Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zrxEw6xgkF8_aXf0T5nvAmbv_os.roa
File: zrxEw6xgkF8_aXf0T5nvAmbv_os.roa (raw, json)
Hash identifier: CqTL16OUZZ6UoaCD9FWo8F8ByFSkRwAW5qVR4pFM8ho=
Subject key identifier: CE:BC:44:C3:AC:60:90:5F:3F:69:77:F4:4F:99:EF:02:66:EF:FE:8B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0183A851237AFE4F3667B1302F8CD0291CCA
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zrxEw6xgkF8_aXf0T5nvAmbv_os.roa
Signing time: Wed 05 Oct 2022 13:23:53 +0000
ROA not before: Wed 05 Oct 2022 13:23:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 213.209.136.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a8:51:23:7a:fe:4f:36:67:b1:30:2f:8c:d0:29:1c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 5 13:23:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cebc44c3ac60905f3f6977f44f99ef0266effe8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d1:22:c9:0a:04:23:e2:15:3b:00:28:55:62:
17:1a:1f:43:db:90:4f:4d:af:6f:ea:e1:69:b0:89:
e5:39:ff:5b:cd:c3:1d:d3:3b:36:b4:22:a6:52:8e:
45:98:67:8f:62:fb:04:67:06:30:d5:95:13:12:78:
15:2f:b1:2d:5b:4a:f7:8c:c6:13:d5:45:0b:0e:24:
14:4f:f5:51:d6:cf:23:e3:de:10:c8:21:69:4e:47:
b4:68:10:49:e8:4c:96:38:27:6b:52:1a:c0:44:ec:
fb:f3:06:95:c6:18:ef:7e:d0:a1:83:6e:fe:a5:f5:
be:06:a7:da:60:50:f1:7a:08:45:87:35:1c:0e:0a:
7d:6f:d2:0c:3b:e2:cf:bb:f0:ab:14:4c:3a:84:3c:
0a:70:5a:67:2f:13:e0:5d:8b:54:0b:77:61:39:16:
c8:0f:db:ca:26:90:d7:1f:ff:77:c8:43:88:50:33:
d0:60:9c:1f:22:6e:37:d8:ee:ed:db:69:06:40:77:
98:f7:27:51:06:cb:b2:1e:2c:87:33:3f:9a:47:47:
aa:b6:1b:0d:56:d5:30:6e:69:e8:ad:44:28:f6:f8:
78:0d:d5:20:b6:72:b4:de:27:f6:e7:f3:32:13:4a:
02:33:41:43:70:e4:fa:29:01:6d:6b:d5:91:59:52:
c3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:BC:44:C3:AC:60:90:5F:3F:69:77:F4:4F:99:EF:02:66:EF:FE:8B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zrxEw6xgkF8_aXf0T5nvAmbv_os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.185.0/24
185.230.14.0/24
213.209.136.0/24
213.209.146.0/24
213.209.149.0/24
Signature Algorithm: sha256WithRSAEncryption
48:a3:a9:14:78:b8:92:62:4b:5a:fd:4b:f8:cb:cd:a6:35:38:
c8:49:34:9a:25:c3:c5:4e:20:bb:a7:e6:04:d9:a2:48:c2:e5:
99:ac:46:c4:99:c3:e5:c4:f7:b6:ad:ae:9f:6e:b3:93:2e:c6:
86:d0:27:25:43:ae:f3:37:c9:46:ef:f4:23:cf:72:3b:cd:52:
0f:03:16:2c:89:dc:6d:ee:d5:cc:7a:07:f9:10:cf:cb:42:2c:
29:20:04:bc:1c:66:5e:f7:22:96:f2:87:58:52:db:7b:f9:3e:
1e:4b:7c:b8:89:09:10:de:01:9d:77:cb:49:c1:8a:6a:82:bb:
66:72:8c:75:23:80:d0:c8:49:d4:c5:66:ce:19:71:d2:d3:11:
91:67:fd:db:d9:18:4c:2c:25:10:48:39:5d:dc:6b:f4:62:f6:
8b:bf:d9:59:20:4b:3c:d8:a8:a1:a3:86:78:67:8a:ec:63:f0:
c0:30:f5:59:4f:1a:80:14:a6:a8:ff:dc:ce:c5:6a:1d:01:a9:
f6:70:2e:f3:30:f6:55:cd:72:0b:8e:87:80:f9:d4:4c:2b:b5:
47:f2:a4:58:f8:1d:80:f4:5e:4a:00:8e:d3:6c:29:67:4f:c4:
8f:9a:fc:84:47:31:16:5b:e5:8f:3a:8a:40:0c:85:e4:28:95:
2d:d3:c8:7c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYOoUSN6/k82Z7EwL4zQKRzKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMDA1MTMyMzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWJjNDRjM2FjNjA5MDVmM2Y2OTc3ZjQ0Zjk5ZWYwMjY2ZWZmZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9EiyQoEI+IVOwAoVWIXGh9D25BP
Ta9v6uFpsInlOf9bzcMd0zs2tCKmUo5FmGePYvsEZwYw1ZUTEngVL7EtW0r3jMYT
1UULDiQUT/VR1s8j494QyCFpTke0aBBJ6EyWOCdrUhrAROz78waVxhjvftChg27+
pfW+BqfaYFDxeghFhzUcDgp9b9IMO+LPu/CrFEw6hDwKcFpnLxPgXYtUC3dhORbI
D9vKJpDXH/93yEOIUDPQYJwfIm432O7t22kGQHeY9ydRBsuyHiyHMz+aR0eqthsN
VtUwbmnorUQo9vh4DdUgtnK03if25/MyE0oCM0FDcOT6KQFta9WRWVLDIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM68RMOsYJBfP2l39E+Z7wJm7/6LMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvenJ4RXc2eGdrRjhfYVhmMFQ1bnZBbWJ2X29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVq5AwQA
ueYOAwQA1dGIAwQA1dGSAwQA1dGVMA0GCSqGSIb3DQEBCwUAA4IBAQBIo6kUeLiS
Ykta/Uv4y82mNTjISTSaJcPFTiC7p+YE2aJIwuWZrEbEmcPlxPe2ra6fbrOTLsaG
0CclQ67zN8lG7/Qjz3I7zVIPAxYsidxt7tXMegf5EM/LQiwpIAS8HGZe9yKW8odY
Utt7+T4eS3y4iQkQ3gGdd8tJwYpqgrtmcox1I4DQyEnUxWbOGXHS0xGRZ/3b2RhM
LCUQSDld3Gv0YvaLv9lZIEs82Kiho4Z4Z4rsY/DAMPVZTxqAFKao/9zOxWodAan2
cC7zMPZVzXILjoeA+dRMK7VH8qRY+B2A9F5KAI7TbClnT8SPmvyERzEWW+WPOopA
DIXkKJUt08h8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org