Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/EPek2Cr1P63oBWTYRiSLDSTtJNg.roa
File: EPek2Cr1P63oBWTYRiSLDSTtJNg.roa (raw, json)
Hash identifier: CnkgzrMtVSums5Tutq4wJcBEc22OcOdinDzXlCMw1X0=
Subject key identifier: 10:F7:A4:D8:2A:F5:3F:AD:E8:05:64:D8:46:24:8B:0D:24:ED:24:D8
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0889177C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/EPek2Cr1P63oBWTYRiSLDSTtJNg.roa
Signing time: Mon 11 Apr 2022 10:41:59 +0000
ROA not before: Mon 11 Apr 2022 10:41:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143202172 (0x889177c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 11 10:41:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10f7a4d82af53fade80564d846248b0d24ed24d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cf:08:24:86:78:0f:bb:c2:fe:a2:cb:22:a8:
aa:b6:bd:1d:8f:4e:04:08:81:f7:a5:a7:f4:69:53:
e9:4e:06:40:aa:f6:ae:ae:c6:b2:1b:91:66:05:8a:
bd:c4:9e:36:b1:d7:66:0c:33:81:d3:96:ee:e9:7a:
34:55:47:e9:9d:08:b1:ae:64:d3:7a:f1:c3:59:89:
ad:98:00:4a:4e:64:f1:8f:24:dd:84:87:c5:bf:83:
14:f4:6b:dd:3b:c9:3e:eb:2c:23:e1:ae:36:59:5a:
6c:9a:67:be:69:ba:3e:8c:93:e8:3f:7a:bb:f7:d0:
33:9a:25:f4:5e:c3:c2:8c:b3:2f:38:c9:e6:e4:22:
4e:12:47:5c:30:29:bc:cb:77:5d:22:b6:94:53:e7:
b1:85:26:c3:25:5d:d2:54:5a:cf:86:ee:27:8b:bd:
e6:9c:ff:8b:19:b6:0f:32:34:ba:0b:75:a5:2a:1a:
33:cd:b2:25:e2:45:dd:55:01:e6:5e:e8:c7:76:14:
48:c5:0f:7f:7e:c9:89:20:34:cb:d9:63:fa:c0:86:
be:8a:60:2f:15:0a:63:df:4a:65:30:b7:d9:18:08:
5d:f3:ef:82:56:32:66:c0:29:d7:5c:6e:ec:3b:a8:
fb:fa:f1:53:a8:49:a0:b6:88:77:ea:3f:7b:13:7c:
42:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:F7:A4:D8:2A:F5:3F:AD:E8:05:64:D8:46:24:8B:0D:24:ED:24:D8
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/EPek2Cr1P63oBWTYRiSLDSTtJNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.150.0/24
77.90.155.0/24
77.90.157.0/24
77.90.180.0/24
77.90.184.0/23
185.230.13.0-185.230.14.255
213.209.129.0-213.209.130.255
213.209.136.0/24
213.209.138.0/24
213.209.146.0/23
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
23:73:89:ad:6c:e5:3c:49:c2:1e:bf:55:7f:7e:bf:fe:db:13:
47:fe:fd:50:8c:c1:27:f7:d7:31:f0:67:e8:59:1c:55:11:9a:
68:a1:d3:32:a2:7c:ba:c7:1c:df:19:cf:28:58:b3:dd:4f:9a:
83:26:26:1d:ae:ef:51:b0:e9:27:97:9e:9e:6b:99:25:f6:7f:
a1:af:c1:21:b5:fa:c1:29:af:f9:ea:d6:e6:96:9f:51:c3:22:
52:22:02:84:fc:24:48:03:1a:43:20:63:2a:62:fe:66:9e:b7:
5b:6c:3f:0b:4a:08:6c:36:73:2b:b9:48:2e:93:b4:a8:bf:68:
ff:9b:26:19:37:46:85:f3:64:6e:1a:79:84:60:a1:0c:41:35:
25:a4:c5:e5:1e:cc:46:74:2e:b3:a7:f2:29:7e:6d:d9:94:c4:
f3:8c:b1:c1:71:e5:45:cf:24:c9:ca:4c:58:24:c8:8f:fd:a6:
25:e0:a7:99:bd:f3:2e:12:03:cd:23:4c:13:b9:e0:8e:ff:18:
1a:76:94:a6:16:df:67:ec:0e:5d:7e:3a:a1:ea:9e:e1:b7:35:
cd:88:b7:5a:8f:cd:6a:df:eb:5d:b2:fc:43:9a:d5:c9:ed:18:
75:6b:59:8a:59:5b:a5:0a:56:6d:f9:ea:64:d8:60:f3:cb:b6:
74:52:75:46
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIECIkXfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQx
MTEwNDE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTBmN2E0ZDgyYWY1
M2ZhZGU4MDU2NGQ4NDYyNDhiMGQyNGVkMjRkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJDPCCSGeA+7wv6iyyKoqra9HY9OBAiB96Wn9GlT6U4GQKr2
rq7GshuRZgWKvcSeNrHXZgwzgdOW7ul6NFVH6Z0Isa5k03rxw1mJrZgASk5k8Y8k
3YSHxb+DFPRr3TvJPussI+GuNllabJpnvmm6PoyT6D96u/fQM5ol9F7DwoyzLzjJ
5uQiThJHXDApvMt3XSK2lFPnsYUmwyVd0lRaz4buJ4u95pz/ixm2DzI0ugt1pSoa
M82yJeJF3VUB5l7ox3YUSMUPf37JiSA0y9lj+sCGvopgLxUKY99KZTC32RgIXfPv
glYyZsAp11xu7Duo+/rxU6hJoLaId+o/exN8QucCAwEAAaOCAqAwggKcMB0GA1Ud
DgQWBBQQ96TYKvU/regFZNhGJIsNJO0k2DAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0VQZWsyQ3IxUDYzb0JXVFlSaVNMRFNUdEpOZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tQYIKwYBBQUHAQcBAf8EgaUwgaIwgYkEAgABMIGCMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqWAwQATVqbAwQATVqd
AwQATVq0AwQBTVq4MAwDBAC55g0DBAC55g4wDAMEANXRgQMEANXRggMEANXRiAME
ANXRigMEAdXRkgMEANXRljAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcN
AQELBQADggEBACNzia1s5TxJwh6/VX9+v/7bE0f+/VCMwSf31zHwZ+hZHFURmmih
0zKifLrHHN8ZzyhYs91PmoMmJh2u71Gw6SeXnp5rmSX2f6GvwSG1+sEpr/nq1uaW
n1HDIlIiAoT8JEgDGkMgYypi/maet1tsPwtKCGw2cyu5SC6TtKi/aP+bJhk3RoXz
ZG4aeYRgoQxBNSWkxeUezEZ0LrOn8il+bdmUxPOMscFx5UXPJMnKTFgkyI/9piXg
p5m98y4SA80jTBO54I7/GBp2lKYW32fsDl1+OqHqnuG3Nc2It1qPzWrf612y/EOa
1cntGHVrWYpZW6UKVm356mTYYPPLtnRSdUY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org