Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nB-FXb8GcTSi970wOST9fPJ_YaY.roa
File: nB-FXb8GcTSi970wOST9fPJ_YaY.roa (raw, json)
Hash identifier: wXNjQezbQYWZWy+seaI4+jqinEZKvACDWLOsb8pj1oY=
Subject key identifier: 9C:1F:85:5D:BF:06:71:34:A2:F7:BD:30:39:24:FD:7C:F2:7F:61:A6
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 099D5D52
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nB-FXb8GcTSi970wOST9fPJ_YaY.roa
Signing time: Tue 14 Jun 2022 17:02:44 +0000
ROA not before: Tue 14 Jun 2022 17:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 213.209.135.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161307986 (0x99d5d52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 14 17:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c1f855dbf067134a2f7bd303924fd7cf27f61a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3a:17:05:f9:eb:0d:7a:94:56:46:8c:34:64:
46:99:1d:09:7c:e4:2b:4b:2e:70:8b:2e:d5:f5:7f:
7e:9b:9a:77:bc:3b:f8:81:5c:40:ff:f4:f6:26:83:
af:bb:29:38:5b:3f:ba:fc:64:cc:9a:61:c9:e9:b3:
60:e5:e2:17:1a:f4:78:ba:ad:da:d0:63:0e:cb:c2:
d8:81:73:04:24:02:51:d9:24:ed:93:03:a5:d0:a8:
b2:e6:9f:50:9f:ff:e5:a9:eb:a7:22:d0:cd:08:8a:
bc:75:f3:1e:cb:61:d9:ac:dc:09:8d:e8:82:35:6a:
ba:cb:f9:62:64:64:83:48:e9:90:0f:95:fe:97:d2:
8f:c5:e3:50:47:ff:f6:d0:54:4c:cb:67:31:e1:04:
30:8e:4c:a8:1e:91:02:cb:21:41:82:d4:10:7f:a3:
17:30:5e:73:bf:2a:69:f6:49:8e:b9:5f:08:eb:ae:
e7:0a:fc:b5:13:c5:51:06:6a:a5:ff:cb:54:a8:90:
29:fd:25:b2:72:a0:fd:a5:8d:c8:ff:97:80:a3:bd:
fb:09:a5:1e:f5:95:6b:2c:11:ba:ab:16:22:8a:4a:
50:1e:f1:80:44:2d:71:38:b1:9f:8b:4b:44:38:2c:
24:99:e8:c8:f7:38:2d:72:19:09:ae:fb:a0:55:23:
d9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1F:85:5D:BF:06:71:34:A2:F7:BD:30:39:24:FD:7C:F2:7F:61:A6
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nB-FXb8GcTSi970wOST9fPJ_YaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.167.0/24
213.209.135.0/24
213.209.153.0-213.209.154.255
Signature Algorithm: sha256WithRSAEncryption
07:c6:1d:f9:a7:70:70:dd:34:7c:f1:c1:6a:04:46:27:c9:09:
84:a4:57:70:22:0a:1e:d4:d0:66:cc:c2:a3:a5:31:8a:83:44:
78:ed:71:49:d7:ab:12:e3:28:f2:5d:87:c5:33:56:ed:7f:fc:
8e:4f:ac:7d:e5:89:ee:12:50:8a:cb:8b:7b:64:1b:6f:70:24:
34:08:0c:c9:6c:a8:b4:6e:a6:22:60:cc:da:90:79:71:d0:4a:
b8:3a:6c:81:a6:55:7a:d9:7b:7c:5a:e6:f8:aa:bb:a4:3a:d5:
02:86:a2:df:7e:e6:b2:e7:51:b5:58:f5:ea:f4:34:b7:1c:fb:
03:90:70:f2:a7:5e:12:a1:cb:51:f5:be:14:21:6d:1e:ef:86:
3d:be:42:ad:77:76:30:74:f1:87:bc:6e:f5:2a:b9:81:c9:d7:
e4:92:20:c4:ae:2e:ad:18:bc:1d:28:a1:7a:ae:59:13:9d:f1:
53:79:51:e8:e3:a8:aa:70:f6:d2:35:5d:a2:77:44:6d:d9:91:
04:d7:a0:5c:ac:57:04:6f:fa:2e:9a:cf:c3:4e:54:00:7b:bb:
4f:33:a5:56:e1:3e:0d:f3:76:60:87:ec:d0:67:a6:2b:74:54:
5c:ab:51:1e:b8:85:f3:68:a8:f8:d6:48:70:f8:bf:e6:2e:97:
4c:bc:d5:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECZ1dUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYx
NDE3MDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWMxZjg1NWRiZjA2
NzEzNGEyZjdiZDMwMzkyNGZkN2NmMjdmNjFhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMM6FwX56w16lFZGjDRkRpkdCXzkK0sucIsu1fV/fpuad7w7
+IFcQP/09iaDr7spOFs/uvxkzJphyemzYOXiFxr0eLqt2tBjDsvC2IFzBCQCUdkk
7ZMDpdCosuafUJ//5anrpyLQzQiKvHXzHsth2azcCY3ogjVqusv5YmRkg0jpkA+V
/pfSj8XjUEf/9tBUTMtnMeEEMI5MqB6RAsshQYLUEH+jFzBec78qafZJjrlfCOuu
5wr8tRPFUQZqpf/LVKiQKf0lsnKg/aWNyP+XgKO9+wmlHvWVaywRuqsWIopKUB7x
gEQtcTixn4tLRDgsJJnoyPc4LXIZCa77oFUj2UECAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBScH4VdvwZxNKL3vTA5JP188n9hpjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L25CLUZYYjhHY1RTaTk3MHdPU1Q5ZlBKX1lhWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAE1apwMEANXRhzAMAwQA1dGZAwQA
1dGaMA0GCSqGSIb3DQEBCwUAA4IBAQAHxh35p3Bw3TR88cFqBEYnyQmEpFdwIgoe
1NBmzMKjpTGKg0R47XFJ16sS4yjyXYfFM1btf/yOT6x95YnuElCKy4t7ZBtvcCQ0
CAzJbKi0bqYiYMzakHlx0Eq4OmyBplV62Xt8Wub4qrukOtUChqLffuay51G1WPXq
9DS3HPsDkHDyp14SoctR9b4UIW0e74Y9vkKtd3YwdPGHvG71KrmBydfkkiDEri6t
GLwdKKF6rlkTnfFTeVHo46iqcPbSNV2id0Rt2ZEE16BcrFcEb/oums/DTlQAe7tP
M6VW4T4N83Zgh+zQZ6YrdFRcq1EeuIXzaKj41khw+L/mLpdMvNWY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org