Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1rO_w34etWbuwUKMJh6mAOAYw4g.roa
File: 1rO_w34etWbuwUKMJh6mAOAYw4g.roa (raw, json)
Hash identifier: ZrRjdBuqBGQV7YuBtjxulNXk5+OORAqjgc8VgZen6CA=
Subject key identifier: D6:B3:BF:C3:7E:1E:B5:66:EE:C1:42:8C:26:1E:A6:00:E0:18:C3:88
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 07B1E2B4
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1rO_w34etWbuwUKMJh6mAOAYw4g.roa
Signing time: Sat 05 Mar 2022 12:29:56 +0000
ROA not before: Sat 05 Mar 2022 12:29:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129098420 (0x7b1e2b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 5 12:29:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6b3bfc37e1eb566eec1428c261ea600e018c388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a5:75:b2:34:37:98:65:69:82:d8:f8:0a:7c:
7a:40:83:9a:a5:a1:14:86:4d:88:9e:96:99:2c:71:
7d:52:ad:0b:92:e4:85:26:88:2c:21:6f:b9:1f:df:
80:b4:2b:77:c1:50:66:2a:51:a5:54:9e:63:14:6e:
64:aa:61:79:ba:04:41:a4:1c:28:9d:57:25:fb:cc:
d9:cd:85:83:4c:46:4f:80:0d:5a:26:c0:e0:f9:78:
a7:31:c7:77:10:75:c2:4a:14:f7:eb:57:6e:d3:8f:
ec:9b:f4:b3:79:0d:ca:ad:df:0c:f4:36:29:b9:69:
0d:ab:30:b5:92:e5:f6:b7:d9:14:eb:17:d3:44:56:
b4:4a:c8:02:e1:7b:e9:9f:a9:9d:a0:23:76:b8:c6:
d5:6a:4b:d2:3f:27:41:bd:09:ce:2c:29:55:10:cb:
97:fb:0b:65:3e:2c:05:9a:4a:a6:15:ea:1b:3f:8e:
dc:6f:1e:e6:c7:f8:f1:26:ef:82:b3:03:b6:03:c4:
66:7c:90:42:fe:64:18:4f:3d:c8:22:c2:f5:14:f6:
3d:10:90:75:80:a8:d5:32:df:39:8e:96:64:0d:2b:
4a:1b:27:8b:6b:51:87:cb:fc:8f:25:eb:3e:44:36:
10:65:09:a9:8e:36:24:ae:97:73:25:e6:72:7f:e5:
ff:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B3:BF:C3:7E:1E:B5:66:EE:C1:42:8C:26:1E:A6:00:E0:18:C3:88
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1rO_w34etWbuwUKMJh6mAOAYw4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.184.0/24
213.209.129.0-213.209.130.255
213.209.133.0/24
213.209.136.0/24
213.209.138.0/24
213.209.146.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
6a:a0:05:31:95:f4:42:94:eb:f0:9a:71:29:58:28:84:f2:fa:
a7:95:90:e3:fc:d1:1a:74:24:5c:4d:7f:dc:90:53:4a:d5:b3:
e3:8e:19:bd:17:8a:e0:bc:48:13:ea:10:64:98:bd:bc:1a:4e:
cf:97:b4:c7:49:3d:36:4d:4e:40:d6:35:c7:75:95:2f:d2:b1:
08:91:4a:bd:0a:1a:91:03:17:de:ad:f4:72:a5:b2:7d:49:88:
cf:64:15:0b:ee:54:09:da:60:65:78:29:0c:49:c7:24:55:35:
ea:53:e7:51:65:5b:d7:2a:b9:5e:b5:f2:5e:b9:6c:07:e8:52:
8a:ab:42:2a:48:60:84:f5:9d:9c:ab:f6:98:d7:61:a0:56:dc:
33:c8:43:09:a4:38:84:ca:b7:6a:87:f4:7e:11:39:a4:96:0d:
fa:6f:dc:34:84:10:9a:5c:7f:43:54:bf:9a:fb:21:5f:a7:54:
9a:f4:bb:9f:b8:cf:b9:37:e2:cc:32:9e:9e:99:89:38:88:61:
26:1a:bd:7b:c0:cc:57:84:22:ab:0b:f5:83:3d:99:ea:f9:a6:
f8:c6:eb:e5:19:ce:f0:bc:1b:61:1d:7a:c2:7b:b2:df:fa:56:
22:fd:f5:19:6a:04:f6:a3:54:e0:34:31:9d:ea:ee:0d:e5:7a:
66:46:5d:8b
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIEB7HitDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMw
NTEyMjk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDZiM2JmYzM3ZTFl
YjU2NmVlYzE0MjhjMjYxZWE2MDBlMDE4YzM4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANGldbI0N5hlaYLY+Ap8ekCDmqWhFIZNiJ6WmSxxfVKtC5Lk
hSaILCFvuR/fgLQrd8FQZipRpVSeYxRuZKpheboEQaQcKJ1XJfvM2c2Fg0xGT4AN
WibA4Pl4pzHHdxB1wkoU9+tXbtOP7Jv0s3kNyq3fDPQ2KblpDaswtZLl9rfZFOsX
00RWtErIAuF76Z+pnaAjdrjG1WpL0j8nQb0JziwpVRDLl/sLZT4sBZpKphXqGz+O
3G8e5sf48SbvgrMDtgPEZnyQQv5kGE89yCLC9RT2PRCQdYCo1TLfOY6WZA0rShsn
i2tRh8v8jyXrPkQ2EGUJqY42JK6XcyXmcn/l/7cCAwEAAaOCAoYwggKCMB0GA1Ud
DgQWBBTWs7/Dfh61Zu7BQowmHqYA4BjDiDAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
LzFyT193MzRldFdidXdVS01KaDZtQU9BWXc0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mwYIKwYBBQUHAQcBAf8EgYswgYgwcAQCAAEwajAMAwQHTVqAAwQATVqCMAwDBAJN
WoQDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqSAwQATVqUAwQATVq4
MAwDBADV0YEDBADV0YIDBADV0YUDBADV0YgDBADV0YoDBADV0ZIwFAQCAAIwDgMF
ACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQBqoAUxlfRClOvwmnEpWCiE
8vqnlZDj/NEadCRcTX/ckFNK1bPjjhm9F4rgvEgT6hBkmL28Gk7Pl7THST02TU5A
1jXHdZUv0rEIkUq9ChqRAxferfRypbJ9SYjPZBUL7lQJ2mBleCkMScckVTXqU+dR
ZVvXKrletfJeuWwH6FKKq0IqSGCE9Z2cq/aY12GgVtwzyEMJpDiEyrdqh/R+ETmk
lg36b9w0hBCaXH9DVL+a+yFfp1Sa9LufuM+5N+LMMp6emYk4iGEmGr17wMxXhCKr
C/WDPZnq+ab4xuvlGc7wvBthHXrCe7Lf+lYi/fUZagT2o1TgNDGd6u4N5XpmRl2L
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org