:e5:7b:dd:5f:20:
de:95:0e:df:ea:7d:7d:18:e2:17:87:14:de:17:9e:c5:12:a3:
9b:10:bb:5f:ca:3b:84:25:3f:58:b9:af:9b:ef:50:e0:7a:96:
93:da:0e:27:4d:eb:23:a7:f2:11:2d:6b:b9:70:c8:ab:6c:2e:
70:22:c2:5a:e1:17:da:73:57:1e:d8:18:6b:75:d1:52:d8:f2:
d9:96:8b:a3:30:1b:2e:b5:e6:fe:28:18:56:18:0e:a7:e9:ce:
fc:5e:59:2b:17:ad:4c:1c:f6:3b:1a:44:18:0a:ac:5e:14:85:
09:05:af:21:99:d1:b9:1e:fb:f4:c4:a4:dd:39:16:0a:d3:e4:
81:f9:bb:72:f2:9c:cb:86:08:a8:29:d7:d7:be:c4:3d:86:ae:
0d:23:40:b8:55:44:53:d1:fc:f5:b1:15:b7:c7:69:05:55:1e:
46:20:cd:ff:2f:a2:95:f9:cf:5f:07:a3:9c:90:91:26:d6:bc:
6f:ea:84:c1:18:31:c4:73:3d:e6:c7:f1:89:0c:9a:f4:a0:e3:
8f:a9:b1:44:7e:5e:69:5b:40:28:86:1b:f3:26:9f:4c:1d:b5:
45:0b:f5:13
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIECVHQhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUy
NjE1MzQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmU5YWFhYTg2NjRj
MTY2YzQ0YjQ0MzY3NGMyNTQzOWMzNDk4N2FhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIO105GHd6PmFgeT/xkUmZ4ZErpbLFOToPe0h76uwo0ybk+
BBzl5pTA157NtkZXPxuAWAAncj6an2iwMNkcHKF9TJL3ifa+zH21uw+7s96w7n/Z
qZ2CmKVH2U3liQStnK2QND+n9r7njWwwsYDAD5L6cDwPEUv4abu+bdwN2gUhT9bO
6ySQd2qheRkmJFV2mYiJ2N17RXihTu+OE4QA6bP8lVGxOInSbUPekBilR7Vn3w4c
GJ8hV8qn/n2v0FzZ4EsjDlZC7IxDO7ojnjvlux1p4OI2TUQbm9dNv6QJmQG+7qMt
rnQrEh9YzoSJ0pl6eXbuz5HX/MqXvye74sHrm3MCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBRumqqoZkwWbES0Q2dMJUOcNJh6pTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2JwcXFxR1pNRm14RXRFTm5UQ1ZEbkRTWWVxVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwUgQCAAEwTAMEAE1aijAMAwQATVqVAwQATVqWAwQA
TVqZAwQATVqzAwQATVq5AwQAueYOAwQA1dGBAwQA1dGPMAwDBADV0ZEDBALV0ZAD
BADV0Z4wDQYJKoZIhvcNAQELBQADggEBAHwLd8dbr5fU4S4PrkalIhbPopObmP8D
C2CTEkCyQ0jle91fIN6VDt/qfX0Y4heHFN4XnsUSo5sQu1/KO4QlP1i5r5vvUOB6
lpPaDidN6yOn8hEta7lwyKtsLnAiwlrhF9pzVx7YGGt10VLY8tmWi6MwGy615v4o
GFYYDqfpzvxeWSsXrUwc9jsaRBgKrF4UhQkFryGZ0bke+/TEpN05FgrT5IH5u3Ly
nMuGCKgp19e+xD2Grg0jQLhVRFPR/PWxFbfHaQVVHkYgzf8vopX5z18Ho5yQkSbW
vG/qhMEYMcRzPebH8YkMmvSg44+psUR+XmlbQCiGG/Mmn0wdtUUL9RM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org