Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/cSPfwMPaEyu9bL_nvtWtztZshXU.roa
File: cSPfwMPaEyu9bL_nvtWtztZshXU.roa (raw, json)
Hash identifier: ao7MQ8HwczD1/64FoDygRvWnQwtqzTVCEj/B6BLe31o=
Subject key identifier: 71:23:DF:C0:C3:DA:13:2B:BD:6C:BF:E7:BE:D5:AD:CE:D6:6C:85:75
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0189E8DFA676DEEA574CF4FC2D1A775FD908
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/cSPfwMPaEyu9bL_nvtWtztZshXU.roa
Signing time: Sat 12 Aug 2023 08:31:58 +0000
ROA not before: Sat 12 Aug 2023 08:31:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.159.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e8:df:a6:76:de:ea:57:4c:f4:fc:2d:1a:77:5f:d9:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 12 08:31:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7123dfc0c3da132bbd6cbfe7bed5adced66c8575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a7:a8:4d:b2:04:57:05:7f:54:b8:6c:14:5b:
6f:5f:74:0e:29:44:8f:d5:50:02:e5:c6:1f:4b:99:
5c:95:64:8c:1f:79:d2:0c:20:22:60:2e:c1:4c:5e:
8c:bd:53:a6:11:88:59:8f:6b:bd:32:0d:62:19:e0:
b9:20:8d:06:77:f8:27:7b:0c:03:0b:1d:59:04:d6:
bf:14:7e:b5:1a:37:8a:79:af:41:b4:49:3a:9d:91:
5c:a9:ba:3c:3f:a4:91:4d:10:07:59:bf:bc:91:a2:
ac:45:93:2a:29:98:73:50:bd:69:65:af:6e:9a:e7:
6e:5a:22:da:d4:1e:3f:bf:9d:47:de:64:38:a1:54:
97:db:ad:2c:0a:96:44:58:d1:7c:3c:d6:96:7b:a1:
0b:ce:9b:f5:d4:f3:bf:e5:87:78:e6:2d:17:6c:0c:
b4:13:1a:36:87:48:54:08:22:dc:86:15:68:01:ef:
4f:5c:2b:8e:bd:53:ac:81:99:90:40:a1:ad:22:1a:
2c:bd:7d:da:1d:86:7a:07:56:ef:bf:51:c8:5f:c2:
a9:3f:b7:e3:75:fc:96:35:45:39:f1:2b:bc:53:1a:
bf:25:f7:ca:b4:fa:30:1c:cf:d8:ab:09:b3:49:95:
50:3c:a8:22:4d:98:fa:6c:55:4b:0a:2f:2c:0a:59:
10:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:23:DF:C0:C3:DA:13:2B:BD:6C:BF:E7:BE:D5:AD:CE:D6:6C:85:75
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/cSPfwMPaEyu9bL_nvtWtztZshXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.138.0/24
185.230.14.0/24
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:3a:1c:31:27:ea:d7:b6:6f:75:2f:78:cd:ca:bf:f6:d8:4a:
8a:f0:35:80:b2:0b:57:12:a9:d0:a4:15:47:c4:26:71:0d:e6:
1e:e2:99:50:01:fa:0a:05:7c:b8:03:c3:4e:c3:a4:e0:cc:9a:
b7:a3:db:e8:9e:a4:b9:89:fc:f1:79:a8:59:d4:06:05:92:5b:
68:9a:3b:8b:a1:5f:73:b2:9e:b6:4e:d8:e4:c0:86:84:7f:e9:
92:60:95:6e:3f:83:ea:d4:13:f3:7b:0b:d0:30:65:de:69:7b:
9a:60:68:d6:b6:53:88:da:97:4e:b9:22:ea:b6:40:b0:41:29:
69:56:61:b8:08:4a:97:47:f8:c0:70:12:b1:d0:49:4b:e1:d1:
a1:4e:38:82:4d:f4:5e:ab:ef:51:f4:d9:ce:1b:31:a1:6d:98:
af:c2:db:ca:68:cc:00:a3:a2:57:d4:16:4f:dd:88:08:47:38:
3f:e9:d9:dd:98:9d:ea:31:dd:7e:24:89:e6:54:66:06:cf:40:
97:1e:b7:6a:7e:d8:12:ad:6d:10:d3:da:d4:dd:dc:c5:07:b9:
ef:ba:19:4c:2d:47:32:25:7a:0f:54:0c:34:88:13:4e:44:b1:
8a:96:e7:9c:f3:4d:9a:f0:bd:bd:d2:67:93:a8:2b:33:ef:bd:
4d:8b:05:61
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYno36Z23upXTPT8LRp3X9kIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODEyMDgzMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTIzZGZjMGMzZGExMzJiYmQ2Y2JmZTdiZWQ1YWRjZWQ2NmM4NTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKeoTbIEVwV/VLhsFFtvX3QOKUSP
1VAC5cYfS5lclWSMH3nSDCAiYC7BTF6MvVOmEYhZj2u9Mg1iGeC5II0Gd/gnewwD
Cx1ZBNa/FH61GjeKea9BtEk6nZFcqbo8P6SRTRAHWb+8kaKsRZMqKZhzUL1pZa9u
muduWiLa1B4/v51H3mQ4oVSX260sCpZEWNF8PNaWe6ELzpv11PO/5Yd45i0XbAy0
Exo2h0hUCCLchhVoAe9PXCuOvVOsgZmQQKGtIhosvX3aHYZ6B1bvv1HIX8KpP7fj
dfyWNUU58Su8Uxq/JffKtPowHM/YqwmzSZVQPKgiTZj6bFVLCi8sClkQbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHEj38DD2hMrvWy/577Vrc7WbIV1MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvY1NQZndNUGFFeXU5YkxfbnZ0V3R6dFpzaFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqKAwQA
ueYOAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQCuOhwxJ+rXtm91L3jNyr/22EqK
8DWAsgtXEqnQpBVHxCZxDeYe4plQAfoKBXy4A8NOw6TgzJq3o9vonqS5ifzxeahZ
1AYFkltomjuLoV9zsp62TtjkwIaEf+mSYJVuP4Pq1BPzewvQMGXeaXuaYGjWtlOI
2pdOuSLqtkCwQSlpVmG4CEqXR/jAcBKx0ElL4dGhTjiCTfReq+9R9NnOGzGhbZiv
wtvKaMwAo6JX1BZP3YgIRzg/6dndmJ3qMd1+JInmVGYGz0CXHrdqftgSrW0Q09rU
3dzFB7nvuhlMLUcyJXoPVAw0iBNORLGKluec802a8L290meTqCsz771NiwVh
-----END CERTIFICATE-----
Generated at Mon Apr 28 11:36:17 2025 by rpki-client