Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/4My75Lq-WIB4gZtRZIstNfjC5ss.roa
File: 4My75Lq-WIB4gZtRZIstNfjC5ss.roa (raw, json)
Hash identifier: osrV9BAekUpUu8d56x2K+1mNTq+ZaRZWBxfmgB4f1i4=
Subject key identifier: E0:CC:BB:E4:BA:BE:58:80:78:81:9B:51:64:8B:2D:35:F8:C2:E6:CB
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0184900FA80FCC5927B8197F8E8420DB11F1
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/4My75Lq-WIB4gZtRZIstNfjC5ss.roa
Signing time: Sat 19 Nov 2022 13:24:15 +0000
ROA not before: Sat 19 Nov 2022 13:24:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:90:0f:a8:0f:cc:59:27:b8:19:7f:8e:84:20:db:11:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 19 13:24:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0ccbbe4babe588078819b51648b2d35f8c2e6cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b4:5c:13:cb:27:95:d4:b4:0f:74:3d:84:43:
74:e8:bb:55:9b:73:ed:99:6b:20:68:03:a8:7f:d6:
d3:fd:5b:95:31:4e:b2:cc:1f:05:5e:32:0a:b4:48:
7a:ee:4b:63:d6:e4:16:13:a9:c3:bf:2a:5f:cb:b4:
3f:e6:35:5a:2d:e9:a7:14:56:ce:ab:b4:a7:c3:9b:
a1:97:d1:19:14:55:af:ed:ea:5f:d3:5f:1d:1e:c7:
19:ce:28:22:c2:8f:68:ac:44:79:ab:b2:ed:9c:25:
18:c9:08:50:21:23:85:3d:3d:1e:55:cc:4c:9d:f6:
03:a1:7b:c9:e0:50:40:24:4c:6c:8e:db:6a:a7:7f:
81:31:ba:13:f1:40:ac:d9:b5:14:fc:fd:4d:61:6c:
cd:64:df:db:cb:77:34:f2:2d:14:db:16:49:e8:37:
a3:11:ed:42:84:e1:f9:62:0f:40:b1:a0:f6:13:ac:
4b:2f:bd:08:ae:ab:e3:db:96:61:a0:1e:dd:e5:ba:
00:bb:72:55:f6:16:83:58:5f:9f:07:e3:8c:f2:ca:
1c:48:90:a8:57:62:b5:bd:7c:9b:5c:e7:16:74:6a:
ec:1e:0d:5b:d2:22:ca:20:7a:3e:7f:a4:da:3b:fe:
0c:22:60:42:56:af:8a:6e:60:ec:e8:22:23:af:44:
e7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CC:BB:E4:BA:BE:58:80:78:81:9B:51:64:8B:2D:35:F8:C2:E6:CB
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/4My75Lq-WIB4gZtRZIstNfjC5ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.139.0-77.90.140.255
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.156.0/24
77.90.178.0/24
77.90.184.0/23
77.90.188.0/24
185.230.14.0/24
213.209.138.0/24
213.209.143.0/24
213.209.149.0/24
213.209.156.0/23
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
5b:e7:12:57:6d:f3:73:12:05:4b:a4:61:f6:43:f7:f7:8b:fd:
b8:85:53:9b:fc:41:bd:a4:de:fc:fa:59:51:86:1f:34:46:f4:
b6:f3:06:04:39:5e:ab:89:7a:f8:1f:a9:a9:23:cd:0e:3b:8a:
80:01:86:a5:ea:b1:a9:ff:70:45:f2:57:fa:35:70:7e:56:0d:
f5:7d:e6:80:d5:62:79:be:d6:5a:9d:a7:2c:c6:0c:fa:4f:58:
f3:3c:ae:f1:72:b0:0a:35:18:e0:54:03:24:1d:e1:3d:f8:be:
76:b0:c4:b1:e6:08:07:e3:b0:b2:8b:c4:ce:d6:a0:d6:b5:22:
b3:3d:d0:10:75:f7:83:57:96:98:40:79:9b:7f:17:99:05:08:
a5:55:a2:01:00:a9:3c:8e:39:e8:67:95:ff:8a:0b:b4:d0:1a:
b6:a6:b6:6f:7b:35:af:8f:e2:8a:a1:10:41:b9:c6:73:18:bf:
b4:cd:87:41:03:5f:b5:15:1d:86:c8:26:57:cd:0a:20:05:5d:
07:e2:45:5b:45:4c:d8:31:9c:fb:fc:71:0e:9e:28:6b:7d:e0:
21:11:f8:42:ac:6e:b7:0f:d3:9c:89:18:f2:47:96:0c:6b:5d:
1b:28:b0:dc:d0:0d:03:a3:a0:c9:d0:53:64:b9:10:52:55:8e:
aa:95:7c:c5
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYSQD6gPzFknuBl/joQg2xHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTE5MTMyNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNjYmJlNGJhYmU1ODgwNzg4MTliNTE2NDhiMmQzNWY4YzJlNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbRcE8snldS0D3Q9hEN06LtVm3Pt
mWsgaAOof9bT/VuVMU6yzB8FXjIKtEh67ktj1uQWE6nDvypfy7Q/5jVaLemnFFbO
q7Snw5uhl9EZFFWv7epf018dHscZzigiwo9orER5q7LtnCUYyQhQISOFPT0eVcxM
nfYDoXvJ4FBAJExsjttqp3+BMboT8UCs2bUU/P1NYWzNZN/by3c08i0U2xZJ6Dej
Ee1ChOH5Yg9AsaD2E6xLL70Irqvj25ZhoB7d5boAu3JV9haDWF+fB+OM8socSJCo
V2K1vXybXOcWdGrsHg1b0iLKIHo+f6TaO/4MImBCVq+KbmDs6CIjr0TnuwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFODMu+S6vliAeIGbUWSLLTX4wubLMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNE15NzVMcS1XSUI0Z1p0UlpJc3ROZmpDNXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBiQQCAAEwgYIwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIMAwDBABNWosDBABNWowwDAMEAU1ajgME
AE1alDAMAwQATVqZAwQATVqaAwQATVqcAwQATVqyAwQBTVq4AwQATVq8AwQAueYO
AwQA1dGKAwQA1dGPAwQA1dGVAwQB1dGcAwQA1dGfMBQEAgACMA4DBQAqBCnCAwUA
KgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAW+cSV23zcxIFS6Rh9kP394v9uIVTm/xB
vaTe/PpZUYYfNEb0tvMGBDleq4l6+B+pqSPNDjuKgAGGpeqxqf9wRfJX+jVwflYN
9X3mgNVieb7WWp2nLMYM+k9Y8zyu8XKwCjUY4FQDJB3hPfi+drDEseYIB+OwsovE
ztag1rUisz3QEHX3g1eWmEB5m38XmQUIpVWiAQCpPI456GeV/4oLtNAatqa2b3s1
r4/iiqEQQbnGcxi/tM2HQQNftRUdhsgmV80KIAVdB+JFW0VM2DGc+/xxDp4oa33g
IRH4Qqxutw/TnIkY8keWDGtdGyiw3NANA6OgydBTZLkQUlWOqpV8xQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org