Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/75SfnWWzNmhqrPRvGYYVrUOdahk.roa
File: 75SfnWWzNmhqrPRvGYYVrUOdahk.roa (raw, json)
Hash identifier: uX/UUpH2l/H2MOxX8UoWj+TUgVX4ItvuxAxkXzL1cbM=
Subject key identifier: EF:94:9F:9D:65:B3:36:68:6A:AC:F4:6F:19:86:15:AD:43:9D:6A:19
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09C76750
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/75SfnWWzNmhqrPRvGYYVrUOdahk.roa
Signing time: Wed 22 Jun 2022 09:05:44 +0000
ROA not before: Wed 22 Jun 2022 09:05:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164063056 (0x9c76750)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 22 09:05:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef949f9d65b336686aacf46f198615ad439d6a19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ce:47:fc:89:29:42:4b:8d:e9:a4:77:ff:5c:
12:0a:cd:2a:87:45:08:4f:8b:be:9c:ea:1d:90:28:
4b:7b:b9:bc:0c:cb:80:a6:f5:b0:b8:e3:93:55:27:
c2:ec:b9:1a:92:d7:b9:44:0a:d7:a5:0c:b9:d6:07:
b6:cd:92:e3:a7:bd:58:33:5f:ab:34:39:aa:8b:bd:
88:bc:3d:fc:9e:ae:d6:6d:09:59:c8:9a:63:ef:d3:
f4:97:31:b8:eb:e8:da:71:b2:c2:a8:25:85:99:12:
f2:81:56:e5:e3:b7:d7:90:a4:96:da:88:b8:d7:c3:
29:d5:97:93:5a:8f:a6:63:b8:d4:59:a5:b2:4a:94:
36:a2:e7:0d:39:0b:c4:41:76:c6:6b:2c:b7:a4:8d:
b0:a8:35:ab:d6:18:9e:ff:fb:e6:dc:96:1a:79:36:
3c:43:a5:99:f1:02:1c:a5:0f:fe:8b:ec:f7:09:cb:
ff:dd:ea:9f:69:17:25:20:fa:44:28:b5:1c:78:a9:
95:70:57:c1:14:58:30:8a:a6:45:84:fa:4f:d9:f3:
0b:b1:da:6e:77:46:3f:5d:25:0b:02:63:b8:f2:0e:
2c:c0:46:aa:0b:b9:6f:5f:74:fa:c6:03:bf:5e:b5:
9b:d0:92:68:78:df:71:5a:2f:a0:68:b3:7b:34:46:
01:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:94:9F:9D:65:B3:36:68:6A:AC:F4:6F:19:86:15:AD:43:9D:6A:19
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/75SfnWWzNmhqrPRvGYYVrUOdahk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.149.255
77.90.153.0-77.90.154.255
77.90.164.0/24
77.90.179.0/24
77.90.181.0/24
77.90.188.0/24
77.90.191.0/24
213.209.130.0/24
213.209.138.0/24
213.209.143.0/24
213.209.145.0/24
213.209.147.0/24
213.209.158.0/23
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
6f:81:42:dc:a4:f1:2b:a5:e4:51:ae:3d:e5:9f:e7:fe:f6:9e:
ae:19:c8:36:64:0a:65:2a:f9:4c:39:83:46:57:8e:44:7b:e2:
37:5a:58:3f:68:05:61:06:ce:33:f8:a1:c1:7f:f6:75:97:a1:
a7:70:d1:59:b8:5e:1f:84:76:e2:bb:9c:24:80:ba:30:00:76:
c9:e2:2c:0c:05:a9:4d:64:8f:05:7f:a9:d7:dd:3c:da:fc:ee:
12:9b:04:95:07:2c:9a:f7:91:7e:36:31:9f:27:9b:be:6f:87:
32:e4:3f:c9:4f:90:06:34:3f:48:eb:f6:0c:bf:9c:09:e2:ee:
e7:fe:80:d9:a5:6a:8e:61:99:35:e7:54:3f:c6:83:e2:68:81:
10:1e:5e:ff:cc:a2:43:44:5b:a9:ef:bc:a5:f3:85:89:67:16:
a6:61:c2:1b:df:d6:1f:2c:f2:d1:a7:93:ac:bd:01:56:30:5b:
af:b5:22:a1:05:d9:22:48:0d:ca:bb:f5:2c:4c:de:90:63:67:
fe:d6:9b:5d:95:3d:0c:21:91:91:9f:10:e6:42:1a:04:57:04:
59:43:eb:e8:1f:bf:fe:5a:a5:ab:41:f9:5e:88:f7:11:77:a5:
6d:af:ec:bd:39:61:9e:84:89:0e:05:58:41:23:7c:0a:60:8f:
ab:28:46:57
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIECcdnUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
MjA5MDU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWY5NDlmOWQ2NWIz
MzY2ODZhYWNmNDZmMTk4NjE1YWQ0MzlkNmExOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHOR/yJKUJLjemkd/9cEgrNKodFCE+LvpzqHZAoS3u5vAzL
gKb1sLjjk1Unwuy5GpLXuUQK16UMudYHts2S46e9WDNfqzQ5qou9iLw9/J6u1m0J
WciaY+/T9JcxuOvo2nGywqglhZkS8oFW5eO315CkltqIuNfDKdWXk1qPpmO41Fml
skqUNqLnDTkLxEF2xmsst6SNsKg1q9YYnv/75tyWGnk2PEOlmfECHKUP/ovs9wnL
/93qn2kXJSD6RCi1HHiplXBXwRRYMIqmRYT6T9nzC7HabndGP10lCwJjuPIOLMBG
qgu5b190+sYDv161m9CSaHjfcVovoGizezRGAQ0CAwEAAaOCAqwwggKoMB0GA1Ud
DgQWBBTvlJ+dZbM2aGqs9G8ZhhWtQ51qGTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
Lzc1U2ZuV1d6Tm1ocXJQUnZHWVlWclVPZGFoay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wQYIKwYBBQUHAQcBAf8EgbEwga4wgZUEAgABMIGOMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpIDBAFNWpQwDAME
AE1amQMEAE1amgMEAE1apAMEAE1aswMEAE1atQMEAE1avAMEAE1avwMEANXRggME
ANXRigMEANXRjwMEANXRkQMEANXRkwMEAdXRnjAUBAIAAjAOAwUAKgQpwgMFACoE
KccwDQYJKoZIhvcNAQELBQADggEBAG+BQtyk8Sul5FGuPeWf5/72nq4ZyDZkCmUq
+Uw5g0ZXjkR74jdaWD9oBWEGzjP4ocF/9nWXoadw0Vm4Xh+EduK7nCSAujAAdsni
LAwFqU1kjwV/qdfdPNr87hKbBJUHLJr3kX42MZ8nm75vhzLkP8lPkAY0P0jr9gy/
nAni7uf+gNmlao5hmTXnVD/Gg+JogRAeXv/MokNEW6nvvKXzhYlnFqZhwhvf1h8s
8tGnk6y9AVYwW6+1IqEF2SJIDcq79SxM3pBjZ/7Wm12VPQwhkZGfEOZCGgRXBFlD
6+gfv/5apatB+V6I9xF3pW2v7L05YZ6EiQ4FWEEjfApgj6soRlc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org