Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/AMFZd53cXOgD5VCk80h5ecDgJUw.roa
File: AMFZd53cXOgD5VCk80h5ecDgJUw.roa (raw, json)
Hash identifier: IkRQjDmPqshri13grJFJJ9TeIr/8fypXBGNx+cZBlGg=
Subject key identifier: 00:C1:59:77:9D:DC:5C:E8:03:E5:50:A4:F3:48:79:79:C0:E0:25:4C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0181E472E37F44BCCF3A081337BEF139875E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/AMFZd53cXOgD5VCk80h5ecDgJUw.roa
Signing time: Sat 09 Jul 2022 19:32:23 +0000
ROA not before: Sat 09 Jul 2022 19:32:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e4:72:e3:7f:44:bc:cf:3a:08:13:37:be:f1:39:87:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 9 19:32:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00c159779ddc5ce803e550a4f3487979c0e0254c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cf:3e:0e:36:b2:fc:67:d1:d4:23:4d:37:45:
21:c7:94:1e:29:2e:3f:56:82:5c:11:f5:49:58:09:
83:73:8d:63:8d:03:6e:06:8e:ae:f5:c5:a8:90:df:
e6:32:86:17:85:5c:2a:ed:41:d8:54:92:47:ac:e6:
09:43:39:76:cc:46:ba:c7:f3:de:e2:04:80:a4:b0:
55:f4:4b:33:0c:a5:c9:60:5f:c1:50:cd:ff:57:9b:
d5:36:65:c5:7e:3c:1d:44:bd:27:9a:81:2e:3e:e9:
34:19:4f:aa:f7:d9:26:69:17:0f:fc:76:63:15:95:
1b:bf:2d:af:b7:5f:3b:da:6f:e1:14:34:f0:00:ef:
2a:0c:e9:6f:7d:df:8e:15:f1:76:dd:25:d6:2b:7a:
3b:e2:fa:eb:e1:c6:ab:38:18:ea:c0:40:30:a3:0c:
4a:78:7f:9a:d2:f2:10:4e:28:69:f1:96:16:0e:db:
fe:53:b9:df:0b:e8:84:da:d2:01:2d:4a:79:23:62:
a9:da:5e:a4:88:a8:c1:23:b7:48:d6:1b:b4:d4:dc:
08:82:d5:06:ef:51:f7:ee:11:4b:b7:bd:74:50:5d:
a5:10:e2:34:35:53:35:54:18:d8:89:7a:ae:01:a0:
25:03:59:a5:56:7f:8b:32:db:ce:cd:0b:1d:3b:b9:
44:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C1:59:77:9D:DC:5C:E8:03:E5:50:A4:F3:48:79:79:C0:E0:25:4C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/AMFZd53cXOgD5VCk80h5ecDgJUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.140.255
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.157.0/24
77.90.179.0/24
77.90.181.0/24
77.90.191.0/24
213.209.130.0/24
213.209.133.0-213.209.134.255
213.209.138.0/24
213.209.147.0/24
213.209.149.0/24
213.209.151.0/24
213.209.158.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
4b:2e:7a:0e:85:1c:59:7a:c4:a5:68:63:98:62:b9:5e:b1:9a:
36:9b:49:f9:0d:ed:73:5e:b0:25:89:1e:9a:fd:a5:65:bc:49:
4c:f3:1d:ec:dd:3f:a1:d6:1f:ad:43:6a:1f:db:da:f7:b4:bf:
0b:0e:db:19:9d:7d:bf:2b:ee:11:2f:5e:13:c2:96:11:ec:65:
a1:59:77:95:de:ca:fd:c0:b8:6e:22:0f:a9:46:72:75:a8:f2:
c8:9e:23:c4:e1:3d:b9:6c:8e:c6:9b:e6:c5:bf:f1:ec:ed:07:
1c:7e:4d:1a:2d:37:eb:f6:14:1f:f8:66:e5:d9:6b:39:56:ef:
b7:65:30:cc:c1:1f:7f:63:2f:8f:05:3c:b9:b1:85:9e:4b:ce:
5f:2a:97:cd:23:27:d8:7b:d8:8a:4b:1b:5f:6b:05:7a:12:0f:
c1:ea:2f:fe:bf:af:e4:63:8e:99:dd:47:ff:4a:0e:48:5a:2a:
81:1c:db:43:c0:47:4d:5a:96:b1:25:78:cb:90:e9:d9:f1:9d:
8e:85:a0:99:9d:35:23:57:e7:f0:46:2e:97:9e:4c:7f:68:29:
60:e2:b4:11:d2:4d:ca:56:70:4d:e1:f0:80:aa:ce:fc:9b:82:
f2:27:25:68:3a:54:7c:bb:71:2f:56:f9:95:a1:a4:35:76:3f:
a3:2d:b3:60
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYHkcuN/RLzPOggTN77xOYdeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzA5MTkzMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGMxNTk3NzlkZGM1Y2U4MDNlNTUwYTRmMzQ4Nzk3OWMwZTAyNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps8+Djay/GfR1CNNN0Uhx5QeKS4/
VoJcEfVJWAmDc41jjQNuBo6u9cWokN/mMoYXhVwq7UHYVJJHrOYJQzl2zEa6x/Pe
4gSApLBV9EszDKXJYF/BUM3/V5vVNmXFfjwdRL0nmoEuPuk0GU+q99kmaRcP/HZj
FZUbvy2vt1872m/hFDTwAO8qDOlvfd+OFfF23SXWK3o74vrr4carOBjqwEAwowxK
eH+a0vIQTihp8ZYWDtv+U7nfC+iE2tIBLUp5I2Kp2l6kiKjBI7dI1hu01NwIgtUG
71H37hFLt710UF2lEOI0NVM1VBjYiXquAaAlA1mlVn+LMtvOzQsdO7lENwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFADBWXed3FzoA+VQpPNIeXnA4CVMMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvQU1GWmQ1M2NYT2dENVZDazgwaDVlY0RnSlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBiQQCAAEwgYIwDAME
B01agAMEAE1agjAMAwQCTVqEAwQATVqMMAwDBAFNWo4DBABNWpQwDAMEAE1amQME
AE1amgMEAE1anQMEAE1aswMEAE1atQMEAE1avwMEANXRgjAMAwQA1dGFAwQA1dGG
AwQA1dGKAwQA1dGTAwQA1dGVAwQA1dGXAwQA1dGeMBQEAgACMA4DBQAqBCnCAwUA
KgQpxzANBgkqhkiG9w0BAQsFAAOCAQEASy56DoUcWXrEpWhjmGK5XrGaNptJ+Q3t
c16wJYkemv2lZbxJTPMd7N0/odYfrUNqH9va97S/Cw7bGZ19vyvuES9eE8KWEexl
oVl3ld7K/cC4biIPqUZydajyyJ4jxOE9uWyOxpvmxb/x7O0HHH5NGi036/YUH/hm
5dlrOVbvt2UwzMEff2MvjwU8ubGFnkvOXyqXzSMn2HvYiksbX2sFehIPweov/r+v
5GOOmd1H/0oOSFoqgRzbQ8BHTVqWsSV4y5Dp2fGdjoWgmZ01I1fn8EYul55Mf2gp
YOK0EdJNylZwTeHwgKrO/JuC8iclaDpUfLtxL1b5laGkNXY/oy2zYA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org