Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/sTrrkT2X4FAmeX_Gz-rq6B9v8IY.roa
File: sTrrkT2X4FAmeX_Gz-rq6B9v8IY.roa (raw, json)
Hash identifier: wns4BlsXrN68hjgRQyQbIZ+D/k8LIW/Q9NHFEkSEqFg=
Subject key identifier: B1:3A:EB:91:3D:97:E0:50:26:79:7F:C6:CF:EA:EA:E8:1F:6F:F0:86
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 07A051BF
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/sTrrkT2X4FAmeX_Gz-rq6B9v8IY.roa
Signing time: Mon 28 Feb 2022 08:30:12 +0000
ROA not before: Mon 28 Feb 2022 08:30:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.146.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127947199 (0x7a051bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 28 08:30:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b13aeb913d97e05026797fc6cfeaeae81f6ff086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bb:f4:38:e3:ba:55:69:45:86:37:71:e4:f9:
f5:7e:f3:71:dd:e4:12:62:fa:6d:36:2d:96:5d:d3:
38:5c:20:a0:7e:4f:2b:9c:4e:d5:fe:fd:01:79:47:
60:f3:09:d6:32:cd:b2:d5:77:2e:a9:a2:57:8b:0e:
1a:45:80:6d:ee:51:82:4a:fa:85:0f:d1:07:b0:78:
03:e3:d4:38:9e:e6:c8:ed:b5:e2:b9:c1:ea:6e:4f:
c0:c8:66:53:ee:23:3f:56:a5:43:19:d2:d3:4c:0f:
61:a5:03:0c:58:c3:fb:a5:f7:70:38:55:9d:d4:7d:
d7:e4:e2:00:4f:98:3d:69:3f:09:5c:40:1a:ed:1d:
8c:f6:b4:71:6d:7e:f6:93:80:a7:34:0b:cb:e0:f1:
54:24:73:4b:36:ee:2e:9e:fb:a6:e7:3b:e8:28:20:
b2:af:8e:46:bc:4b:d8:8c:e5:fd:b4:08:97:9d:d5:
87:a7:29:97:19:92:05:bb:e7:d2:9e:11:a0:71:ab:
3a:6e:14:7c:a9:8b:cb:8e:26:cc:18:52:04:9c:d9:
82:d4:17:48:88:4b:e2:d7:81:f1:8c:9c:d7:21:76:
20:06:02:1b:cd:8c:cb:94:ac:4a:b7:c1:47:49:10:
36:2c:55:af:18:a9:03:0f:7b:ac:dc:be:40:80:ab:
4a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:3A:EB:91:3D:97:E0:50:26:79:7F:C6:CF:EA:EA:E8:1F:6F:F0:86
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/sTrrkT2X4FAmeX_Gz-rq6B9v8IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
77.90.164.0/24
77.90.173.0/24
185.230.15.0/24
213.209.146.0/23
213.209.151.0/24
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:d4:c2:63:5e:54:24:75:fb:9a:9a:84:20:47:00:4c:67:39:
31:6a:10:d2:84:8e:cf:89:a8:ce:44:dd:5c:b3:cb:5b:6f:79:
ef:cc:9a:6b:a5:50:26:19:18:79:15:fb:b4:68:84:4e:c2:c0:
ce:0d:f9:81:7a:4f:35:36:a4:aa:dc:a9:ed:7d:6f:16:98:a7:
04:00:6a:e0:3d:be:d0:bd:a6:aa:ea:06:61:59:05:f7:ac:52:
01:03:e8:4d:4a:78:11:57:53:a2:2f:ca:0e:8b:38:2a:c6:e5:
2a:f6:17:d7:c2:0b:b4:a4:f3:8d:c6:bc:d0:2d:02:63:ca:71:
32:56:d8:94:ee:77:fc:a4:4f:9b:01:61:64:d1:b1:6a:7f:53:
08:80:aa:63:65:fc:6d:33:14:79:e9:78:31:a9:70:12:2d:80:
c3:d4:5c:98:a9:04:f0:39:1c:4c:63:96:0e:68:3f:41:3c:c1:
f4:94:f6:0f:a8:6d:b9:7d:d1:6e:ce:1d:70:9a:44:a8:d1:6a:
ee:a6:b4:61:fa:91:d7:4d:65:01:7f:d8:fb:76:57:88:3c:48:
2d:3f:16:6c:e5:ce:40:b4:14:04:81:69:de:69:bb:66:f0:a7:
2b:b8:d3:8c:23:cb:eb:01:8d:aa:31:2c:85:f9:ea:73:48:81:
58:1d:f1:f6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEB6BRvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDIy
ODA4MzAxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjEzYWViOTEzZDk3
ZTA1MDI2Nzk3ZmM2Y2ZlYWVhZTgxZjZmZjA4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+79DjjulVpRYY3ceT59X7zcd3kEmL6bTYtll3TOFwgoH5P
K5xO1f79AXlHYPMJ1jLNstV3LqmiV4sOGkWAbe5Rgkr6hQ/RB7B4A+PUOJ7myO21
4rnB6m5PwMhmU+4jP1alQxnS00wPYaUDDFjD+6X3cDhVndR91+TiAE+YPWk/CVxA
Gu0djPa0cW1+9pOApzQLy+DxVCRzSzbuLp77puc76Cggsq+ORrxL2Izl/bQIl53V
h6cplxmSBbvn0p4RoHGrOm4UfKmLy44mzBhSBJzZgtQXSIhL4teB8Yyc1yF2IAYC
G82My5SsSrfBR0kQNixVrxipAw97rNy+QICrSmsCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBSxOuuRPZfgUCZ5f8bP6uroH2/whjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3NUcnJrVDJYNEZBbWVYX0d6LXJxNkI5djhJWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAE1amQMEAE1apAMEAE1arQMEALnm
DwMEAdXRkgMEANXRlwMEANXRnjANBgkqhkiG9w0BAQsFAAOCAQEAqdTCY15UJHX7
mpqEIEcATGc5MWoQ0oSOz4mozkTdXLPLW29578yaa6VQJhkYeRX7tGiETsLAzg35
gXpPNTakqtyp7X1vFpinBABq4D2+0L2mquoGYVkF96xSAQPoTUp4EVdToi/KDos4
KsblKvYX18ILtKTzjca80C0CY8pxMlbYlO53/KRPmwFhZNGxan9TCICqY2X8bTMU
eel4MalwEi2Aw9RcmKkE8DkcTGOWDmg/QTzB9JT2D6htuX3Rbs4dcJpEqNFq7qa0
YfqR101lAX/Y+3ZXiDxILT8WbOXOQLQUBIFp3mm7ZvCnK7jTjCPL6wGNqjEshfnq
c0iBWB3x9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org