Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/xP0jdFHyhHdPL-UEYvlKCHY5FQs.roa
File: xP0jdFHyhHdPL-UEYvlKCHY5FQs.roa (raw, json)
Hash identifier: IJgAM3cJNKdo60vnyGCt2+AgG1V1FPispWHe4UEXqco=
Subject key identifier: C4:FD:23:74:51:F2:84:77:4F:2F:E5:04:62:F9:4A:08:76:39:15:0B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 07C33A1B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/xP0jdFHyhHdPL-UEYvlKCHY5FQs.roa
Signing time: Mon 07 Mar 2022 20:31:21 +0000
ROA not before: Mon 07 Mar 2022 20:31:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.146.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130234907 (0x7c33a1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 7 20:31:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4fd237451f284774f2fe50462f94a087639150b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f5:3f:df:74:39:b3:4c:a8:fe:c6:d7:60:22:
6d:e4:ed:8e:95:07:bb:4b:34:b4:62:07:e0:37:b3:
d1:a6:9f:c7:33:04:c2:63:6b:cc:e1:16:c4:64:35:
ca:d1:72:06:b3:9b:7a:c3:a3:ce:bc:85:11:f3:2d:
ff:aa:92:9d:a7:ff:1f:8e:30:9e:28:ae:af:54:6a:
98:a5:7f:9d:72:f6:72:4a:72:6d:a3:f0:32:ce:8f:
35:f9:28:4b:ff:7a:bb:2a:57:99:35:74:7d:2b:8c:
9a:31:5e:93:3a:fe:50:a2:44:cb:29:92:62:9c:fe:
6a:49:35:e4:8b:fc:25:33:1d:1a:13:7f:07:bb:93:
c3:81:d9:e3:67:10:73:68:04:62:b5:3f:9f:6d:bf:
63:25:f8:53:13:f5:89:45:a3:9b:70:35:86:bd:4a:
b1:2e:16:9f:d4:5c:f8:33:b8:08:52:b7:2c:cb:43:
c6:43:32:e7:22:6d:58:96:95:de:76:62:e2:0a:18:
7c:93:52:f0:25:74:ae:0a:b8:38:12:ed:8a:8b:22:
56:57:d5:19:9d:ec:22:bb:f2:aa:65:83:3e:e8:a9:
dc:a9:28:05:ab:7c:9b:11:32:8c:13:b6:64:30:bf:
56:53:4f:81:0d:da:d7:e1:83:c5:1a:06:03:7d:83:
99:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FD:23:74:51:F2:84:77:4F:2F:E5:04:62:F9:4A:08:76:39:15:0B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/xP0jdFHyhHdPL-UEYvlKCHY5FQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
77.90.164.0/24
77.90.173.0/24
77.90.184.0/24
185.230.15.0/24
213.209.146.0/23
213.209.151.0/24
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
15:b0:d2:46:ed:d4:cc:56:bd:e1:ec:9c:74:ff:d0:6e:b5:20:
3e:c2:2c:e1:a5:18:2d:5f:86:3e:4f:82:c9:1c:b1:d0:69:f8:
fe:ef:fb:0e:77:87:c3:96:0b:2a:d7:91:76:ef:2b:74:cc:9c:
a3:d1:41:76:7b:66:83:6d:46:b7:d8:21:6f:4e:b0:a0:c7:fd:
c9:4c:9a:ab:b3:ea:1e:19:c4:38:64:2c:32:7e:78:db:8d:d3:
9b:75:53:9c:0a:0c:d6:7a:d8:3b:f6:a2:1e:91:99:42:8e:31:
e9:03:59:e6:b6:24:0f:d7:98:76:fe:75:17:d7:3f:35:aa:54:
28:44:d0:83:7e:c6:4a:4a:2f:5a:a0:f9:8d:78:a3:e8:d3:97:
04:dc:35:04:34:14:b9:b5:03:88:b7:33:a8:26:52:2f:58:cd:
43:d5:c1:57:53:9f:23:4e:ad:9e:1d:75:ec:6a:83:ef:7f:6d:
7c:40:7b:4a:98:e5:80:e2:53:89:76:49:9e:26:ec:4b:07:17:
1f:f9:50:0d:89:e3:76:60:2e:15:7e:31:9f:a8:95:72:5a:ce:
44:2f:47:e7:26:5a:9e:4c:45:c7:ff:68:ec:22:44:b1:b6:09:
eb:db:ac:59:fc:ec:ce:53:4d:e7:ce:a6:03:4d:99:8a:b9:fb:
58:7d:bf:be
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEB8M6GzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMw
NzIwMzEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRmZDIzNzQ1MWYy
ODQ3NzRmMmZlNTA0NjJmOTRhMDg3NjM5MTUwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALb1P990ObNMqP7G12AibeTtjpUHu0s0tGIH4Dez0aafxzME
wmNrzOEWxGQ1ytFyBrObesOjzryFEfMt/6qSnaf/H44wniiur1RqmKV/nXL2ckpy
baPwMs6PNfkoS/96uypXmTV0fSuMmjFekzr+UKJEyymSYpz+akk15Iv8JTMdGhN/
B7uTw4HZ42cQc2gEYrU/n22/YyX4UxP1iUWjm3A1hr1KsS4Wn9Rc+DO4CFK3LMtD
xkMy5yJtWJaV3nZi4goYfJNS8CV0rgq4OBLtiosiVlfVGZ3sIrvyqmWDPuip3Kko
Bat8mxEyjBO2ZDC/VlNPgQ3a1+GDxRoGA32DmeECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBTE/SN0UfKEd08v5QRi+UoIdjkVCzAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3hQMGpkRkh5aEhkUEwtVUVZdmxLQ0hZNUZRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAE1amQMEAE1apAMEAE1arQMEAE1a
uAMEALnmDwMEAdXRkgMEANXRlwMEANXRnjANBgkqhkiG9w0BAQsFAAOCAQEAFbDS
Ru3UzFa94eycdP/QbrUgPsIs4aUYLV+GPk+CyRyx0Gn4/u/7DneHw5YLKteRdu8r
dMyco9FBdntmg21Gt9ghb06woMf9yUyaq7PqHhnEOGQsMn54243Tm3VTnAoM1nrY
O/aiHpGZQo4x6QNZ5rYkD9eYdv51F9c/NapUKETQg37GSkovWqD5jXij6NOXBNw1
BDQUubUDiLczqCZSL1jNQ9XBV1OfI06tnh117GqD739tfEB7SpjlgOJTiXZJnibs
SwcXH/lQDYnjdmAuFX4xn6iVclrORC9H5yZankxFx/9o7CJEsbYJ69usWfzszlNN
586mA02Zirn7WH2/vg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org