Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3-niLB728dxnTu4TfKvbqGVzing.roa
File: 3-niLB728dxnTu4TfKvbqGVzing.roa (raw, json)
Hash identifier: xzjoB4i0MhuFg6h1dCBkI77/fDui9TQuvHHvthOT7us=
Subject key identifier: DF:E9:E2:2C:1E:F6:F1:DC:67:4E:EE:13:7C:AB:DB:A8:65:73:8A:78
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018508A5B252F03A98CCC4BA63E0063F2A7B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3-niLB728dxnTu4TfKvbqGVzing.roa
Signing time: Mon 12 Dec 2022 23:22:34 +0000
ROA not before: Mon 12 Dec 2022 23:22:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:08:a5:b2:52:f0:3a:98:cc:c4:ba:63:e0:06:3f:2a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Dec 12 23:22:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfe9e22c1ef6f1dc674eee137cabdba865738a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:70:04:7d:48:5f:9f:32:25:06:e9:37:31:b7:
77:1c:9d:2a:9f:8c:bd:a9:50:b4:05:ca:ad:e8:d6:
00:20:63:a7:89:60:ad:5d:1f:c6:60:96:5d:d7:6c:
77:ab:fd:c1:9c:5a:2c:09:7c:bf:52:7c:3b:cd:01:
33:3f:fb:9c:e1:3d:2b:0d:1d:7a:4d:5e:c0:2e:90:
c4:c6:06:ef:cf:a3:c8:e8:37:8f:6f:3a:5b:e9:16:
60:cb:30:4e:62:30:09:07:3c:7e:17:da:b3:34:fe:
a4:5f:52:f7:14:cc:ad:27:e4:2e:df:78:67:b9:dd:
b0:2c:3c:5a:26:ab:90:f3:36:7b:b5:cb:fd:67:af:
7e:01:e3:04:9d:fc:22:1f:21:9a:47:77:0f:46:07:
34:37:22:82:25:be:eb:80:13:09:06:91:07:11:3c:
59:41:1b:94:b8:a8:98:c7:10:04:9b:42:85:db:48:
6d:05:c7:5c:f3:77:88:b0:08:bf:c5:39:5a:cc:60:
89:c4:67:50:f9:46:0f:df:e4:a6:c0:cd:26:02:0e:
c3:34:2c:00:6c:8b:0e:7a:c7:67:87:ae:59:df:d7:
12:3c:44:be:79:0a:c0:e2:58:91:8c:a4:ff:90:93:
75:22:8d:8b:ac:a1:97:de:7a:ef:56:6d:3b:f1:ea:
f7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E9:E2:2C:1E:F6:F1:DC:67:4E:EE:13:7C:AB:DB:A8:65:73:8A:78
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3-niLB728dxnTu4TfKvbqGVzing.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.156.0/24
77.90.184.0/23
77.90.188.0/24
185.230.14.0/24
213.209.136.0/24
213.209.138.0/24
213.209.143.0/24
213.209.146.0/24
213.209.150.0/23
213.209.156.0/23
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
77:c6:fc:c7:d1:da:87:7d:da:39:7c:d5:6c:4e:68:f4:1a:2c:
e8:a7:56:d3:5d:6f:26:0a:08:0e:d8:eb:bd:4e:f9:5d:67:57:
a6:3d:2c:21:ee:f7:61:14:fd:ee:6c:0f:bb:70:98:67:a8:a2:
db:8c:d2:0a:19:85:af:ad:78:47:9e:39:f3:b3:cf:9c:94:72:
2f:96:e2:13:b4:a9:0d:72:96:0c:16:2b:1e:22:1e:99:75:0e:
2f:19:25:be:54:32:60:38:0c:e9:f3:90:9a:e9:4f:81:b7:f2:
c6:71:dd:7c:20:31:d2:ef:ac:52:0b:2d:3c:0a:5c:75:c7:3c:
7e:e8:36:45:6c:15:c7:7d:0f:62:b6:17:a7:39:0d:85:23:c5:
d3:a5:ce:9b:9b:2c:8d:18:ab:b5:89:93:71:5f:0c:f6:30:fd:
c3:47:29:ce:56:40:db:a5:97:09:b6:cc:69:fe:17:36:92:d9:
42:88:e8:62:b4:93:8e:32:16:5f:bc:e1:18:56:09:9f:02:1f:
62:a8:6c:74:93:f9:a2:d7:16:cd:04:bf:f8:c1:6f:01:40:d0:
a0:f1:25:2e:a8:94:d9:ef:81:88:53:68:33:89:a9:4e:b7:c1:
c4:5a:fc:54:68:48:6c:a8:21:55:34:13:32:eb:39:aa:61:9e:
74:c5:38:da
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYUIpbJS8DqYzMS6Y+AGPyp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMjEyMjMyMjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmU5ZTIyYzFlZjZmMWRjNjc0ZWVlMTM3Y2FiZGJhODY1NzM4YTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3AEfUhfnzIlBuk3Mbd3HJ0qn4y9
qVC0Bcqt6NYAIGOniWCtXR/GYJZd12x3q/3BnFosCXy/Unw7zQEzP/uc4T0rDR16
TV7ALpDExgbvz6PI6DePbzpb6RZgyzBOYjAJBzx+F9qzNP6kX1L3FMytJ+Qu33hn
ud2wLDxaJquQ8zZ7tcv9Z69+AeMEnfwiHyGaR3cPRgc0NyKCJb7rgBMJBpEHETxZ
QRuUuKiYxxAEm0KF20htBcdc83eIsAi/xTlazGCJxGdQ+UYP3+SmwM0mAg7DNCwA
bIsOesdnh65Z39cSPES+eQrA4liRjKT/kJN1Io2LrKGX3nrvVm078er3gQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFN/p4iwe9vHcZ07uE3yr26hlc4p4MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMy1uaUxCNzI4ZHhuVHU0VGZLdmJxR1Z6aW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBhwQCAAEwgYAwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAwDAME
AU1akgMEAE1alAMEAE1amQMEAE1anAMEAU1auAMEAE1avAMEALnmDgMEANXRiAME
ANXRigMEANXRjwMEANXRkgMEAdXRlgMEAdXRnDAUBAIAAjAOAwUAKgQpwgMFACoE
KccwDQYJKoZIhvcNAQELBQADggEBAHfG/MfR2od92jl81WxOaPQaLOinVtNdbyYK
CA7Y671O+V1nV6Y9LCHu92EU/e5sD7twmGeootuM0goZha+teEeeOfOzz5yUci+W
4hO0qQ1ylgwWKx4iHpl1Di8ZJb5UMmA4DOnzkJrpT4G38sZx3XwgMdLvrFILLTwK
XHXHPH7oNkVsFcd9D2K2F6c5DYUjxdOlzpubLI0Yq7WJk3FfDPYw/cNHKc5WQNul
lwm2zGn+FzaS2UKI6GK0k44yFl+84RhWCZ8CH2KobHST+aLXFs0Ev/jBbwFA0KDx
JS6olNnvgYhTaDOJqU63wcRa/FRoSGyoIVU0EzLrOaphnnTFONo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org