Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ujZAKq9MKdgMDtDyHolsPeAK7LQ.roa
File: ujZAKq9MKdgMDtDyHolsPeAK7LQ.roa (raw, json)
Hash identifier: W1JfYHD1IY+04ws7yb8eNanum7sdbSaBt/5XPRMBuYY=
Subject key identifier: BA:36:40:2A:AF:4C:29:D8:0C:0E:D0:F2:1E:89:6C:3D:E0:0A:EC:B4
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0181D80DBFEE9287B5F9692E3C38BA43EAA4
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ujZAKq9MKdgMDtDyHolsPeAK7LQ.roa
Signing time: Thu 07 Jul 2022 09:46:28 +0000
ROA not before: Thu 07 Jul 2022 09:46:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.159.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d8:0d:bf:ee:92:87:b5:f9:69:2e:3c:38:ba:43:ea:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 7 09:46:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba36402aaf4c29d80c0ed0f21e896c3de00aecb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e1:bd:b0:23:cf:ca:57:90:4e:b9:45:01:44:
19:6f:7d:5f:19:d0:94:3b:e1:0a:ac:8b:6e:42:7a:
46:d0:50:24:f1:81:9e:1e:42:0a:41:f7:dd:5b:b6:
2d:cf:83:31:14:e4:8c:20:7c:53:8c:12:a6:aa:4c:
87:95:19:98:a6:bc:c4:cf:08:24:65:49:4b:da:e6:
df:38:e6:10:d4:0e:fb:bd:17:0c:fa:14:67:5b:04:
4c:9b:0d:2c:62:44:8f:6a:0e:d8:70:49:2b:f5:c3:
15:85:2d:d4:06:04:71:0c:fa:31:6b:e4:d0:93:b0:
c6:8c:04:eb:fe:33:7e:14:28:5f:51:3a:f1:f5:5a:
9e:d2:9c:9e:f0:18:13:d9:2f:84:00:6b:cb:59:f1:
52:ab:3d:3f:ae:a4:97:29:18:b7:5f:6d:91:b8:50:
db:49:a5:48:85:a7:8b:7b:09:39:58:09:29:48:ad:
f7:e9:be:ba:57:34:a9:8b:2d:d0:ff:7a:c7:ad:0f:
52:18:48:1f:56:72:62:a3:f9:ce:93:b4:08:93:f2:
43:f1:59:28:b2:9b:c5:07:93:52:a1:82:9b:92:98:
e1:5b:b3:cc:bc:47:39:2c:7b:7a:94:b3:19:9d:37:
31:c9:47:9a:fd:bd:57:40:fe:fc:27:20:de:2a:2c:
ef:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:36:40:2A:AF:4C:29:D8:0C:0E:D0:F2:1E:89:6C:3D:E0:0A:EC:B4
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ujZAKq9MKdgMDtDyHolsPeAK7LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.155.0/24
77.90.184.0/24
185.230.12.0/24
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
42:a4:3c:ed:00:e1:df:4d:15:16:40:02:53:f0:58:a4:e2:b6:
4c:d8:77:64:97:ac:f0:eb:15:3e:fd:1d:fc:b8:d4:c9:d7:1d:
bc:22:52:2b:7d:06:f6:a4:63:53:57:77:3c:cb:15:7e:92:0c:
f1:67:d5:5e:48:22:95:c7:49:cf:13:38:b3:68:4b:07:e9:1d:
ed:b4:da:83:eb:84:51:b8:e3:dc:c3:02:56:ea:fd:9e:fd:6c:
58:eb:38:36:dc:e6:e0:6b:2f:19:06:10:71:29:03:33:7f:7d:
35:d1:a4:e1:cf:7f:38:ba:88:a0:6b:95:3b:d3:87:af:3b:b8:
ce:95:45:ab:71:70:4d:5e:f0:b7:e4:c1:b3:7f:d1:e1:b4:60:
5a:70:1e:0e:83:91:eb:cc:ae:4a:26:4a:8b:e3:5b:79:56:7e:
da:fe:33:6d:50:22:d4:6c:5c:59:13:7b:ec:16:19:f1:ba:72:
7f:4b:f2:97:c3:63:bc:fd:b6:c8:cc:c5:72:a9:3b:e4:ed:a3:
96:7e:33:31:44:3e:6d:55:f3:e4:2a:d1:b7:04:4f:e2:b5:a1:
2f:75:d3:17:48:7b:66:52:76:61:d8:d6:78:84:59:d7:48:7d:
c2:e5:ee:d2:7b:13:5f:62:c3:19:c7:cd:e5:77:af:d5:ef:17:
7a:31:96:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYHYDb/ukoe1+WkuPDi6Q+qkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzA3MDk0NjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTM2NDAyYWFmNGMyOWQ4MGMwZWQwZjIxZTg5NmMzZGUwMGFlY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+G9sCPPyleQTrlFAUQZb31fGdCU
O+EKrItuQnpG0FAk8YGeHkIKQffdW7Ytz4MxFOSMIHxTjBKmqkyHlRmYprzEzwgk
ZUlL2ubfOOYQ1A77vRcM+hRnWwRMmw0sYkSPag7YcEkr9cMVhS3UBgRxDPoxa+TQ
k7DGjATr/jN+FChfUTrx9Vqe0pye8BgT2S+EAGvLWfFSqz0/rqSXKRi3X22RuFDb
SaVIhaeLewk5WAkpSK336b66VzSpiy3Q/3rHrQ9SGEgfVnJio/nOk7QIk/JD8Vko
spvFB5NSoYKbkpjhW7PMvEc5LHt6lLMZnTcxyUea/b1XQP78JyDeKizvGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLo2QCqvTCnYDA7Q8h6JbD3gCuy0MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdWpaQUtxOU1LZGdNRHREeUhvbHNQZUFLN0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqbAwQA
TVq4AwQAueYMAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQBCpDztAOHfTRUWQAJT
8Fik4rZM2Hdkl6zw6xU+/R38uNTJ1x28IlIrfQb2pGNTV3c8yxV+kgzxZ9VeSCKV
x0nPEzizaEsH6R3ttNqD64RRuOPcwwJW6v2e/WxY6zg23Obgay8ZBhBxKQMzf301
0aThz384uoiga5U704evO7jOlUWrcXBNXvC35MGzf9HhtGBacB4Og5HrzK5KJkqL
41t5Vn7a/jNtUCLUbFxZE3vsFhnxunJ/S/KXw2O8/bbIzMVyqTvk7aOWfjMxRD5t
VfPkKtG3BE/itaEvddMXSHtmUnZh2NZ4hFnXSH3C5e7SexNfYsMZx83ld6/V7xd6
MZbN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org