Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ptSkCw8nozkjW-BQSkrjrwqLGdM.roa
File: ptSkCw8nozkjW-BQSkrjrwqLGdM.roa (raw, json)
Hash identifier: 5USYMjLJKxATnRGREOhu1dojKv/YloLYNnn+DszAxZQ=
Subject key identifier: A6:D4:A4:0B:0F:27:A3:39:23:5B:E0:50:4A:4A:E3:AF:0A:8B:19:D3
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09E1BB1C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ptSkCw8nozkjW-BQSkrjrwqLGdM.roa
Signing time: Fri 24 Jun 2022 17:33:00 +0000
ROA not before: Fri 24 Jun 2022 17:33:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.134.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165788444 (0x9e1bb1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 24 17:33:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6d4a40b0f27a339235be0504a4ae3af0a8b19d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d6:af:5d:38:b3:2b:c1:f0:c9:c5:c2:b9:ff:
ea:70:05:fe:ac:ea:0b:f9:b7:e6:eb:b8:fd:e0:2e:
f6:2f:ff:41:83:da:dc:e5:3d:ee:be:17:a6:d8:a2:
c3:c2:d7:7b:2d:20:19:27:42:75:a3:fe:8a:86:a2:
6e:96:e4:e8:5a:22:f5:a9:94:05:bb:2b:de:9c:cd:
43:22:d5:89:e5:83:4e:6e:26:ea:2d:26:b8:f2:78:
2d:1b:0f:21:fd:2e:3b:ae:9d:d8:e1:0b:4a:bf:50:
5b:bb:e2:46:8a:65:61:38:fa:3b:8d:c6:d7:c5:76:
fb:0f:b7:84:c3:46:96:8f:e9:e4:23:18:52:7e:6d:
cb:8d:a3:ad:b4:70:e5:0c:26:73:af:1b:ad:4f:f3:
3b:8a:0f:ba:de:fa:87:e7:91:27:08:fe:46:47:48:
3c:5f:24:38:52:4b:8a:a7:eb:03:f3:8d:1c:c3:07:
ff:c3:db:d5:98:0c:68:7f:a6:9b:35:c3:7b:5f:9c:
38:d2:5e:73:ec:3a:dc:b4:25:de:7f:ab:a0:93:06:
9d:92:97:98:73:a8:ed:68:13:bc:71:61:02:4e:07:
34:fc:6b:d6:45:a4:39:bd:a5:3d:36:62:41:f8:56:
33:be:da:cb:23:58:d3:32:e4:aa:8d:4a:02:1f:37:
4a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D4:A4:0B:0F:27:A3:39:23:5B:E0:50:4A:4A:E3:AF:0A:8B:19:D3
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ptSkCw8nozkjW-BQSkrjrwqLGdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
77.90.155.0/24
77.90.184.0/24
185.230.12.0/24
213.209.133.0-213.209.134.255
213.209.149.0/24
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
45:cc:4e:f9:70:a8:ec:5b:a1:68:0e:c1:aa:91:22:67:08:c4:
bf:fd:5e:fe:ea:b1:75:96:8a:69:e4:14:15:28:b4:23:d4:64:
9d:f5:db:31:ff:9f:ad:86:a2:72:e2:e2:7c:05:d7:db:3e:b6:
ab:7f:94:90:f4:0f:1a:3f:ea:76:53:b3:b3:74:f4:12:bd:bb:
3f:41:ab:71:ee:f7:5e:35:ba:bd:50:75:4a:28:dd:7d:b5:fe:
eb:61:4a:b0:85:6f:4d:87:8e:6f:2a:a4:bc:0e:65:6b:d2:4f:
8b:75:ba:af:e6:09:79:31:fa:97:53:5d:e6:38:e7:47:b7:b0:
20:12:41:ef:84:d1:04:76:8a:fe:ed:c0:69:47:40:8f:e8:89:
de:e7:bc:ae:af:70:f5:4c:6d:5b:8a:33:b0:bf:18:de:46:16:
54:20:4c:cf:15:d5:df:c3:b3:10:e1:bd:f9:1f:84:cc:55:ee:
da:a9:a5:b4:0a:62:0d:e1:95:90:2f:80:d6:cf:ba:48:77:e2:
1d:05:96:26:3f:a3:97:d6:ad:fa:c6:e5:45:1f:a0:b9:5e:ce:
dc:ec:2f:0c:0f:7d:d9:3e:f5:5a:bb:53:79:28:31:54:1a:f0:
77:f1:f8:31:d8:b3:b5:37:b7:49:5b:4f:d5:5f:ff:3d:9b:c7:
73:31:13:b8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIECeG7HDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
NDE3MzMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZkNGE0MGIwZjI3
YTMzOTIzNWJlMDUwNGE0YWUzYWYwYThiMTlkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3Wr104syvB8MnFwrn/6nAF/qzqC/m35uu4/eAu9i//QYPa
3OU97r4Xptiiw8LXey0gGSdCdaP+ioaibpbk6Foi9amUBbsr3pzNQyLVieWDTm4m
6i0muPJ4LRsPIf0uO66d2OELSr9QW7viRoplYTj6O43G18V2+w+3hMNGlo/p5CMY
Un5ty42jrbRw5Qwmc68brU/zO4oPut76h+eRJwj+RkdIPF8kOFJLiqfrA/ONHMMH
/8Pb1ZgMaH+mmzXDe1+cONJec+w63LQl3n+roJMGnZKXmHOo7WgTvHFhAk4HNPxr
1kWkOb2lPTZiQfhWM77ayyNY0zLkqo1KAh83ShECAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBSm1KQLDyejOSNb4FBKSuOvCosZ0zAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3B0U2tDdzhub3pralctQlFTa3JqcndxTEdkTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAE1akQMEAE1amwMEAE1auAMEALnm
DDAMAwQA1dGFAwQA1dGGAwQA1dGVAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQBF
zE75cKjsW6FoDsGqkSJnCMS//V7+6rF1lopp5BQVKLQj1GSd9dsx/5+thqJy4uJ8
BdfbPrarf5SQ9A8aP+p2U7OzdPQSvbs/Qatx7vdeNbq9UHVKKN19tf7rYUqwhW9N
h45vKqS8DmVr0k+Ldbqv5gl5MfqXU13mOOdHt7AgEkHvhNEEdor+7cBpR0CP6Ine
57yur3D1TG1bijOwvxjeRhZUIEzPFdXfw7MQ4b35H4TMVe7aqaW0CmIN4ZWQL4DW
z7pId+IdBZYmP6OX1q36xuVFH6C5Xs7c7C8MD33ZPvVau1N5KDFUGvB38fgx2LO1
N7dJW0/VX/89m8dzMRO4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org