Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d1dBto-zw_G6rhQ-Yuac2rdG8AU.roa
File: d1dBto-zw_G6rhQ-Yuac2rdG8AU.roa (raw, json)
Hash identifier: ETgWuU/xON5NzKZ5mzMKv4D88I6Drwnv8Bp/VmWQawo=
Subject key identifier: 77:57:41:B6:8F:B3:C3:F1:BA:AE:14:3E:62:E6:9C:DA:B7:46:F0:05
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 078AECBE
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d1dBto-zw_G6rhQ-Yuac2rdG8AU.roa
Signing time: Tue 22 Feb 2022 09:41:18 +0000
ROA not before: Tue 22 Feb 2022 09:41:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.144.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126545086 (0x78aecbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 22 09:41:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=775741b68fb3c3f1baae143e62e69cdab746f005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:34:c9:12:05:07:2f:6e:4a:91:a4:05:7e:2b:
99:57:47:df:dd:07:9c:50:bb:5b:69:79:3a:be:1e:
68:13:d0:2d:cb:ca:49:20:99:cb:40:fe:95:0c:e1:
37:19:fc:9a:45:37:ff:ca:48:82:e6:8c:d8:ff:dd:
3b:09:03:63:bf:8b:79:83:5a:73:3b:24:26:3e:e8:
d5:eb:b9:bd:44:0c:92:52:78:2b:5d:ed:7c:c4:2e:
94:b7:36:0e:57:de:46:7d:e5:67:3b:c4:01:8e:50:
80:a0:0f:36:04:86:18:df:54:a7:88:d5:a4:e1:c6:
69:76:63:1a:a5:94:fd:69:6c:48:eb:f9:e7:53:02:
90:39:93:8d:23:e4:7b:d4:c3:22:10:10:1a:13:77:
90:96:4e:81:19:63:c4:6c:85:8d:fb:45:97:ce:23:
4b:d1:56:40:63:24:1c:18:f5:fe:29:19:59:1a:3a:
11:de:4a:2f:a1:da:7a:66:6d:01:65:2c:45:01:64:
f9:f1:f0:9f:a0:a9:1a:ca:27:29:f2:9e:4d:56:40:
c4:9b:59:b5:ba:e3:67:b5:31:d9:1f:05:7a:35:9c:
e2:d9:c8:12:c2:18:a5:3d:00:81:5b:d5:4b:67:ba:
9a:40:17:41:7d:0f:00:e0:bb:e5:f9:e7:cc:a9:c1:
47:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:57:41:B6:8F:B3:C3:F1:BA:AE:14:3E:62:E6:9C:DA:B7:46:F0:05
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d1dBto-zw_G6rhQ-Yuac2rdG8AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.164.0/24
77.90.173.0/24
185.230.15.0/24
213.209.144.0/24
213.209.146.0/24
213.209.151.0/24
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
34:e0:65:7a:2c:7d:b9:5c:71:9f:07:04:21:1b:58:a3:6d:65:
31:9a:9c:56:fe:4d:bc:42:80:2b:f1:2e:25:07:d6:df:07:2c:
ef:21:58:05:b8:da:b5:32:3a:8e:11:61:bd:5c:2e:21:a0:bc:
0d:62:30:e4:d4:89:cf:75:90:1c:62:19:f7:29:3a:e6:62:cf:
b8:35:b6:86:5e:01:1e:d4:1a:0d:67:51:cc:81:21:be:7c:7a:
76:0e:03:50:c0:4c:79:cd:7f:05:5a:fb:46:2e:f1:69:59:19:
5b:63:ba:62:3c:35:db:9a:c0:93:3b:67:81:87:57:b8:79:14:
ed:0e:32:e2:bd:88:fe:01:87:e3:35:e9:4d:e1:51:41:0a:ec:
b7:2a:3d:90:68:2c:37:08:78:b8:10:a3:0b:86:04:59:ca:17:
f6:a9:02:6c:c8:73:07:45:48:32:fb:4a:43:9b:31:44:f0:dd:
c6:5d:46:3d:e6:8e:73:91:9e:ed:89:74:1c:ec:e4:e0:fc:2f:
1c:16:e0:66:5d:86:23:61:29:2a:85:0d:ff:83:5e:f4:7b:18:
68:0d:bd:4c:0b:38:49:79:70:a7:12:3c:41:ca:77:d8:4c:13:
24:4b:8b:4f:9b:3e:fb:3a:19:44:fe:6d:58:14:8e:cd:b2:71:
f0:96:52:53
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEB4rsvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDIy
MjA5NDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc1NzQxYjY4ZmIz
YzNmMWJhYWUxNDNlNjJlNjljZGFiNzQ2ZjAwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJs0yRIFBy9uSpGkBX4rmVdH390HnFC7W2l5Or4eaBPQLcvK
SSCZy0D+lQzhNxn8mkU3/8pIguaM2P/dOwkDY7+LeYNaczskJj7o1eu5vUQMklJ4
K13tfMQulLc2DlfeRn3lZzvEAY5QgKAPNgSGGN9Up4jVpOHGaXZjGqWU/WlsSOv5
51MCkDmTjSPke9TDIhAQGhN3kJZOgRljxGyFjftFl84jS9FWQGMkHBj1/ikZWRo6
Ed5KL6HaemZtAWUsRQFk+fHwn6CpGsonKfKeTVZAxJtZtbrjZ7Ux2R8FejWc4tnI
EsIYpT0AgVvVS2e6mkAXQX0PAOC75fnnzKnBRwUCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBR3V0G2j7PD8bquFD5i5pzat0bwBTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2QxZEJ0by16d19HNnJoUS1ZdWFjMnJkRzhBVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAE1apAMEAE1arQMEALnmDwMEANXR
kAMEANXRkgMEANXRlwMEANXRnjANBgkqhkiG9w0BAQsFAAOCAQEANOBleix9uVxx
nwcEIRtYo21lMZqcVv5NvEKAK/EuJQfW3wcs7yFYBbjatTI6jhFhvVwuIaC8DWIw
5NSJz3WQHGIZ9yk65mLPuDW2hl4BHtQaDWdRzIEhvnx6dg4DUMBMec1/BVr7Ri7x
aVkZW2O6Yjw125rAkztngYdXuHkU7Q4y4r2I/gGH4zXpTeFRQQrstyo9kGgsNwh4
uBCjC4YEWcoX9qkCbMhzB0VIMvtKQ5sxRPDdxl1GPeaOc5Ge7Yl0HOzk4PwvHBbg
Zl2GI2EpKoUN/4Ne9HsYaA29TAs4SXlwpxI8Qcp32EwTJEuLT5s++zoZRP5tWBSO
zbJx8JZSUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org