Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wsz7SQFFo5Yl6lxL7Ky7UlPEggE.roa
File: wsz7SQFFo5Yl6lxL7Ky7UlPEggE.roa (raw, json)
Hash identifier: P+S+ehF/JFIO3cySU2A/V0S6mKm9f3UM/nieDDhgTMA=
Subject key identifier: C2:CC:FB:49:01:45:A3:96:25:EA:5C:4B:EC:AC:BB:52:53:C4:82:01
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09DB13F2
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wsz7SQFFo5Yl6lxL7Ky7UlPEggE.roa
Signing time: Fri 24 Jun 2022 09:36:47 +0000
ROA not before: Fri 24 Jun 2022 09:36:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.134.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165352434 (0x9db13f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 24 09:36:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c2ccfb490145a39625ea5c4becacbb5253c48201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:97:1f:f2:37:29:8a:41:9c:7a:fb:ff:b0:94:
5e:d6:eb:62:3d:15:a7:0a:4c:48:1e:c3:e5:89:46:
54:01:25:fc:b1:32:7b:91:dc:e0:22:d1:05:54:1e:
0f:c7:8a:55:2b:9c:52:78:21:a5:20:e3:11:95:93:
d8:57:3a:ba:9c:f1:68:56:f7:1d:ee:60:3a:09:33:
b2:6b:b3:0d:1e:da:1c:61:78:e7:f2:21:7d:44:8e:
a9:56:3f:be:18:f1:ca:d9:b3:c8:46:70:ab:85:e8:
6d:37:7b:4f:b9:e2:f5:1e:c0:84:0a:ce:37:a2:19:
26:1a:a9:bc:93:e6:5f:bd:63:68:09:28:16:23:ab:
00:e9:ca:37:49:24:64:01:bb:03:3f:b0:a2:73:f8:
a3:b1:b7:06:7d:0b:b9:4f:3f:4b:a2:ce:31:ad:14:
9b:91:88:83:16:bb:17:8d:9d:68:6d:ed:c9:eb:86:
98:2c:5e:ae:8e:4d:c7:df:70:b4:ba:8d:7c:db:e2:
b0:f0:29:f4:9c:71:71:29:e2:69:f7:00:7c:be:f4:
36:3f:54:7f:58:b5:16:a2:8b:71:17:07:c5:81:59:
a7:47:41:f0:b9:0e:97:04:69:c9:6c:1a:bd:bc:ae:
86:4d:b3:84:ea:bc:5b:b3:0e:c4:8b:a7:63:9f:3a:
55:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:CC:FB:49:01:45:A3:96:25:EA:5C:4B:EC:AC:BB:52:53:C4:82:01
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wsz7SQFFo5Yl6lxL7Ky7UlPEggE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
77.90.155.0-77.90.156.255
77.90.184.0/24
185.230.12.0/24
213.209.133.0-213.209.134.255
213.209.149.0/24
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:6b:35:91:a9:38:20:13:09:48:11:39:a6:93:1b:ec:be:0f:
8c:2e:c1:89:f8:e2:87:f9:d8:03:de:9e:c8:3c:04:4b:66:3c:
44:2d:30:b7:74:97:36:63:a7:94:96:00:02:dc:47:19:f5:98:
2a:c5:26:ae:01:04:bb:d4:3e:fe:b0:dd:88:18:a6:71:c9:b8:
4c:81:be:b8:71:ba:3f:03:c4:a2:3f:52:11:1c:9a:d9:43:ac:
d6:6a:b3:66:df:e8:de:75:8e:07:b4:97:a3:4e:7c:7a:27:80:
5a:25:5f:f4:8c:ef:d0:94:82:7c:69:b2:6f:b3:2c:1e:69:77:
1c:d5:21:65:2c:74:f6:fe:5f:09:93:ae:82:84:58:cd:0e:05:
84:49:84:66:33:9b:17:17:50:d2:a6:79:1c:34:82:a3:b9:43:
e5:09:1c:9e:f4:47:37:9c:8f:4c:c2:65:26:72:3b:ef:04:4d:
11:6c:b3:b7:3f:2e:96:3b:37:aa:a5:f4:42:96:df:4b:ff:30:
91:f7:54:65:0b:ba:10:c1:75:3d:cd:b1:08:5f:cc:50:fa:52:
59:eb:f0:78:b8:00:b7:d4:77:18:c2:81:30:03:3c:ba:de:d9:
f9:7e:91:35:a7:bc:1e:e1:0a:17:b5:30:d2:7a:0e:4b:18:ab:
d7:b5:76:a3
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIECdsT8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
NDA5MzY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzJjY2ZiNDkwMTQ1
YTM5NjI1ZWE1YzRiZWNhY2JiNTI1M2M0ODIwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyXH/I3KYpBnHr7/7CUXtbrYj0VpwpMSB7D5YlGVAEl/LEy
e5Hc4CLRBVQeD8eKVSucUnghpSDjEZWT2Fc6upzxaFb3He5gOgkzsmuzDR7aHGF4
5/IhfUSOqVY/vhjxytmzyEZwq4XobTd7T7ni9R7AhArON6IZJhqpvJPmX71jaAko
FiOrAOnKN0kkZAG7Az+wonP4o7G3Bn0LuU8/S6LOMa0Um5GIgxa7F42daG3tyeuG
mCxero5Nx99wtLqNfNvisPAp9JxxcSniafcAfL70Nj9Uf1i1FqKLcRcHxYFZp0dB
8LkOlwRpyWwavbyuhk2zhOq8W7MOxIunY586VVUCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBTCzPtJAUWjliXqXEvsrLtSU8SCATAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3dzejdTUUZGbzVZbDZseEw3S3k3VWxQRWdnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwQAQCAAEwOgMEAE1akTAMAwQATVqbAwQATVqcAwQA
TVq4AwQAueYMMAwDBADV0YUDBADV0YYDBADV0ZUDBADV0Z8wDQYJKoZIhvcNAQEL
BQADggEBAAxrNZGpOCATCUgROaaTG+y+D4wuwYn44of52APensg8BEtmPEQtMLd0
lzZjp5SWAALcRxn1mCrFJq4BBLvUPv6w3YgYpnHJuEyBvrhxuj8DxKI/UhEcmtlD
rNZqs2bf6N51jge0l6NOfHongFolX/SM79CUgnxpsm+zLB5pdxzVIWUsdPb+XwmT
roKEWM0OBYRJhGYzmxcXUNKmeRw0gqO5Q+UJHJ70Rzecj0zCZSZyO+8ETRFss7c/
LpY7N6ql9EKW30v/MJH3VGULuhDBdT3NsQhfzFD6Ulnr8Hi4ALfUdxjCgTADPLre
2fl+kTWnvB7hChe1MNJ6DksYq9e1dqM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org