Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/pZ-s5eJTlZdgEsiPuGtSl7lUCRE.roa
File: pZ-s5eJTlZdgEsiPuGtSl7lUCRE.roa (raw, json)
Hash identifier: l+U3k4XlRbxagGQxJ9QkAnnZYF9lnnycKR3KxHseLoY=
Subject key identifier: A5:9F:AC:E5:E2:53:95:97:60:12:C8:8F:B8:6B:52:97:B9:54:09:11
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09CC8360
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/pZ-s5eJTlZdgEsiPuGtSl7lUCRE.roa
Signing time: Wed 22 Jun 2022 13:04:32 +0000
ROA not before: Wed 22 Jun 2022 13:04:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 213.209.129.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164397920 (0x9cc8360)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 22 13:04:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a59face5e25395976012c88fb86b5297b9540911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:52:ca:c6:71:07:f7:f0:92:58:b0:1e:52:d5:
e5:66:67:1c:21:43:f6:99:2a:3e:90:f5:b2:a3:5f:
27:05:b6:a3:b8:0d:f7:ae:36:75:12:ec:34:60:84:
58:46:61:a9:32:6b:eb:82:c1:be:25:9b:5c:2c:0d:
fb:ea:ce:38:7c:79:dc:8a:9f:25:58:cd:eb:90:47:
d3:d4:ac:f8:b6:a6:22:52:44:f8:a6:44:00:59:a1:
fa:f4:cc:7e:f4:c9:93:2f:15:b8:cb:5a:6c:06:18:
f9:f7:97:b2:ec:28:08:35:fe:58:2b:bd:fd:5c:73:
9a:fd:17:53:1d:7a:46:4b:5d:3c:fa:70:b8:d0:2c:
9f:e0:e3:81:4f:a8:7f:69:f1:f7:77:a0:06:29:60:
76:42:6f:a8:ef:d5:78:21:bb:42:d2:92:b3:0d:f7:
f0:58:85:62:79:74:c3:42:78:8b:86:45:61:eb:df:
f2:5c:2f:ed:3f:e1:32:c5:67:4a:67:9e:9d:26:1e:
be:3f:ec:f7:dd:49:a1:f8:d3:9e:32:1b:84:c9:73:
53:98:39:db:98:93:5a:27:43:96:af:11:68:92:af:
81:8d:5b:32:04:e3:36:b1:3c:72:6b:14:27:8b:de:
2c:67:6e:2c:bf:a5:33:48:9b:57:f3:6a:7d:86:ef:
e4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:9F:AC:E5:E2:53:95:97:60:12:C8:8F:B8:6B:52:97:B9:54:09:11
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/pZ-s5eJTlZdgEsiPuGtSl7lUCRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.150.0/24
77.90.178.0/24
77.90.185.0/24
185.230.13.0-185.230.14.255
213.209.129.0/24
213.209.136.0/24
213.209.143.0-213.209.144.255
213.209.146.0/24
213.209.156.0/24
Signature Algorithm: sha256WithRSAEncryption
94:79:37:75:cb:f8:e4:a1:fe:a8:4c:59:26:43:a8:c3:57:61:
ad:0d:19:d1:59:57:02:3d:57:36:96:72:d1:1c:31:5e:b4:4d:
05:ba:57:68:17:86:1c:b8:bb:7e:b7:54:27:97:a3:7f:9b:bc:
a3:9a:b3:7a:d5:98:92:fa:31:a8:21:bc:c7:e8:2d:c9:83:cd:
1a:d6:6a:39:9f:f9:0c:3a:3d:c0:27:7a:d1:57:3d:04:a8:81:
fd:fa:db:4b:20:59:a2:26:78:96:00:5f:29:18:53:34:c3:5d:
f9:72:b3:2e:3b:4b:06:3e:df:3c:76:ec:e9:2d:46:c0:60:da:
a5:7e:60:15:ec:35:46:10:ed:13:37:5b:60:dc:c2:a9:56:98:
20:f5:2a:1a:0b:44:f1:db:14:0f:d0:1d:cd:06:8d:10:cc:4f:
d5:fe:f0:cb:28:bb:4a:79:5a:3a:8e:a8:d7:f5:87:53:58:3e:
2d:76:2a:4e:a3:f7:a0:8d:3c:45:55:f4:cc:d6:90:cb:17:6f:
9e:79:15:4a:0b:3e:a5:dd:36:fb:c9:98:69:56:96:b4:b0:37:
34:ed:e8:13:df:4b:69:7d:61:d0:e5:ec:30:17:bc:33:de:21:
3a:ff:75:4c:61:f3:a6:18:43:1a:62:57:04:20:b3:d7:31:82:
d8:32:1d:31
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIECcyDYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
MjEzMDQzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTU5ZmFjZTVlMjUz
OTU5NzYwMTJjODhmYjg2YjUyOTdiOTU0MDkxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNSysZxB/fwkliwHlLV5WZnHCFD9pkqPpD1sqNfJwW2o7gN
9642dRLsNGCEWEZhqTJr64LBviWbXCwN++rOOHx53IqfJVjN65BH09Ss+LamIlJE
+KZEAFmh+vTMfvTJky8VuMtabAYY+feXsuwoCDX+WCu9/Vxzmv0XUx16RktdPPpw
uNAsn+DjgU+of2nx93egBilgdkJvqO/VeCG7QtKSsw338FiFYnl0w0J4i4ZFYevf
8lwv7T/hMsVnSmeenSYevj/s991JofjTnjIbhMlzU5g525iTWidDlq8RaJKvgY1b
MgTjNrE8cmsUJ4veLGduLL+lM0ibV/NqfYbv5O0CAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBSln6zl4lOVl2ASyI+4a1KXuVQJETAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3BaLXM1ZUpUbFpkZ0VzaVB1R3RTbDdsVUNSRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wTAQCAAEwRgMEAE1algMEAE1asgMEAE1auTAMAwQA
ueYNAwQAueYOAwQA1dGBAwQA1dGIMAwDBADV0Y8DBADV0ZADBADV0ZIDBADV0Zww
DQYJKoZIhvcNAQELBQADggEBAJR5N3XL+OSh/qhMWSZDqMNXYa0NGdFZVwI9VzaW
ctEcMV60TQW6V2gXhhy4u363VCeXo3+bvKOas3rVmJL6MaghvMfoLcmDzRrWajmf
+Qw6PcAnetFXPQSogf3620sgWaImeJYAXykYUzTDXflysy47SwY+3zx27OktRsBg
2qV+YBXsNUYQ7RM3W2DcwqlWmCD1KhoLRPHbFA/QHc0GjRDMT9X+8Msou0p5WjqO
qNf1h1NYPi12Kk6j96CNPEVV9MzWkMsXb555FUoLPqXdNvvJmGlWlrSwNzTt6BPf
S2l9YdDl7DAXvDPeITr/dUxh86YYQxpiVwQgs9cxgtgyHTE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org