Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IfAdMqo20m438ViPUHnnXtzgVQE.roa
File: IfAdMqo20m438ViPUHnnXtzgVQE.roa (raw, json)
Hash identifier: T4x+J8n0KTuveg7GSuEVZC8Hp5zACDB2mAP+6iMCEt0=
Subject key identifier: 21:F0:1D:32:AA:36:D2:6E:37:F1:58:8F:50:79:E7:5E:DC:E0:55:01
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01826D87F646C1B98D1F4676E863E60F1D69
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IfAdMqo20m438ViPUHnnXtzgVQE.roa
Signing time: Fri 05 Aug 2022 10:23:23 +0000
ROA not before: Fri 05 Aug 2022 10:23:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.190.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.166.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6d:87:f6:46:c1:b9:8d:1f:46:76:e8:63:e6:0f:1d:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 5 10:23:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21f01d32aa36d26e37f1588f5079e75edce05501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:68:21:ff:ba:fe:53:66:5d:b2:4f:4f:86:55:
6d:8b:ea:00:17:6f:d6:52:78:cb:2e:34:b7:c4:d8:
22:8b:ac:a0:e6:ea:50:67:b4:09:2c:8e:5a:3d:0b:
f7:98:6f:ac:0d:2a:a1:5a:4c:8f:06:c0:45:a3:20:
39:7a:e2:b5:7e:3d:7f:6e:b2:be:5a:72:d3:e3:40:
37:45:ce:4d:fb:2d:28:c7:12:7d:e2:f1:0d:24:b8:
92:3b:eb:74:c5:c7:10:3f:7d:a7:8f:63:69:d7:33:
fb:25:41:22:0a:80:18:a5:87:1b:d2:52:27:cb:5f:
fc:b5:dc:e5:26:17:f0:bb:d4:b4:c1:0a:d6:57:d8:
ff:c0:26:87:3b:e5:b0:c4:48:11:f9:d3:05:ff:b5:
91:81:7d:cb:5b:b0:3e:cb:d6:7b:c9:32:03:aa:39:
d2:e2:c1:9b:a6:1f:c8:57:ea:24:b6:ef:c0:79:bc:
ff:be:79:8e:46:4c:50:ab:14:76:47:b8:dc:e3:51:
d7:ba:f2:c5:e1:8f:77:8c:31:ec:da:25:ad:ae:bd:
95:3e:31:32:a1:61:22:77:30:be:26:4a:85:b5:60:
32:79:04:f0:48:32:dc:64:6a:4b:b5:7e:0e:5c:b5:
46:fd:32:5b:66:0c:3d:94:d9:89:45:41:b9:0d:86:
6e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F0:1D:32:AA:36:D2:6E:37:F1:58:8F:50:79:E7:5E:DC:E0:55:01
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IfAdMqo20m438ViPUHnnXtzgVQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.149.255
77.90.152.0/24
77.90.154.0/24
77.90.157.0/24
77.90.164.0/24
77.90.166.0/24
77.90.173.0/24
77.90.188.0/24
77.90.190.0/23
185.230.12.0/24
213.209.130.0/24
213.209.133.0/24
213.209.138.0/24
213.209.144.0/23
213.209.157.0-213.209.158.255
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
17:69:3d:88:fe:e5:64:be:ab:c7:1e:c2:5c:c5:9f:0d:fe:77:
d5:eb:5b:8b:98:49:45:a1:34:5e:93:74:a4:e6:52:74:cf:fd:
c0:9b:53:fc:60:ff:3b:1d:fc:57:2a:96:76:e2:22:98:dc:e5:
c9:3c:9e:15:9d:90:7c:70:95:1b:b6:26:e1:43:ce:60:2c:67:
ec:6a:37:71:43:15:18:00:37:60:7d:6c:0e:b4:51:dc:86:27:
9e:c1:54:cb:2f:21:34:5a:c7:c7:4f:fd:b5:1f:cb:48:d5:46:
11:a3:0b:f8:f0:79:bf:6e:cc:c3:3f:e7:4d:3b:d9:fd:fc:a6:
47:8e:1e:70:68:09:13:b8:d0:32:a7:89:47:6e:49:e0:88:2e:
d4:28:ac:9e:94:88:3f:0b:af:74:cf:e9:7b:13:27:18:c1:ba:
ef:df:9a:fc:2e:22:52:df:5e:e8:dd:5c:db:f7:cb:73:21:52:
d1:f2:38:7c:5a:5e:1a:48:7c:f2:f3:90:ca:73:4d:ab:b5:8e:
c3:b7:33:6a:e9:68:a8:a0:04:1a:a8:69:e6:29:32:2e:88:66:
85:99:7a:6e:cd:3d:be:2c:6b:49:7f:26:82:38:b7:74:01:ad:
f9:ef:d7:68:a3:cb:4e:dc:1d:24:8a:e7:39:fe:79:16:fa:42:
79:fc:d0:48
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYJth/ZGwbmNH0Z26GPmDx1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwODA1MTAyMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWYwMWQzMmFhMzZkMjZlMzdmMTU4OGY1MDc5ZTc1ZWRjZTA1NTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGgh/7r+U2Zdsk9PhlVti+oAF2/W
UnjLLjS3xNgii6yg5upQZ7QJLI5aPQv3mG+sDSqhWkyPBsBFoyA5euK1fj1/brK+
WnLT40A3Rc5N+y0oxxJ94vENJLiSO+t0xccQP32nj2Np1zP7JUEiCoAYpYcb0lIn
y1/8tdzlJhfwu9S0wQrWV9j/wCaHO+WwxEgR+dMF/7WRgX3LW7A+y9Z7yTIDqjnS
4sGbph/IV+oktu/Aebz/vnmORkxQqxR2R7jc41HXuvLF4Y93jDHs2iWtrr2VPjEy
oWEidzC+JkqFtWAyeQTwSDLcZGpLtX4OXLVG/TJbZgw9lNmJRUG5DYZuRwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFCHwHTKqNtJuN/FYj1B5517c4FUBMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSWZBZE1xbzIwbTQzOFZpUFVIbm5YdHpnVlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBoQQCAAEwgZowDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAwDAME
AU1akgMEAU1alAMEAE1amAMEAE1amgMEAE1anQMEAE1apAMEAE1apgMEAE1arQME
AE1avAMEAU1avgMEALnmDAMEANXRggMEANXRhQMEANXRigMEAdXRkDAMAwQA1dGd
AwQA1dGeMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEA
F2k9iP7lZL6rxx7CXMWfDf531etbi5hJRaE0XpN0pOZSdM/9wJtT/GD/Ox38VyqW
duIimNzlyTyeFZ2QfHCVG7Ym4UPOYCxn7Go3cUMVGAA3YH1sDrRR3IYnnsFUyy8h
NFrHx0/9tR/LSNVGEaML+PB5v27Mwz/nTTvZ/fymR44ecGgJE7jQMqeJR25J4Igu
1CisnpSIPwuvdM/pexMnGMG679+a/C4iUt9e6N1c2/fLcyFS0fI4fFpeGkh88vOQ
ynNNq7WOw7czauloqKAEGqhp5ikyLohmhZl6bs09vixrSX8mgji3dAGt+e/XaKPL
TtwdJIrnOf55FvpCefzQSA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org