Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/q68Do9H4L9vtxXLuRxJ7aGxgYdc.roa
File: q68Do9H4L9vtxXLuRxJ7aGxgYdc.roa (raw, json)
Hash identifier: OhEi8FFJXge2u/RlX+zkEgyWJlALVGoN3VAgAunhNEs=
Subject key identifier: AB:AF:03:A3:D1:F8:2F:DB:ED:C5:72:EE:47:12:7B:68:6C:60:61:D7
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0806531A
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/q68Do9H4L9vtxXLuRxJ7aGxgYdc.roa
Signing time: Fri 11 Mar 2022 15:00:50 +0000
ROA not before: Fri 11 Mar 2022 15:00:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.147.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134632218 (0x806531a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 11 15:00:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=abaf03a3d1f82fdbedc572ee47127b686c6061d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:89:05:25:c3:29:61:94:ff:69:54:1f:5a:bb:
13:c0:39:ba:08:ab:47:ca:bb:f8:bb:90:ab:6d:8e:
29:32:d1:ac:04:93:70:57:63:27:54:29:03:75:49:
62:d0:04:74:01:f6:cb:82:44:e3:04:44:4f:ce:65:
ba:0a:8c:d5:6d:f2:a3:02:4d:73:fd:ac:8b:f7:a8:
56:24:cf:80:57:98:8e:d7:40:65:81:53:db:e6:9e:
e1:05:c6:dc:b2:52:09:5d:b2:10:ec:d8:c7:93:3f:
a6:9c:1f:01:e4:6b:de:c4:a1:ce:16:0f:09:71:5f:
5c:34:fd:67:79:c0:8c:40:a1:0a:93:d0:26:10:6a:
65:f0:19:5e:5b:e8:4a:a3:20:61:ac:99:38:3b:04:
f4:06:03:2d:07:1a:99:e6:5c:1b:36:f5:7d:d8:53:
b6:0c:3a:75:90:57:db:d1:ab:e7:3b:aa:8b:84:dd:
70:87:0a:9b:4c:b3:92:6e:99:9c:bc:66:fd:02:71:
47:6f:2f:4b:7d:a7:a9:7a:9b:c3:72:0d:ef:d7:14:
90:ff:ac:d6:5c:7b:15:aa:88:0e:fe:00:d0:45:36:
f2:61:c4:5b:ee:1d:61:c5:c9:fa:2b:06:66:01:93:
ad:ec:b0:29:10:92:41:4c:1c:5d:b3:ab:df:01:d9:
3a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AF:03:A3:D1:F8:2F:DB:ED:C5:72:EE:47:12:7B:68:6C:60:61:D7
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/q68Do9H4L9vtxXLuRxJ7aGxgYdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
77.90.173.0/24
77.90.184.0/24
185.230.15.0/24
213.209.147.0/24
213.209.151.0/24
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
54:ff:ca:ca:9b:cf:e3:16:d2:17:95:21:f9:02:4d:26:3e:8c:
6a:d6:ec:fa:e4:c5:0c:da:f8:dc:94:f0:18:e2:84:5e:83:95:
6e:5d:4c:48:15:c5:c1:60:a6:2c:e6:38:43:d2:a6:00:17:58:
d6:ac:d0:96:68:5c:d6:34:0b:38:06:7b:01:46:1f:8e:3e:f4:
80:d2:06:cc:2d:b5:c3:86:d3:65:ef:2a:63:cd:c0:8b:4c:f0:
0a:20:fc:1a:f8:42:ba:4b:07:5e:e7:27:b6:5a:4c:06:b7:e5:
87:6c:35:47:6f:8d:36:83:0b:cf:44:64:59:29:dc:c0:7e:64:
6a:86:c8:5c:3f:fc:f0:4a:3b:b6:a1:ad:d0:51:7b:f7:3c:b1:
99:0c:dd:66:81:0e:70:27:12:a2:cd:b2:82:fe:1e:b3:a4:5d:
92:0e:c9:c0:ae:fd:23:55:ee:a0:c2:e2:a3:0a:f0:a9:c6:e1:
cc:0b:72:3b:a2:57:4a:39:42:66:7c:4c:4b:f6:f1:94:8f:e0:
e6:8f:10:35:f6:d8:5d:d2:7f:f9:40:75:3e:c1:49:af:8c:ab:
f4:fd:ca:7b:f6:b5:72:61:73:48:cf:c0:08:d7:cf:07:91:7e:
72:da:e8:ba:5f:0e:06:2f:c8:c6:3a:d7:a6:10:59:04:13:96:
0b:87:62:83
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECAZTGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMx
MTE1MDA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWJhZjAzYTNkMWY4
MmZkYmVkYzU3MmVlNDcxMjdiNjg2YzYwNjFkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGJBSXDKWGU/2lUH1q7E8A5ugirR8q7+LuQq22OKTLRrAST
cFdjJ1QpA3VJYtAEdAH2y4JE4wRET85lugqM1W3yowJNc/2si/eoViTPgFeYjtdA
ZYFT2+ae4QXG3LJSCV2yEOzYx5M/ppwfAeRr3sShzhYPCXFfXDT9Z3nAjEChCpPQ
JhBqZfAZXlvoSqMgYayZODsE9AYDLQcameZcGzb1fdhTtgw6dZBX29Gr5zuqi4Td
cIcKm0yzkm6ZnLxm/QJxR28vS32nqXqbw3IN79cUkP+s1lx7FaqIDv4A0EU28mHE
W+4dYcXJ+isGZgGTreywKRCSQUwcXbOr3wHZOhsCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBSrrwOj0fgv2+3Fcu5HEntobGBh1zAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3E2OERvOUg0TDl2dHhYTHVSeEo3YUd4Z1lkYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAE1amQMEAE1arQMEAE1auAMEALnm
DwMEANXRkwMEANXRlwMEANXRnjANBgkqhkiG9w0BAQsFAAOCAQEAVP/KypvP4xbS
F5Uh+QJNJj6Matbs+uTFDNr43JTwGOKEXoOVbl1MSBXFwWCmLOY4Q9KmABdY1qzQ
lmhc1jQLOAZ7AUYfjj70gNIGzC21w4bTZe8qY83Ai0zwCiD8GvhCuksHXucntlpM
Brflh2w1R2+NNoMLz0RkWSncwH5kaobIXD/88Eo7tqGt0FF79zyxmQzdZoEOcCcS
os2ygv4es6Rdkg7JwK79I1XuoMLiowrwqcbhzAtyO6JXSjlCZnxMS/bxlI/g5o8Q
NfbYXdJ/+UB1PsFJr4yr9P3Ke/a1cmFzSM/ACNfPB5F+ctroul8OBi/IxjrXphBZ
BBOWC4digw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:06 2024 by rpki-client on console-fra.rpki-client.org