Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tyruOCxDb7j1IADiqdJ35HxsEfQ.roa
File: tyruOCxDb7j1IADiqdJ35HxsEfQ.roa (raw, json)
Hash identifier: +tEDR6THclYbZTg0J5jburPLFx1VG9pckYNkfqkYXsA=
Subject key identifier: B7:2A:EE:38:2C:43:6F:B8:F5:20:00:E2:A9:D2:77:E4:7C:6C:11:F4
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 08C8EBD5
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tyruOCxDb7j1IADiqdJ35HxsEfQ.roa
Signing time: Fri 22 Apr 2022 12:36:31 +0000
ROA not before: Fri 22 Apr 2022 12:36:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 213.209.129.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147385301 (0x8c8ebd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 22 12:36:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b72aee382c436fb8f52000e2a9d277e47c6c11f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7f:fe:13:b5:af:e8:ec:57:8f:06:74:48:eb:
c3:38:9e:79:ac:cb:15:83:80:07:d4:e0:77:75:0b:
c0:e8:9f:06:e1:a4:a7:dd:ed:4d:23:8f:ea:5f:8c:
0c:5b:1c:d9:ba:94:20:6e:a3:18:23:64:e5:40:61:
2a:e1:5f:0e:04:0c:f5:83:36:f5:a4:79:d7:e2:cd:
61:17:13:8a:cd:41:e3:d1:bb:e4:f2:11:59:0b:bc:
67:28:fe:32:9e:ae:81:a2:55:4c:7b:7f:22:cb:48:
24:a0:9c:a5:73:9d:91:2c:b4:c6:ea:67:26:e4:05:
a6:6d:86:3e:14:17:e3:e8:72:49:51:4c:fd:2e:9f:
f0:f2:6d:bd:99:e1:e3:6b:6f:59:15:48:e7:c5:76:
19:07:0e:5d:87:0b:a3:5d:5c:36:a0:be:4a:f0:14:
5e:ba:61:aa:f0:a5:72:6a:62:52:f1:db:da:c9:db:
88:29:49:0a:2b:f9:da:98:a6:d5:6a:2c:7f:5e:10:
70:fc:59:1e:2b:c7:e5:60:92:66:b2:b5:3c:a8:54:
5d:a5:63:9d:49:e8:14:54:c0:4d:c3:61:9a:d1:3e:
75:f4:dd:69:fc:eb:3d:eb:4d:46:7f:a1:af:b3:da:
8c:d8:01:0a:35:40:1d:77:dc:d6:a8:9f:97:a2:62:
d6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2A:EE:38:2C:43:6F:B8:F5:20:00:E2:A9:D2:77:E4:7C:6C:11:F4
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tyruOCxDb7j1IADiqdJ35HxsEfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.149.0-77.90.150.255
77.90.153.0-77.90.155.255
77.90.157.0/24
77.90.179.0/24
213.209.129.0/24
213.209.133.0/24
213.209.143.0/24
213.209.145.0/24
213.209.150.0/24
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:10:ca:29:43:84:28:c8:58:31:fe:27:5b:63:44:98:a5:52:
66:01:45:3d:40:f6:cf:c6:ea:72:4e:f9:b8:0c:48:e5:6e:d6:
3c:85:6b:10:49:ae:6d:9d:31:2c:86:5e:be:fe:c1:9d:a4:ab:
5d:9b:b2:c2:9d:69:2f:9f:82:f6:71:70:5f:14:0c:58:8b:f9:
7a:a8:a7:73:b5:91:97:54:ea:61:90:fa:ba:31:00:0c:62:79:
8a:7a:d5:31:b4:48:11:b5:d8:6c:62:42:de:ad:49:94:c4:5b:
72:41:c0:31:e7:04:b3:4b:3f:3e:47:4a:46:03:45:a4:e2:74:
d7:25:a3:4e:3c:6b:fd:0c:3e:93:94:21:00:52:61:b6:dc:81:
14:6b:ba:5a:dd:ab:65:df:2d:1b:60:f8:16:d7:14:e7:5e:6c:
61:76:c6:14:e8:87:16:01:8c:57:1e:8e:bd:ba:4a:3c:d4:7d:
55:27:73:9e:df:37:92:47:06:1a:36:8c:f3:fc:72:9c:e0:1b:
b4:d4:82:0b:18:21:70:02:0c:8d:76:f2:8b:dc:b3:6a:00:8f:
cd:80:1b:4e:e8:75:c2:b6:bc:e4:b8:d3:00:08:f8:88:21:56:
a8:f9:a8:1d:d9:24:e8:9c:d0:33:4b:73:c1:90:4e:8f:42:7f:
22:b4:e3:70
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIECMjr1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQy
MjEyMzYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjcyYWVlMzgyYzQz
NmZiOGY1MjAwMGUyYTlkMjc3ZTQ3YzZjMTFmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMt//hO1r+jsV48GdEjrwzieeazLFYOAB9Tgd3ULwOifBuGk
p93tTSOP6l+MDFsc2bqUIG6jGCNk5UBhKuFfDgQM9YM29aR51+LNYRcTis1B49G7
5PIRWQu8Zyj+Mp6ugaJVTHt/IstIJKCcpXOdkSy0xupnJuQFpm2GPhQX4+hySVFM
/S6f8PJtvZnh42tvWRVI58V2GQcOXYcLo11cNqC+SvAUXrphqvClcmpiUvHb2snb
iClJCiv52pim1Wosf14QcPxZHivH5WCSZrK1PKhUXaVjnUnoFFTATcNhmtE+dfTd
afzrPetNRn+hr7PajNgBCjVAHXfc1qifl6Ji1o8CAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBS3Ku44LENvuPUgAOKp0nfkfGwR9DAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3R5cnVPQ3hEYjdqMUlBRGlxZEozNUh4c0VmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwUgQCAAEwTDAMAwQATVqVAwQATVqWMAwDBABNWpkD
BAJNWpgDBABNWp0DBABNWrMDBADV0YEDBADV0YUDBADV0Y8DBADV0ZEDBADV0ZYD
BADV0Z4wDQYJKoZIhvcNAQELBQADggEBAHsQyilDhCjIWDH+J1tjRJilUmYBRT1A
9s/G6nJO+bgMSOVu1jyFaxBJrm2dMSyGXr7+wZ2kq12bssKdaS+fgvZxcF8UDFiL
+Xqop3O1kZdU6mGQ+roxAAxieYp61TG0SBG12GxiQt6tSZTEW3JBwDHnBLNLPz5H
SkYDRaTidNclo048a/0MPpOUIQBSYbbcgRRrulrdq2XfLRtg+BbXFOdebGF2xhTo
hxYBjFcejr26SjzUfVUnc57fN5JHBho2jPP8cpzgG7TUggsYIXACDI128ovcs2oA
j82AG07odcK2vOS40wAI+IghVqj5qB3ZJOic0DNLc8GQTo9CfyK043A=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org