Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/MslsqPHgDHokWZiCsjZv-cp7lEI.roa
File: MslsqPHgDHokWZiCsjZv-cp7lEI.roa (raw, json)
Hash identifier: /eirl3MkUucY7cjL+2S9tbDLTAq+uy0C9gQUIOASs8U=
Subject key identifier: 32:C9:6C:A8:F1:E0:0C:7A:24:59:98:82:B2:36:6F:F9:CA:7B:94:42
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0182EDAC03D6502CF3EE3332B9BFE7EDB946
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/MslsqPHgDHokWZiCsjZv-cp7lEI.roa
Signing time: Tue 30 Aug 2022 07:34:09 +0000
ROA not before: Tue 30 Aug 2022 07:34:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.190.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.166.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ed:ac:03:d6:50:2c:f3:ee:33:32:b9:bf:e7:ed:b9:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 30 07:34:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32c96ca8f1e00c7a24599882b2366ff9ca7b9442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:49:f0:9c:2d:c9:a6:ae:39:16:26:e9:f3:b2:
e3:fb:a8:f2:52:ca:42:d6:67:96:a7:d3:20:97:3a:
87:bd:c3:49:b4:b4:09:a5:8d:70:e2:84:af:4f:c5:
92:27:75:25:0a:ca:00:20:d9:7b:c2:8e:15:ae:d4:
55:ea:d1:05:ff:de:e0:be:0a:b5:ee:02:ac:14:46:
ce:ab:09:2d:5e:e4:33:99:fc:56:80:25:07:ce:74:
04:07:df:58:b9:b1:48:02:79:cc:b9:7f:eb:7a:20:
c4:6a:19:56:6b:5d:5a:02:45:19:7c:5f:43:e5:14:
46:e7:ff:5e:eb:9d:a3:28:98:62:37:51:a4:eb:80:
28:97:a4:25:23:2a:c1:44:a3:62:bf:a3:d9:24:da:
b5:33:ea:17:be:b7:97:63:8c:45:49:1e:b4:27:a7:
af:3d:0c:d9:0d:f2:f6:48:7e:22:ab:c7:a3:14:87:
9e:8c:71:56:6a:5d:43:a8:a9:fc:84:0c:ab:60:7d:
88:76:ce:a5:6a:f2:96:81:81:ce:29:84:d9:2a:00:
c4:33:fd:87:f4:99:93:dd:5c:78:37:45:a2:9d:22:
54:2d:2f:95:36:eb:08:7a:c7:2f:71:eb:a1:95:6a:
a6:87:e7:fe:c7:10:31:02:2a:e2:3b:69:86:0d:27:
03:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C9:6C:A8:F1:E0:0C:7A:24:59:98:82:B2:36:6F:F9:CA:7B:94:42
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/MslsqPHgDHokWZiCsjZv-cp7lEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.139.0-77.90.140.255
77.90.142.0-77.90.150.255
77.90.152.0/22
77.90.157.0/24
77.90.166.0/24
77.90.173.0/24
77.90.179.0-77.90.181.255
77.90.188.0/24
77.90.190.0/23
185.230.12.0/24
213.209.130.0/24
213.209.133.0-213.209.134.255
213.209.138.0/24
213.209.144.0/23
213.209.147.0/24
213.209.149.0/24
213.209.157.0-213.209.158.255
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
73:03:86:2c:8c:0f:73:0f:25:b5:3b:99:74:2b:10:72:7b:0b:
55:a6:b4:26:e0:a2:e8:08:2d:89:d6:cd:65:78:20:c1:b8:21:
5f:0f:25:a6:c5:96:67:3d:6f:1c:a8:14:b8:ed:fb:f8:58:b9:
38:5b:6d:b9:9c:07:3e:b1:4e:37:fd:f4:30:d6:47:93:a5:11:
1c:78:3e:c0:60:67:21:00:ef:ee:53:22:3a:8e:dc:69:70:b0:
ab:fe:83:b4:97:0b:02:97:ef:a0:6b:73:de:e6:b7:aa:40:8b:
de:d2:3e:3c:a2:89:43:5a:fa:44:83:57:f2:e9:1c:c0:5f:d1:
f0:08:0d:96:1a:df:04:25:6d:6d:ab:2e:a1:fd:c5:1c:a0:6c:
00:9e:4f:5c:ca:b9:eb:f4:53:1a:b6:64:f6:ac:9d:40:63:67:
a2:d1:7e:3f:9a:c9:03:33:4a:eb:04:d5:3b:b7:d2:72:9c:eb:
b5:87:67:ec:61:11:db:ff:bf:fe:ba:7a:50:5c:92:23:a8:3e:
b9:4e:ac:9e:03:df:a6:f4:78:66:5f:11:c0:b0:47:8e:45:2a:
b6:f1:de:64:a6:22:62:69:0b:b7:23:50:b1:20:1c:de:af:01:
20:f9:b3:bb:74:97:ee:6e:b8:74:e4:21:a9:60:38:8d:17:56:
43:f4:d0:f1
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYLtrAPWUCzz7jMyub/n7blGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwODMwMDczNDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmM5NmNhOGYxZTAwYzdhMjQ1OTk4ODJiMjM2NmZmOWNhN2I5NDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxknwnC3Jpq45Fibp87Lj+6jyUspC
1meWp9MglzqHvcNJtLQJpY1w4oSvT8WSJ3UlCsoAINl7wo4VrtRV6tEF/97gvgq1
7gKsFEbOqwktXuQzmfxWgCUHznQEB99YubFIAnnMuX/reiDEahlWa11aAkUZfF9D
5RRG5/9e652jKJhiN1Gk64Aol6QlIyrBRKNiv6PZJNq1M+oXvreXY4xFSR60J6ev
PQzZDfL2SH4iq8ejFIeejHFWal1DqKn8hAyrYH2Ids6lavKWgYHOKYTZKgDEM/2H
9JmT3Vx4N0WinSJULS+VNusIescvceuhlWqmh+f+xxAxAiriO2mGDScDrQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFDLJbKjx4Ax6JFmYgrI2b/nKe5RCMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvTXNsc3FQSGdESG9rV1ppQ3NqWnYtY3A3bEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBsQQCAAEwgaowDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIMAwDBABNWosDBABNWowwDAMEAU1ajgME
AE1algMEAk1amAMEAE1anQMEAE1apgMEAE1arTAMAwQATVqzAwQBTVq0AwQATVq8
AwQBTVq+AwQAueYMAwQA1dGCMAwDBADV0YUDBADV0YYDBADV0YoDBAHV0ZADBADV
0ZMDBADV0ZUwDAMEANXRnQMEANXRnjAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJ
KoZIhvcNAQELBQADggEBAHMDhiyMD3MPJbU7mXQrEHJ7C1WmtCbgougILYnWzWV4
IMG4IV8PJabFlmc9bxyoFLjt+/hYuThbbbmcBz6xTjf99DDWR5OlERx4PsBgZyEA
7+5TIjqO3GlwsKv+g7SXCwKX76Brc97mt6pAi97SPjyiiUNa+kSDV/LpHMBf0fAI
DZYa3wQlbW2rLqH9xRygbACeT1zKuev0Uxq2ZPasnUBjZ6LRfj+ayQMzSusE1Tu3
0nKc67WHZ+xhEdv/v/66elBckiOoPrlOrJ4D36b0eGZfEcCwR45FKrbx3mSmImJp
C7cjULEgHN6vASD5s7t0l+5uuHTkIalgOI0XVkP00PE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org