Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LOJIV5ZRKgs2Xr1ihmhC6R7fPZg.roa
File: LOJIV5ZRKgs2Xr1ihmhC6R7fPZg.roa (raw, json)
Hash identifier: 4QalgoQXfye7ICRsHOX1hZJ/1Ay6T498Std6k1xftlk=
Subject key identifier: 2C:E2:48:57:96:51:2A:0B:36:5E:BD:62:86:68:42:E9:1E:DF:3D:98
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0184C5578E881C44D6A13CA23CA596622FC4
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LOJIV5ZRKgs2Xr1ihmhC6R7fPZg.roa
Signing time: Tue 29 Nov 2022 21:42:40 +0000
ROA not before: Tue 29 Nov 2022 21:42:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c5:57:8e:88:1c:44:d6:a1:3c:a2:3c:a5:96:62:2f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 29 21:42:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ce2485796512a0b365ebd62866842e91edf3d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7f:2d:61:85:00:bb:ee:41:8b:c3:ad:fd:a5:
fe:49:bd:02:75:17:8e:72:5f:8e:50:ad:70:5e:75:
47:c6:d1:02:7a:0b:db:7b:da:17:1d:5b:e1:dc:78:
92:70:c1:ea:28:32:1f:74:d5:9b:2f:44:53:0d:3a:
ae:37:3b:74:9d:58:f8:40:4a:52:af:f6:4f:39:82:
fb:e4:26:29:99:b6:b0:8d:aa:a4:c0:e8:da:b4:e2:
57:12:71:bc:76:1d:a3:d9:af:b7:c1:e1:1d:a5:2b:
07:aa:4c:aa:cc:c9:35:ad:bc:b9:9a:e0:f0:ef:00:
28:86:ee:4d:58:9c:4e:1d:bf:c9:b2:83:2b:85:5d:
f8:9c:13:89:92:da:25:18:e1:e4:9d:52:d4:e6:df:
e4:c1:55:8e:3b:f7:75:7f:87:97:b0:bc:7b:02:99:
d7:41:ce:a8:c9:3b:9a:18:55:43:90:28:79:1c:e3:
49:aa:6d:c4:90:50:5f:97:78:83:48:0e:b3:04:e1:
a5:57:f0:c6:53:99:37:03:a0:9c:6e:66:8f:a9:1b:
b6:31:5a:13:6f:c6:3f:48:72:80:e4:df:9d:82:18:
18:3a:e3:f3:8a:6a:fa:5b:21:62:14:fb:de:3d:83:
44:cc:da:dd:e7:cd:14:db:6e:d1:8b:a2:c9:99:90:
64:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:E2:48:57:96:51:2A:0B:36:5E:BD:62:86:68:42:E9:1E:DF:3D:98
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LOJIV5ZRKgs2Xr1ihmhC6R7fPZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.154.0/24
77.90.156.0/24
77.90.184.0/23
77.90.188.0/24
185.230.14.0/24
213.209.136.0/24
213.209.138.0/24
213.209.143.0/24
213.209.146.0/24
213.209.149.0-213.209.151.255
213.209.156.0/23
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
55:ee:ce:1f:8e:00:3c:70:af:03:62:38:c0:3d:8c:0b:3b:d6:
11:56:54:bc:51:cf:29:49:b7:07:37:49:ee:38:bd:77:df:c8:
96:9d:7b:fe:5a:03:51:16:e0:fc:0a:a5:f4:bb:42:5c:f7:73:
db:3b:82:c0:d9:0c:97:03:b0:be:80:a1:86:a4:4c:eb:b3:f1:
86:b8:a4:97:6a:cb:ed:07:e4:51:70:2d:af:23:5a:8e:b3:c2:
c5:f8:a6:05:31:f5:48:91:9f:71:3e:60:f3:ff:7e:36:41:31:
5f:50:66:f9:4e:ae:4f:08:d5:88:a0:18:b1:fc:9f:76:10:a3:
b7:84:25:30:ea:ce:c0:23:c0:09:87:7c:43:f1:44:0f:a1:60:
20:3d:14:44:d6:3f:49:90:1b:11:62:53:18:eb:ea:4d:49:a5:
6a:92:6c:e0:a7:c7:cd:70:aa:e0:ad:c2:42:9f:72:9b:22:50:
09:04:37:86:26:79:70:fe:f5:be:5b:cb:20:99:a5:41:c6:83:
3d:d1:3f:fe:7a:3f:0b:fa:1a:7b:75:fe:27:fd:37:4a:38:b1:
c0:6d:88:0b:69:a0:43:9a:69:79:91:57:3a:3d:93:46:f6:b5:
d0:67:b6:61:2a:cb:e1:96:29:b5:ef:82:d8:71:96:0c:55:a4:
a9:42:fa:ec
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYTFV46IHETWoTyiPKWWYi/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTI5MjE0MjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2UyNDg1Nzk2NTEyYTBiMzY1ZWJkNjI4NjY4NDJlOTFlZGYzZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH8tYYUAu+5Bi8Ot/aX+Sb0CdReO
cl+OUK1wXnVHxtECegvbe9oXHVvh3HiScMHqKDIfdNWbL0RTDTquNzt0nVj4QEpS
r/ZPOYL75CYpmbawjaqkwOjatOJXEnG8dh2j2a+3weEdpSsHqkyqzMk1rby5muDw
7wAohu5NWJxOHb/JsoMrhV34nBOJktolGOHknVLU5t/kwVWOO/d1f4eXsLx7ApnX
Qc6oyTuaGFVDkCh5HONJqm3EkFBfl3iDSA6zBOGlV/DGU5k3A6CcbmaPqRu2MVoT
b8Y/SHKA5N+dghgYOuPzimr6WyFiFPvePYNEzNrd580U227Ri6LJmZBkFwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFCziSFeWUSoLNl69YoZoQuke3z2YMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvTE9KSVY1WlJLZ3MyWHIxaWhtaEM2UjdmUFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBhwQCAAEwgYAwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpQDBABN
WpoDBABNWpwDBAFNWrgDBABNWrwDBAC55g4DBADV0YgDBADV0YoDBADV0Y8DBADV
0ZIwDAMEANXRlQMEA9XRkAMEAdXRnAMEANXRnzAUBAIAAjAOAwUAKgQpwgMFACoE
KccwDQYJKoZIhvcNAQELBQADggEBAFXuzh+OADxwrwNiOMA9jAs71hFWVLxRzylJ
twc3Se44vXffyJade/5aA1EW4PwKpfS7Qlz3c9s7gsDZDJcDsL6AoYakTOuz8Ya4
pJdqy+0H5FFwLa8jWo6zwsX4pgUx9UiRn3E+YPP/fjZBMV9QZvlOrk8I1YigGLH8
n3YQo7eEJTDqzsAjwAmHfEPxRA+hYCA9FETWP0mQGxFiUxjr6k1JpWqSbOCnx81w
quCtwkKfcpsiUAkEN4YmeXD+9b5byyCZpUHGgz3RP/56Pwv6Gnt1/if9N0o4scBt
iAtpoEOaaXmRVzo9k0b2tdBntmEqy+GWKbXvgthxlgxVpKlC+uw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org