Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/4U0zUpK4YxzsXYZ6KOKTsNuN10U.roa
File: 4U0zUpK4YxzsXYZ6KOKTsNuN10U.roa (raw, json)
Hash identifier: C2pNybwFj++nX9VQahBngBdv+Hq/XYG6EVJH9q2nhRw=
Subject key identifier: E1:4D:33:52:92:B8:63:1C:EC:5D:86:7A:28:E2:93:B0:DB:8D:D7:45
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0949B53F
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/4U0zUpK4YxzsXYZ6KOKTsNuN10U.roa
Signing time: Mon 23 May 2022 10:26:29 +0000
ROA not before: Mon 23 May 2022 10:26:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155825471 (0x949b53f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 23 10:26:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e14d335292b8631cec5d867a28e293b0db8dd745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6b:cd:a6:7c:fb:a5:ae:64:c7:02:ab:b3:4e:
d9:7d:a8:8e:5a:5d:49:70:72:4f:f7:ed:ab:92:07:
06:38:29:44:b2:f1:3e:02:9a:1c:ef:ae:e8:81:2a:
f6:5c:ca:8f:fe:fb:9a:75:fa:77:1e:ab:0b:dd:0a:
6f:1a:02:6a:be:c5:48:58:51:d6:3f:9a:3e:01:f5:
38:0d:13:c9:b6:b1:7a:8d:0b:74:e3:39:c1:2e:20:
1f:73:96:40:21:74:14:af:e6:da:49:9c:68:e9:bf:
12:f9:f7:dd:ef:7c:d5:40:0e:65:94:ff:00:6a:70:
dd:54:55:4e:a0:da:eb:30:97:2d:a1:b6:b9:31:0f:
8d:3a:c8:f7:8e:d4:81:dd:86:a2:1d:7f:9a:4d:15:
c8:c6:b6:dd:0f:06:70:c8:73:87:77:53:5f:7a:69:
05:2d:24:ea:fe:4e:60:f3:e6:72:33:6d:35:f5:63:
e9:45:cf:aa:6d:d9:45:56:13:f6:ff:f0:be:82:81:
97:5a:64:7b:63:94:6b:2a:2d:7d:1a:bc:e9:a8:cf:
14:f3:e6:57:2a:d5:fc:dd:7c:92:22:7f:77:05:e1:
d4:d6:2e:94:52:2e:03:bb:a8:6f:c4:ca:93:2d:e2:
ea:1a:27:7a:b9:ee:43:b1:06:ae:c3:56:f4:17:96:
2b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:4D:33:52:92:B8:63:1C:EC:5D:86:7A:28:E2:93:B0:DB:8D:D7:45
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/4U0zUpK4YxzsXYZ6KOKTsNuN10U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.150.0/24
77.90.152.0/24
77.90.157.0/24
77.90.164.0/24
77.90.178.0/24
77.90.180.0/23
77.90.191.0/24
185.230.13.0/24
213.209.130.0/24
213.209.133.0-213.209.134.255
213.209.136.0/24
213.209.138.0/24
213.209.144.0/24
213.209.150.0/24
213.209.156.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
1c:f0:b2:de:e3:7a:b7:ba:20:35:09:71:f6:4a:42:75:3e:b3:
6b:a7:e0:94:4f:2a:fa:af:4a:62:8c:50:c5:f4:35:c8:ca:d7:
14:34:ed:91:25:09:1e:77:25:f7:5b:6a:10:4b:00:86:75:a6:
e6:68:fd:88:48:0e:3e:0b:37:17:70:f0:c3:c2:38:bd:97:d2:
e5:ee:c2:b8:02:ec:0f:d8:ac:3b:57:28:5b:d1:75:d7:07:02:
ea:29:dc:e5:3c:93:ec:d5:a3:d4:c4:03:07:bb:70:ad:bf:76:
dc:98:1f:69:07:e0:39:67:20:dc:ae:40:af:d3:37:92:09:d1:
79:d8:b3:0f:51:e4:a8:df:e7:7a:8b:5a:be:0a:73:f2:cb:2a:
77:64:72:44:d3:7f:a4:5b:6d:01:d3:a7:fd:e4:80:e0:b8:72:
c4:fa:82:10:9f:a8:ca:82:c9:0b:7a:99:9c:dd:cf:46:c9:ff:
ee:41:93:60:d5:52:ac:a4:e7:91:33:cd:96:66:7b:78:de:a7:
05:a1:ad:a0:1d:7b:39:1a:d0:53:c3:c1:3c:51:78:28:76:b5:
44:49:f3:a8:e6:0e:9a:27:a9:97:80:4c:15:90:ea:f3:f4:1a:
a0:af:49:50:59:fe:a4:ba:94:f3:9e:16:ae:20:ea:e1:50:4b:
79:b2:ee:2a
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIECUm1PzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUy
MzEwMjYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE0ZDMzNTI5MmI4
NjMxY2VjNWQ4NjdhMjhlMjkzYjBkYjhkZDc0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALprzaZ8+6WuZMcCq7NO2X2ojlpdSXByT/ftq5IHBjgpRLLx
PgKaHO+u6IEq9lzKj/77mnX6dx6rC90KbxoCar7FSFhR1j+aPgH1OA0Tybaxeo0L
dOM5wS4gH3OWQCF0FK/m2kmcaOm/Evn33e981UAOZZT/AGpw3VRVTqDa6zCXLaG2
uTEPjTrI947Ugd2Goh1/mk0VyMa23Q8GcMhzh3dTX3ppBS0k6v5OYPPmcjNtNfVj
6UXPqm3ZRVYT9v/wvoKBl1pke2OUayotfRq86ajPFPPmVyrV/N18kiJ/dwXh1NYu
lFIuA7uob8TKky3i6honernuQ7EGrsNW9BeWK9cCAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBThTTNSkrhjHOxdhnoo4pOw243XRTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
LzRVMHpVcEs0WXh6c1hZWjZLT0tUc051TjEwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xQYIKwYBBQUHAQcBAf8EgbUwgbIwgZkEAgABMIGSMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqWAwQATVqYAwQATVqd
AwQATVqkAwQATVqyAwQBTVq0AwQATVq/AwQAueYNAwQA1dGCMAwDBADV0YUDBADV
0YYDBADV0YgDBADV0YoDBADV0ZADBADV0ZYDBADV0ZwwFAQCAAIwDgMFACoEKcID
BQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQAc8LLe43q3uiA1CXH2SkJ1PrNrp+CU
Tyr6r0pijFDF9DXIytcUNO2RJQkedyX3W2oQSwCGdabmaP2ISA4+CzcXcPDDwji9
l9Ll7sK4AuwP2Kw7Vyhb0XXXBwLqKdzlPJPs1aPUxAMHu3Ctv3bcmB9pB+A5ZyDc
rkCv0zeSCdF52LMPUeSo3+d6i1q+CnPyyyp3ZHJE03+kW20B06f95IDguHLE+oIQ
n6jKgskLepmc3c9Gyf/uQZNg1VKspOeRM82WZnt43qcFoa2gHXs5GtBTw8E8UXgo
drVESfOo5g6aJ6mXgEwVkOrz9Bqgr0lQWf6kupTznhauIOrhUEt5su4q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org