Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nl1oIemBbAWmsmX0yY5PEWwe9C0.roa
File: nl1oIemBbAWmsmX0yY5PEWwe9C0.roa (raw, json)
Hash identifier: iEYLt22a3deHMTQZlmIX4/oklKKtyh4Mqm98W/OUsK0=
Subject key identifier: 9E:5D:68:21:E9:81:6C:05:A6:B2:65:F4:C9:8E:4F:11:6C:1E:F4:2D
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01829BA50E9E56138CF66570C0B624D9DC16
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nl1oIemBbAWmsmX0yY5PEWwe9C0.roa
Signing time: Sun 14 Aug 2022 09:17:41 +0000
ROA not before: Sun 14 Aug 2022 09:17:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 213.209.129.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:9b:a5:0e:9e:56:13:8c:f6:65:70:c0:b6:24:d9:dc:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 14 09:17:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e5d6821e9816c05a6b265f4c98e4f116c1ef42d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:09:30:ca:76:52:5d:c2:76:eb:cd:d3:37:b0:
bb:71:53:b1:80:47:ae:27:72:c7:be:33:a9:5e:4b:
42:4f:bf:b1:9b:2b:2d:6c:1b:31:9f:5b:fc:1d:83:
63:9f:19:a0:b6:fd:3a:25:ee:93:31:85:4e:98:be:
80:1d:45:99:3c:40:59:a3:9c:02:1d:af:7a:65:0f:
31:74:37:19:c6:d8:b2:d6:93:16:d6:45:a1:e0:c3:
aa:d7:7d:c1:4e:5f:a8:6e:b0:8b:d3:1c:28:62:6e:
48:8c:d2:c9:2e:29:54:13:c6:f9:2f:f1:a1:dc:7d:
49:7f:31:47:d1:a5:6c:62:bf:55:a9:3c:2e:49:20:
5a:f2:a4:34:ca:cd:ea:15:3a:3b:cf:13:c9:56:8f:
a2:fa:d4:ca:4d:6c:72:98:e2:ce:49:8e:e4:65:07:
27:1d:1a:06:11:e0:a1:66:bf:99:de:53:ec:42:19:
5a:b8:f0:a7:63:f3:66:28:5c:86:c3:44:ed:d0:f0:
3a:ab:22:6c:37:42:f7:56:fb:70:08:ec:05:92:43:
ad:17:2a:d0:6a:10:3f:0a:57:93:08:4b:83:30:b9:
fd:94:cc:29:4f:4c:c8:fb:f2:91:a4:11:00:8a:fd:
f2:79:0a:47:98:05:9f:2f:3a:80:eb:cc:5a:23:80:
b5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:5D:68:21:E9:81:6C:05:A6:B2:65:F4:C9:8E:4F:11:6C:1E:F4:2D
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nl1oIemBbAWmsmX0yY5PEWwe9C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.138.0/23
77.90.145.0/24
77.90.153.0/24
77.90.179.0/24
213.209.129.0/24
213.209.134.0/24
213.209.147.0/24
213.209.149.0/24
213.209.151.0/24
Signature Algorithm: sha256WithRSAEncryption
33:de:44:0c:14:f0:26:16:2f:a9:a8:ce:25:30:d8:da:e6:4c:
6c:89:eb:fe:24:05:80:1c:aa:a0:5e:b3:81:fc:c4:96:ac:47:
c1:86:31:32:e0:28:1e:7f:96:16:58:6a:0c:3c:fc:2d:cc:9a:
e8:15:c9:fe:92:88:50:bf:ff:49:93:a6:ad:af:1d:b5:8a:70:
8a:88:ad:37:f8:1a:c7:0c:c0:6f:81:b5:4e:53:e1:df:6c:fa:
ba:ff:e6:9d:ac:85:3a:3f:13:62:b4:2d:a9:e5:70:5d:7e:cf:
4e:04:ac:7e:f7:e6:52:3e:62:2b:f0:f4:75:fb:21:90:6e:f4:
5a:9f:50:84:5d:da:8d:4b:81:85:29:32:d3:60:3d:82:61:93:
d3:6e:3b:04:28:1b:5a:6b:c9:bb:71:66:f8:31:d4:74:ae:25:
74:c0:ad:3c:9d:16:e7:5d:4c:6f:9f:3d:f9:d2:1a:61:49:a4:
aa:8f:37:49:20:52:53:8e:20:4b:97:39:f1:06:6c:fd:cb:e1:
ba:45:6a:ab:f7:73:3b:a3:45:43:e7:b0:7a:3a:78:4d:16:18:
19:4a:c6:12:5b:f3:33:66:00:00:fe:54:79:b6:25:b6:15:b4:
11:71:d6:21:d2:0c:ed:3a:c6:f1:c9:9e:a2:e3:83:e8:6f:f9:
bc:c9:5d:2a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYKbpQ6eVhOM9mVwwLYk2dwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwODE0MDkxNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTVkNjgyMWU5ODE2YzA1YTZiMjY1ZjRjOThlNGYxMTZjMWVmNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQkwynZSXcJ2683TN7C7cVOxgEeu
J3LHvjOpXktCT7+xmystbBsxn1v8HYNjnxmgtv06Je6TMYVOmL6AHUWZPEBZo5wC
Ha96ZQ8xdDcZxtiy1pMW1kWh4MOq133BTl+obrCL0xwoYm5IjNLJLilUE8b5L/Gh
3H1JfzFH0aVsYr9VqTwuSSBa8qQ0ys3qFTo7zxPJVo+i+tTKTWxymOLOSY7kZQcn
HRoGEeChZr+Z3lPsQhlauPCnY/NmKFyGw0Tt0PA6qyJsN0L3VvtwCOwFkkOtFyrQ
ahA/CleTCEuDMLn9lMwpT0zI+/KRpBEAiv3yeQpHmAWfLzqA68xaI4C1bwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJ5daCHpgWwFprJl9MmOTxFsHvQtMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbmwxb0llbUJiQVdtc21YMHlZNVBFV3dlOUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBTVqKAwQA
TVqRAwQATVqZAwQATVqzAwQA1dGBAwQA1dGGAwQA1dGTAwQA1dGVAwQA1dGXMA0G
CSqGSIb3DQEBCwUAA4IBAQAz3kQMFPAmFi+pqM4lMNja5kxsiev+JAWAHKqgXrOB
/MSWrEfBhjEy4Cgef5YWWGoMPPwtzJroFcn+kohQv/9Jk6atrx21inCKiK03+BrH
DMBvgbVOU+HfbPq6/+adrIU6PxNitC2p5XBdfs9OBKx+9+ZSPmIr8PR1+yGQbvRa
n1CEXdqNS4GFKTLTYD2CYZPTbjsEKBtaa8m7cWb4MdR0riV0wK08nRbnXUxvnz35
0hphSaSqjzdJIFJTjiBLlznxBmz9y+G6RWqr93M7o0VD57B6OnhNFhgZSsYSW/Mz
ZgAA/lR5tiW2FbQRcdYh0gztOsbxyZ6i44Pob/m8yV0q
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org