Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1wmACiBNUMK_uaiHfrYwTYvpTwQ.roa
File: 1wmACiBNUMK_uaiHfrYwTYvpTwQ.roa (raw, json)
Hash identifier: uq1PAtPEQBkgDVHKtPNv8jmFMhgNFHuGyjx+jBNSRfc=
Subject key identifier: D7:09:80:0A:20:4D:50:C2:BF:B9:A8:87:7E:B6:30:4D:8B:E9:4F:04
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018288669AC04F524C3601968DC731275874
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1wmACiBNUMK_uaiHfrYwTYvpTwQ.roa
Signing time: Wed 10 Aug 2022 15:36:41 +0000
ROA not before: Wed 10 Aug 2022 15:36:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.190.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.166.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:88:66:9a:c0:4f:52:4c:36:01:96:8d:c7:31:27:58:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 10 15:36:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d709800a204d50c2bfb9a8877eb6304d8be94f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7e:f7:11:5a:65:a6:f6:ad:29:25:8a:69:00:
d3:d2:40:df:dd:6e:31:95:fb:0b:e0:6a:8a:6c:e8:
52:ee:df:33:02:3e:17:68:46:fb:c6:93:a9:3d:e5:
65:2e:73:91:d5:d1:02:2e:a5:73:01:ca:e0:35:44:
c1:d3:b1:92:30:de:70:7a:cc:5f:e3:7d:91:cb:a2:
8b:0b:9f:c0:a2:8f:7f:be:1e:1f:0f:52:a9:b4:a0:
2e:b3:a5:d1:5e:33:e0:0f:d2:fe:b2:b9:43:7c:a6:
2c:21:e1:31:7a:e2:42:db:d8:e1:ac:37:ba:c5:c0:
43:fc:36:31:e9:62:84:ac:be:86:18:2a:41:33:c1:
36:93:b2:e2:96:85:39:c3:be:7d:63:54:38:99:78:
4b:42:e9:2e:c9:93:36:91:71:fa:c6:e1:8c:6c:3e:
58:70:7d:c2:0f:51:0d:ef:6c:d0:8f:f0:1e:56:5e:
d0:4a:31:95:c0:a1:d6:5a:90:7c:49:a9:83:88:8c:
36:59:50:fd:61:64:6e:4e:36:3c:9d:42:38:0a:8c:
2d:49:f3:9c:02:f9:05:7e:02:c6:18:de:6a:ac:06:
ea:20:16:82:d1:41:39:5a:63:4f:68:02:fd:d8:4f:
3d:f5:2f:f5:52:15:c6:58:3c:d3:8c:19:37:a1:65:
f2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:09:80:0A:20:4D:50:C2:BF:B9:A8:87:7E:B6:30:4D:8B:E9:4F:04
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1wmACiBNUMK_uaiHfrYwTYvpTwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.150.255
77.90.152.0/24
77.90.154.0/24
77.90.157.0/24
77.90.166.0/24
77.90.173.0/24
77.90.188.0/24
77.90.190.0/23
185.230.12.0/24
213.209.130.0/24
213.209.133.0/24
213.209.138.0/24
213.209.144.0/23
213.209.157.0-213.209.159.255
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
60:17:80:4b:ce:9f:3a:04:3e:11:c9:0b:39:eb:7b:fc:66:ea:
4f:91:d8:93:35:19:86:94:77:3c:df:47:32:63:4f:49:a7:69:
40:35:1d:50:ea:32:15:98:1e:92:91:32:33:0d:37:16:ee:23:
ca:86:89:f9:9c:cf:81:f5:73:0e:57:29:15:83:ee:12:83:ab:
3b:a1:50:22:02:82:a6:72:16:ab:3f:8f:3e:0a:9c:5a:26:7c:
b3:ec:31:7d:d2:c1:48:6f:87:59:b4:36:e1:41:94:df:ca:aa:
b6:02:dc:38:ea:7e:00:4c:95:bb:52:c1:5c:a1:a8:95:8f:da:
b2:82:aa:78:e9:73:75:46:82:ae:aa:87:01:17:02:06:d7:91:
9e:a1:03:b6:89:87:06:28:da:1d:70:64:2c:78:d5:e1:5b:c1:
ac:45:91:84:83:16:33:88:44:fd:b7:7f:ef:0e:d3:2a:da:db:
ff:06:82:32:9b:41:6c:53:ef:e2:ed:64:4e:a0:05:b7:32:cf:
7d:19:14:15:00:1a:40:43:dd:10:c1:c6:0f:05:d4:0b:8b:2c:
b6:77:ba:18:4b:a3:b8:e4:76:c8:38:36:5f:41:ac:54:d9:50:
05:4d:87:e3:9e:0a:c2:1d:1e:7a:36:d4:87:57:ed:16:f2:21:
0a:2c:0f:9d
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYKIZprAT1JMNgGWjccxJ1h0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwODEwMTUzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzA5ODAwYTIwNGQ1MGMyYmZiOWE4ODc3ZWI2MzA0ZDhiZTk0ZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAln73EVplpvatKSWKaQDT0kDf3W4x
lfsL4GqKbOhS7t8zAj4XaEb7xpOpPeVlLnOR1dECLqVzAcrgNUTB07GSMN5wesxf
432Ry6KLC5/Aoo9/vh4fD1KptKAus6XRXjPgD9L+srlDfKYsIeExeuJC29jhrDe6
xcBD/DYx6WKErL6GGCpBM8E2k7LiloU5w759Y1Q4mXhLQukuyZM2kXH6xuGMbD5Y
cH3CD1EN72zQj/AeVl7QSjGVwKHWWpB8SamDiIw2WVD9YWRuTjY8nUI4CowtSfOc
AvkFfgLGGN5qrAbqIBaC0UE5WmNPaAL92E899S/1UhXGWDzTjBk3oWXytQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFNcJgAogTVDCv7moh362ME2L6U8EMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMXdtQUNpQk5VTUtfdWFpSGZyWXdUWXZwVHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBmwQCAAEwgZQwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAwDAME
AU1akgMEAE1algMEAE1amAMEAE1amgMEAE1anQMEAE1apgMEAE1arQMEAE1avAME
AU1avgMEALnmDAMEANXRggMEANXRhQMEANXRigMEAdXRkDAMAwQA1dGdAwQF1dGA
MBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAYBeAS86f
OgQ+EckLOet7/GbqT5HYkzUZhpR3PN9HMmNPSadpQDUdUOoyFZgekpEyMw03Fu4j
yoaJ+ZzPgfVzDlcpFYPuEoOrO6FQIgKCpnIWqz+PPgqcWiZ8s+wxfdLBSG+HWbQ2
4UGU38qqtgLcOOp+AEyVu1LBXKGolY/asoKqeOlzdUaCrqqHARcCBteRnqEDtomH
BijaHXBkLHjV4VvBrEWRhIMWM4hE/bd/7w7TKtrb/waCMptBbFPv4u1kTqAFtzLP
fRkUFQAaQEPdEMHGDwXUC4sstne6GEujuOR2yDg2X0GsVNlQBU2H454Kwh0eejbU
h1ftFvIhCiwPnQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org