Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IhGfA4xv4dQw6shG1SuC6lwvhvk.roa
File: IhGfA4xv4dQw6shG1SuC6lwvhvk.roa (raw, json)
Hash identifier: xES7e4oIMPdcsRydAnS0Qhjhd/u/w1JLIuObwux8jz0=
Subject key identifier: 22:11:9F:03:8C:6F:E1:D4:30:EA:C8:46:D5:2B:82:EA:5C:2F:86:F9
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09C06124
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IhGfA4xv4dQw6shG1SuC6lwvhvk.roa
Signing time: Tue 21 Jun 2022 10:21:44 +0000
ROA not before: Tue 21 Jun 2022 10:21:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163602724 (0x9c06124)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 21 10:21:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22119f038c6fe1d430eac846d52b82ea5c2f86f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:11:81:78:e8:e0:f6:91:37:81:1f:d8:6d:6b:
f2:40:f1:8a:d7:8e:15:3e:db:93:2e:77:98:02:59:
a0:64:cd:04:87:c6:3a:e5:d7:ce:08:ff:74:51:f5:
35:73:54:8e:39:b9:b7:1b:95:7f:df:a6:03:3b:2c:
29:74:15:ba:96:c4:e9:2c:19:a9:cf:7b:27:12:f9:
51:78:03:31:74:b8:a0:fa:d2:f6:8c:0b:65:44:0c:
87:bd:64:d7:7c:85:78:1d:a0:54:9d:9f:96:bf:52:
80:3f:3e:99:f2:4f:c7:d1:61:3f:10:06:e4:54:e7:
02:d6:f2:96:38:0e:3d:df:24:b2:21:47:5e:a7:30:
47:44:07:05:09:5e:af:67:f5:4a:d1:8a:77:61:0f:
7f:8b:17:bb:f4:68:19:06:4e:68:ee:04:35:81:40:
22:7f:f4:3e:80:87:17:ed:dc:dc:e3:c8:72:5f:c9:
f3:73:ff:61:71:ab:92:c1:4e:80:cb:3c:ed:4c:19:
92:80:54:fa:36:6b:a2:29:b7:32:ce:fe:27:c9:a5:
36:f9:d2:11:6f:df:a5:66:7a:bd:c1:5b:37:43:21:
ab:c4:83:ce:8c:27:aa:7f:79:0c:b5:ea:21:bb:6e:
3a:a1:d6:d7:11:6f:35:ce:81:e4:43:4d:55:c6:2e:
30:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:11:9F:03:8C:6F:E1:D4:30:EA:C8:46:D5:2B:82:EA:5C:2F:86:F9
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IhGfA4xv4dQw6shG1SuC6lwvhvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.149.255
77.90.153.0/24
77.90.164.0/24
77.90.179.0/24
77.90.181.0/24
77.90.188.0/24
77.90.191.0/24
185.230.15.0/24
213.209.130.0/24
213.209.136.0/24
213.209.138.0/24
213.209.143.0/24
213.209.145.0/24
213.209.147.0/24
213.209.158.0/23
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
86:20:ab:1d:04:ef:7c:60:00:cc:e7:b9:64:0a:47:88:85:9d:
e5:25:07:bf:46:0c:f2:73:bf:90:a0:ab:82:b3:77:1e:cd:50:
01:c6:de:e0:62:ec:48:05:76:1b:30:f1:c0:c3:b2:4d:49:40:
46:4a:24:80:82:07:4b:f7:e3:b1:ec:4f:b9:b3:cb:b2:56:80:
9b:ed:e0:eb:78:28:9b:a8:01:b6:d6:02:4d:c3:3e:4a:ee:40:
33:4c:fc:4f:fd:58:96:6c:c4:61:12:0d:b4:7a:e1:c6:97:1c:
42:c8:2a:74:a1:bd:12:dc:5b:d8:31:36:7e:fe:22:93:6e:54:
24:f5:90:32:c6:c3:25:26:9d:e4:b0:b3:6f:7a:39:d9:e4:d9:
c1:4a:2b:95:6f:78:04:5a:f1:92:7f:a5:00:7b:e3:a9:9b:45:
9c:8e:40:c5:f2:a0:b1:e7:81:ed:73:95:a9:d0:72:8f:97:43:
f2:d8:57:18:77:ef:75:1e:9e:16:73:39:cc:95:44:b8:33:74:
a9:d9:d6:7b:b1:46:c5:52:f8:db:e8:34:44:c1:71:40:43:52:
1a:61:1a:e7:5d:0b:20:ea:bb:38:86:81:af:e0:00:af:a5:61:
53:23:61:92:6c:d3:71:e2:6e:40:2c:a9:7d:fc:b7:fd:9a:7a:
90:16:27:19
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIECcBhJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
MTEwMjE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjIxMTlmMDM4YzZm
ZTFkNDMwZWFjODQ2ZDUyYjgyZWE1YzJmODZmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO0RgXjo4PaRN4Ef2G1r8kDxiteOFT7bky53mAJZoGTNBIfG
OuXXzgj/dFH1NXNUjjm5txuVf9+mAzssKXQVupbE6SwZqc97JxL5UXgDMXS4oPrS
9owLZUQMh71k13yFeB2gVJ2flr9SgD8+mfJPx9FhPxAG5FTnAtbyljgOPd8ksiFH
XqcwR0QHBQler2f1StGKd2EPf4sXu/RoGQZOaO4ENYFAIn/0PoCHF+3c3OPIcl/J
83P/YXGrksFOgMs87UwZkoBU+jZroim3Ms7+J8mlNvnSEW/fpWZ6vcFbN0Mhq8SD
zownqn95DLXqIbtuOqHW1xFvNc6B5ENNVcYuMNkCAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBQiEZ8DjG/h1DDqyEbVK4LqXC+G+TAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0loR2ZBNHh2NGRRdzZzaEcxU3VDNmx3dmh2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xQYIKwYBBQUHAQcBAf8EgbUwgbIwgZkEAgABMIGSMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpIDBAFNWpQDBABN
WpkDBABNWqQDBABNWrMDBABNWrUDBABNWrwDBABNWr8DBAC55g8DBADV0YIDBADV
0YgDBADV0YoDBADV0Y8DBADV0ZEDBADV0ZMDBAHV0Z4wFAQCAAIwDgMFACoEKcID
BQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQCGIKsdBO98YADM57lkCkeIhZ3lJQe/
Rgzyc7+QoKuCs3cezVABxt7gYuxIBXYbMPHAw7JNSUBGSiSAggdL9+Ox7E+5s8uy
VoCb7eDreCibqAG21gJNwz5K7kAzTPxP/ViWbMRhEg20euHGlxxCyCp0ob0S3FvY
MTZ+/iKTblQk9ZAyxsMlJp3ksLNvejnZ5NnBSiuVb3gEWvGSf6UAe+Opm0WcjkDF
8qCx54Htc5Wp0HKPl0Py2FcYd+91Hp4WcznMlUS4M3Sp2dZ7sUbFUvjb6DREwXFA
Q1IaYRrnXQsg6rs4hoGv4ACvpWFTI2GSbNNx4m5ALKl9/Lf9mnqQFicZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org