Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8sunIUE0IYA3iQ8YbsKpI5RUA0M.roa
File: 8sunIUE0IYA3iQ8YbsKpI5RUA0M.roa (raw, json)
Hash identifier: rfe6smfZzS3Gvaj20RXEtS1ZWV5lIPxwnQfFFF+kqtE=
Subject key identifier: F2:CB:A7:21:41:34:21:80:37:89:0F:18:6E:C2:A9:23:94:54:03:43
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 07A9557E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8sunIUE0IYA3iQ8YbsKpI5RUA0M.roa
Signing time: Tue 01 Mar 2022 19:50:55 +0000
ROA not before: Tue 01 Mar 2022 19:50:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128537982 (0x7a9557e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 1 19:50:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2cba7214134218037890f186ec2a92394540343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:63:a2:0b:2a:aa:d2:9a:d5:a7:c7:c5:51:d2:
da:6c:04:4d:52:2b:3e:9f:a7:00:93:83:22:7f:1e:
4a:a0:bb:da:81:36:90:22:de:86:8f:b0:90:16:5b:
de:c1:17:69:a2:d0:6f:73:cc:fe:a9:23:7a:e5:bd:
86:22:7b:03:65:51:f8:4b:4f:b0:98:7b:31:d7:e5:
ef:b4:10:8a:28:97:85:7b:dc:d2:2a:73:9c:2e:2c:
84:88:51:50:98:fd:0e:64:d1:43:42:1f:6f:e5:e5:
86:47:f2:60:f6:f3:0a:37:9b:0b:8a:24:72:20:da:
30:74:6f:ab:1e:04:cd:d8:8d:07:68:c8:1f:64:af:
5f:0a:db:a3:ea:db:1c:a7:a2:60:5e:50:e3:60:a8:
1e:53:a8:84:3d:04:1d:a8:5e:ed:c4:0d:04:f5:b1:
84:63:ae:cf:0c:c1:e2:be:cd:f6:f0:99:5c:c8:ea:
ca:24:6a:14:9e:8c:75:0f:f1:aa:73:07:67:3e:e1:
dd:7a:4a:c8:30:55:00:e3:67:e6:ed:35:07:4f:ab:
6e:0f:3a:8e:66:1d:47:a2:0d:92:7e:35:df:d8:c4:
54:24:e6:b6:73:30:dc:25:40:17:8c:77:3a:ac:17:
95:4b:9c:65:55:8f:52:7d:6b:7a:c8:31:24:ed:80:
3a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CB:A7:21:41:34:21:80:37:89:0F:18:6E:C2:A9:23:94:54:03:43
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8sunIUE0IYA3iQ8YbsKpI5RUA0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.184.0/24
213.209.129.0-213.209.130.255
213.209.136.0/24
213.209.138.0/24
213.209.146.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
6c:c3:ee:6c:3c:db:1a:44:65:93:9d:77:8e:cf:1b:1d:92:2a:
38:82:09:64:df:c4:74:50:31:04:8c:0c:4e:fa:3c:2d:43:61:
53:ad:97:f9:19:85:7d:1e:6a:8f:f2:c5:88:ce:99:95:c0:88:
ec:01:48:f9:04:01:cd:01:ca:18:2b:2c:c3:71:62:c3:2f:e8:
a0:5e:68:78:44:84:a3:4c:fa:e7:ff:85:90:37:6a:07:c4:0f:
70:e1:fe:d8:3d:91:40:6c:8b:a9:92:aa:df:12:80:9b:cb:a4:
88:70:1a:f9:31:19:b1:47:83:70:2c:73:f1:cd:0a:b9:29:3e:
11:53:cf:9e:5a:18:42:47:0f:0a:a4:c8:01:b5:2c:fb:de:c1:
e0:71:5a:cc:e7:30:66:f1:5f:2d:69:46:d9:ee:24:ac:98:0d:
fe:39:7f:36:93:ca:7a:c8:50:3e:84:96:4c:d3:e5:6f:2d:b1:
f5:3e:97:68:db:38:33:4e:65:ef:8d:7a:fa:d0:64:72:1f:3d:
37:42:19:fe:6d:60:73:be:61:76:5e:f9:36:9a:23:4b:0b:4c:
57:05:19:ec:f3:78:6b:7e:99:a8:e2:d1:6c:e7:98:b4:3f:ba:
16:db:18:9a:96:48:d1:ec:d9:dc:ad:7b:05:b4:a8:f6:b4:e5:
2a:32:26:ba
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIEB6lVfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMw
MTE5NTA1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjJjYmE3MjE0MTM0
MjE4MDM3ODkwZjE4NmVjMmE5MjM5NDU0MDM0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNjogsqqtKa1afHxVHS2mwETVIrPp+nAJODIn8eSqC72oE2
kCLeho+wkBZb3sEXaaLQb3PM/qkjeuW9hiJ7A2VR+EtPsJh7Mdfl77QQiiiXhXvc
0ipznC4shIhRUJj9DmTRQ0Ifb+XlhkfyYPbzCjebC4okciDaMHRvqx4EzdiNB2jI
H2SvXwrbo+rbHKeiYF5Q42CoHlOohD0EHahe7cQNBPWxhGOuzwzB4r7N9vCZXMjq
yiRqFJ6MdQ/xqnMHZz7h3XpKyDBVAONn5u01B0+rbg86jmYdR6INkn4139jEVCTm
tnMw3CVAF4x3OqwXlUucZVWPUn1resgxJO2AOrUCAwEAAaOCAoAwggJ8MB0GA1Ud
DgQWBBTyy6chQTQhgDeJDxhuwqkjlFQDQzAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
LzhzdW5JVUUwSVlBM2lROFlic0twSTVSVUEwTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lQYIKwYBBQUHAQcBAf8EgYUwgYIwagQCAAEwZDAMAwQHTVqAAwQATVqCMAwDBAJN
WoQDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqSAwQATVqUAwQATVq4
MAwDBADV0YEDBADV0YIDBADV0YgDBADV0YoDBADV0ZIwFAQCAAIwDgMFACoEKcID
BQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQBsw+5sPNsaRGWTnXeOzxsdkio4gglk
38R0UDEEjAxO+jwtQ2FTrZf5GYV9HmqP8sWIzpmVwIjsAUj5BAHNAcoYKyzDcWLD
L+igXmh4RISjTPrn/4WQN2oHxA9w4f7YPZFAbIupkqrfEoCby6SIcBr5MRmxR4Nw
LHPxzQq5KT4RU8+eWhhCRw8KpMgBtSz73sHgcVrM5zBm8V8taUbZ7iSsmA3+OX82
k8p6yFA+hJZM0+VvLbH1Ppdo2zgzTmXvjXr60GRyHz03Qhn+bWBzvmF2Xvk2miNL
C0xXBRns83hrfpmo4tFs55i0P7oW2xialkjR7NncrXsFtKj2tOUqMia6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org