Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/i5YZrYty6jqyP3MzFJCDgYkccwI.roa
File: i5YZrYty6jqyP3MzFJCDgYkccwI.roa (raw, json)
Hash identifier: SGIjorrt7pvFweSMhdCqFk79XS+YhPqcYlpT3hKwZT0=
Subject key identifier: 8B:96:19:AD:8B:72:EA:3A:B2:3F:73:33:14:90:83:81:89:1C:73:02
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09326FFE
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/i5YZrYty6jqyP3MzFJCDgYkccwI.roa
Signing time: Wed 18 May 2022 11:48:17 +0000
ROA not before: Wed 18 May 2022 11:48:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 77.90.188.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154300414 (0x9326ffe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 18 11:48:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b9619ad8b72ea3ab23f733314908381891c7302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:93:84:8f:70:4a:e7:b0:9d:d6:ea:d3:d9:d3:
8d:ed:9f:89:17:4d:d3:81:9c:78:1e:45:07:69:37:
02:0c:9e:75:25:b5:9e:7d:cb:b3:15:70:e9:d9:75:
c1:b1:17:0c:02:5c:bd:7f:59:67:2e:44:32:a0:96:
1c:cc:d7:0c:57:d1:4d:4f:29:f1:b7:3f:5a:c0:31:
d5:82:85:aa:32:ff:fe:58:ef:b8:f3:ce:9c:7d:14:
13:d3:46:dc:4c:4e:f5:aa:1e:60:9c:af:f5:75:ae:
9f:8e:52:78:4f:f4:e3:9b:ce:2a:1b:25:b9:ba:1d:
74:bd:13:db:10:ac:53:cc:6d:84:aa:9f:83:fc:8a:
8a:7b:a5:8c:7e:63:10:95:c7:86:6d:60:cf:a3:c1:
3a:58:96:b7:b8:ae:57:71:ea:42:a9:a8:2e:89:86:
6d:4e:c1:3d:1f:80:68:50:72:51:8e:65:3d:ad:92:
f7:b0:7d:d4:46:74:11:c3:7d:de:5e:b3:34:0a:5f:
82:99:07:e0:8e:ce:df:a8:f2:e2:0a:25:fc:b5:73:
b7:71:d5:dd:28:fa:f5:96:a8:42:4b:1d:a3:5b:c2:
6a:35:43:1a:56:ec:e0:7e:e8:5c:10:de:60:42:da:
4c:e0:e5:46:19:44:ea:e3:07:fa:a1:d2:5c:d9:a8:
0e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:96:19:AD:8B:72:EA:3A:B2:3F:73:33:14:90:83:81:89:1C:73:02
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/i5YZrYty6jqyP3MzFJCDgYkccwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.155.0-77.90.156.255
77.90.173.0/24
77.90.184.0/24
77.90.188.0/24
185.230.15.0/24
213.209.134.0/24
213.209.157.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:3c:de:9a:78:09:16:06:0a:93:de:a8:fe:66:76:c4:3b:05:
75:d3:3b:34:ae:6b:71:b5:29:d9:3d:9f:a3:4c:b7:0d:eb:48:
39:f4:29:06:53:55:92:92:6b:c2:21:6f:98:14:7a:37:17:e5:
79:81:8f:00:0c:d6:71:65:93:d1:63:bb:ba:fc:2f:7f:07:00:
d2:3c:87:ed:8b:e4:88:bc:28:d4:e6:3a:d9:99:23:1a:34:b7:
53:ca:ab:2d:34:2c:53:6c:48:67:56:fc:2c:7e:dd:f1:79:bd:
da:8d:94:ef:75:a3:b3:56:ab:b5:63:93:5b:df:8a:94:a0:00:
bb:57:14:3b:12:91:d7:e3:a9:ec:16:43:cc:ae:74:07:92:8f:
0a:91:2d:6c:41:b8:86:f8:27:b5:bd:28:3b:69:8f:85:a6:bc:
31:aa:20:af:4b:2d:7b:d6:9c:e7:d0:e6:1a:70:5a:5e:0c:8e:
fe:28:20:c9:0d:e3:18:bf:9a:c9:67:64:39:10:a9:23:58:3d:
f1:7d:51:1b:19:ef:0d:08:7c:3c:12:75:da:4f:ff:fc:75:66:
24:fc:94:01:5b:41:d3:53:20:21:c9:f7:dc:63:20:60:e1:97:
0c:e5:d8:2b:a3:57:d3:9d:1a:ae:aa:fd:a0:52:55:74:02:f2:
2c:64:3e:94
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIECTJv/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUx
ODExNDgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI5NjE5YWQ4Yjcy
ZWEzYWIyM2Y3MzMzMTQ5MDgzODE4OTFjNzMwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmThI9wSuewndbq09nTje2fiRdN04GceB5FB2k3AgyedSW1
nn3LsxVw6dl1wbEXDAJcvX9ZZy5EMqCWHMzXDFfRTU8p8bc/WsAx1YKFqjL//ljv
uPPOnH0UE9NG3ExO9aoeYJyv9XWun45SeE/045vOKhsluboddL0T2xCsU8xthKqf
g/yKinuljH5jEJXHhm1gz6PBOliWt7iuV3HqQqmoLomGbU7BPR+AaFByUY5lPa2S
97B91EZ0EcN93l6zNApfgpkH4I7O36jy4gol/LVzt3HV3Sj69ZaoQksdo1vCajVD
Glbs4H7oXBDeYELaTODlRhlE6uMH+qHSXNmoDocCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBSLlhmti3LqOrI/czMUkIOBiRxzAjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2k1WVpyWXR5NmpxeVAzTXpGSkNEZ1lrY2N3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMjAMAwQATVqbAwQATVqcAwQATVqtAwQA
TVq4AwQATVq8AwQAueYPAwQA1dGGAwQA1dGdMA0GCSqGSIb3DQEBCwUAA4IBAQC0
PN6aeAkWBgqT3qj+ZnbEOwV10zs0rmtxtSnZPZ+jTLcN60g59CkGU1WSkmvCIW+Y
FHo3F+V5gY8ADNZxZZPRY7u6/C9/BwDSPIfti+SIvCjU5jrZmSMaNLdTyqstNCxT
bEhnVvwsft3xeb3ajZTvdaOzVqu1Y5Nb34qUoAC7VxQ7EpHX46nsFkPMrnQHko8K
kS1sQbiG+Ce1vSg7aY+FprwxqiCvSy171pzn0OYacFpeDI7+KCDJDeMYv5rJZ2Q5
EKkjWD3xfVEbGe8NCHw8EnXaT//8dWYk/JQBW0HTUyAhyffcYyBg4ZcM5dgro1fT
nRquqv2gUlV0AvIsZD6U
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org