Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lfbquCEaBm3YH4Rm-lniyn_1CFk.roa
File: lfbquCEaBm3YH4Rm-lniyn_1CFk.roa (raw, json)
Hash identifier: vcPKIvgM7iyVTijsNNVoXvW7Uno3uLsZRde15C0fXjg=
Subject key identifier: 95:F6:EA:B8:21:1A:06:6D:D8:1F:84:66:FA:59:E2:CA:7F:F5:08:59
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018372116F5AFC3AC8B303062B23A1EFA5DD
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lfbquCEaBm3YH4Rm-lniyn_1CFk.roa
Signing time: Sun 25 Sep 2022 00:34:48 +0000
ROA not before: Sun 25 Sep 2022 00:34:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 213.209.136.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:72:11:6f:5a:fc:3a:c8:b3:03:06:2b:23:a1:ef:a5:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 25 00:34:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95f6eab8211a066dd81f8466fa59e2ca7ff50859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ef:2f:21:ce:46:91:fb:37:c2:cb:91:e8:de:
75:b5:e2:e3:b0:01:4f:ed:5f:9e:45:67:05:f2:cd:
ff:a8:d2:f6:18:27:f3:98:dc:00:7e:0e:59:5b:9e:
05:7a:4f:6c:0d:38:3c:1a:c3:bd:ef:e8:17:2b:6f:
67:46:d2:a3:52:45:d4:2f:00:9b:11:92:d5:f8:8d:
d2:4a:8d:95:4c:55:8a:d0:73:b1:a3:09:67:a4:f8:
a9:5c:d4:75:89:c4:1f:b0:c7:ac:c6:68:59:e6:23:
2e:56:b6:5e:dd:76:2d:b9:9a:cc:30:17:b5:e5:d4:
4c:3f:fc:45:c0:ea:79:22:0a:40:69:73:0d:d3:c5:
0c:30:ef:9d:5a:49:b1:90:65:76:0b:e3:e8:82:31:
a5:ae:65:1b:5e:19:44:2a:f5:b2:31:a6:e4:5f:98:
85:be:08:7b:20:d5:7d:b4:3c:1e:44:5f:e6:0b:72:
eb:2b:b7:d0:59:55:a2:ad:85:86:0b:24:74:a4:5e:
97:bb:0a:ba:4b:33:ad:66:77:6c:33:4c:35:d5:26:
55:49:49:cc:cf:86:4a:6f:87:fe:fa:a1:f9:52:f5:
72:4e:ed:6d:7c:1b:d0:b5:08:71:40:5b:18:93:05:
d3:78:7c:cf:f1:f4:d6:6d:c5:ed:37:d3:e7:29:d4:
60:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F6:EA:B8:21:1A:06:6D:D8:1F:84:66:FA:59:E2:CA:7F:F5:08:59
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lfbquCEaBm3YH4Rm-lniyn_1CFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.178.0/24
77.90.185.0/24
185.230.13.0-185.230.14.255
213.209.136.0/24
213.209.146.0/24
213.209.156.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:42:1a:65:89:a4:4e:72:f8:e7:a1:42:e2:6e:f5:70:ba:06:
6e:a8:48:6d:d7:a2:7e:ef:2b:25:a3:00:9e:e2:98:df:34:ca:
79:10:b9:92:9f:4a:f3:f8:b1:f0:f8:87:c5:af:8f:a4:e0:73:
44:1d:68:b9:70:88:17:70:75:9c:7d:2c:c0:e4:5b:12:00:43:
97:5d:65:de:04:b1:16:0b:d1:64:d1:45:0b:99:bd:4b:68:06:
83:4b:e4:5d:c9:5c:e8:4f:b8:d3:54:3a:45:a5:39:c0:0e:b7:
37:9b:87:49:97:b7:33:b2:88:da:d4:34:ab:50:cf:c1:14:ea:
b0:36:6b:39:84:d3:3c:75:44:ed:dd:fe:ee:1f:36:2b:e8:46:
ea:7d:b8:8c:e6:40:a6:41:a9:f2:4e:b6:b1:26:0d:bc:1b:54:
ce:8e:bb:29:a2:dc:93:0e:7b:64:cd:83:fa:d8:5b:ea:92:8e:
65:74:09:eb:4c:56:2a:73:80:10:a6:a0:c4:fe:12:a2:5a:70:
4d:bb:b0:2b:fc:c2:d2:b5:27:fd:03:40:15:72:96:c7:a3:09:
e1:6a:ab:fa:26:20:f8:01:b8:03:b3:ed:7a:f0:53:36:4d:29:
39:05:3b:07:40:a1:58:56:b9:3f:ac:7b:db:df:bc:f2:2a:59:
2d:9f:68:47
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYNyEW9a/DrIswMGKyOh76XdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwOTI1MDAzNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWY2ZWFiODIxMWEwNjZkZDgxZjg0NjZmYTU5ZTJjYTdmZjUwODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8O8vIc5Gkfs3wsuR6N51teLjsAFP
7V+eRWcF8s3/qNL2GCfzmNwAfg5ZW54Fek9sDTg8GsO97+gXK29nRtKjUkXULwCb
EZLV+I3SSo2VTFWK0HOxowlnpPipXNR1icQfsMesxmhZ5iMuVrZe3XYtuZrMMBe1
5dRMP/xFwOp5IgpAaXMN08UMMO+dWkmxkGV2C+PogjGlrmUbXhlEKvWyMabkX5iF
vgh7INV9tDweRF/mC3LrK7fQWVWirYWGCyR0pF6Xuwq6SzOtZndsM0w11SZVSUnM
z4ZKb4f++qH5UvVyTu1tfBvQtQhxQFsYkwXTeHzP8fTWbcXtN9PnKdRg5wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJX26rghGgZt2B+EZvpZ4sp/9QhZMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbGZicXVDRWFCbTNZSDRSbS1sbml5bl8xQ0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQATVqyAwQA
TVq5MAwDBAC55g0DBAC55g4DBADV0YgDBADV0ZIDBADV0ZwwDQYJKoZIhvcNAQEL
BQADggEBAG5CGmWJpE5y+OehQuJu9XC6Bm6oSG3Xon7vKyWjAJ7imN80ynkQuZKf
SvP4sfD4h8Wvj6Tgc0QdaLlwiBdwdZx9LMDkWxIAQ5ddZd4EsRYL0WTRRQuZvUto
BoNL5F3JXOhPuNNUOkWlOcAOtzebh0mXtzOyiNrUNKtQz8EU6rA2azmE0zx1RO3d
/u4fNivoRup9uIzmQKZBqfJOtrEmDbwbVM6Ouymi3JMOe2TNg/rYW+qSjmV0CetM
VipzgBCmoMT+EqJacE27sCv8wtK1J/0DQBVylsejCeFqq/omIPgBuAOz7XrwUzZN
KTkFOwdAoVhWuT+se9vfvPIqWS2faEc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org