Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O-ZNCGBYyCIen2GOkB-tl98vsGY.roa
File: O-ZNCGBYyCIen2GOkB-tl98vsGY.roa (raw, json)
Hash identifier: DGtKg0dvV13XSLAx3gpMK1ny1zgWB+6n6bt+M7KaD7M=
Subject key identifier: 3B:E6:4D:08:60:58:C8:22:1E:9F:61:8E:90:1F:AD:97:DF:2F:B0:66
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 088A4C77
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O-ZNCGBYyCIen2GOkB-tl98vsGY.roa
Signing time: Mon 11 Apr 2022 14:28:22 +0000
ROA not before: Mon 11 Apr 2022 14:28:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143281271 (0x88a4c77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 11 14:28:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3be64d086058c8221e9f618e901fad97df2fb066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b9:bb:3f:8e:96:bd:5a:6b:3b:74:9a:82:a3:
1e:9d:08:74:1b:ce:b0:cd:f7:e7:41:b7:01:57:3c:
48:8d:b6:79:bc:2e:3e:80:cf:51:30:a8:30:39:9a:
cc:85:12:07:13:ca:61:09:22:06:f6:b0:af:19:88:
cd:77:c6:06:7f:e1:b6:15:c4:fd:af:9e:38:9c:c7:
2b:8f:38:fd:ee:e7:b9:6d:97:03:2b:1b:07:18:d7:
0d:53:d2:ed:f8:de:d0:00:18:9b:c0:7d:e0:b8:75:
cb:cf:a8:f2:02:0a:d2:bf:1e:86:31:1e:97:34:ab:
33:19:46:e5:50:6a:c5:ee:4f:fb:39:cc:06:4d:15:
0d:22:f6:4e:f7:77:cc:dc:f2:08:c6:6f:2f:ad:9d:
f9:ff:26:46:4f:f2:de:9e:d7:25:85:fc:b5:dc:76:
be:7b:12:de:cf:e9:ee:80:7c:bf:b1:1e:e3:37:62:
c7:84:47:b4:d6:2d:d5:aa:ea:2b:aa:44:ce:5f:fd:
40:a7:b8:5c:e4:4e:ef:93:7b:39:87:0d:f1:04:52:
77:d7:b1:dc:ec:29:9c:03:fe:01:ff:c8:6f:07:7a:
d0:77:05:9f:78:16:97:2f:c4:53:d4:5c:62:3c:90:
e8:a1:fb:d9:7b:74:5f:3c:a2:62:96:5a:cf:96:71:
c3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E6:4D:08:60:58:C8:22:1E:9F:61:8E:90:1F:AD:97:DF:2F:B0:66
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O-ZNCGBYyCIen2GOkB-tl98vsGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.150.0/24
77.90.157.0/24
77.90.180.0/24
77.90.184.0/23
185.230.13.0-185.230.14.255
213.209.130.0/24
213.209.136.0/24
213.209.138.0/24
213.209.146.0/23
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
90:db:be:f9:eb:1d:c7:7c:f7:52:10:94:3d:47:62:4a:05:25:
b3:f8:77:7c:da:c3:eb:b7:b7:4c:b7:2e:b5:31:d1:0f:c2:73:
75:5a:61:8b:51:1c:50:29:fc:9a:ab:13:38:5b:da:a3:36:fb:
3b:b4:e5:fb:13:4d:c5:1a:89:97:da:32:5f:7c:c5:88:ae:5a:
a2:96:40:2e:20:12:d7:26:2f:47:37:1e:aa:cf:e0:d4:26:9d:
d0:43:9b:6c:11:05:f1:3a:42:ba:fc:ab:aa:d9:14:2f:f2:91:
bc:c3:94:6d:59:23:e6:a1:5c:39:13:5b:50:4b:f1:19:13:bf:
45:de:1a:ae:23:98:6c:ff:5b:99:72:ec:ae:20:ea:63:86:05:
41:99:a1:cc:f6:d4:74:53:17:86:d1:4c:6a:95:1b:12:6d:1e:
6b:ab:2d:04:24:da:15:05:d3:12:68:2c:ad:fa:9d:aa:2a:7c:
7c:9a:53:a5:04:6b:f8:a2:a6:3a:9e:d1:a7:a7:a1:ca:a3:60:
d9:ee:df:9f:0e:f6:83:4e:ee:68:11:75:8c:bd:82:3a:25:79:
6e:7c:5f:2a:d2:5b:4c:36:97:ad:79:18:c6:50:1a:53:ac:d7:
99:18:5f:82:e5:64:0f:17:09:7e:3c:5e:7a:f5:d2:75:5b:14:
83:27:06:40
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIECIpMdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQx
MTE0MjgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JlNjRkMDg2MDU4
YzgyMjFlOWY2MThlOTAxZmFkOTdkZjJmYjA2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM25uz+Olr1aazt0moKjHp0IdBvOsM3350G3AVc8SI22ebwu
PoDPUTCoMDmazIUSBxPKYQkiBvawrxmIzXfGBn/hthXE/a+eOJzHK484/e7nuW2X
AysbBxjXDVPS7fje0AAYm8B94Lh1y8+o8gIK0r8ehjEelzSrMxlG5VBqxe5P+znM
Bk0VDSL2Tvd3zNzyCMZvL62d+f8mRk/y3p7XJYX8tdx2vnsS3s/p7oB8v7Ee4zdi
x4RHtNYt1arqK6pEzl/9QKe4XORO75N7OYcN8QRSd9ex3OwpnAP+Af/Ibwd60HcF
n3gWly/EU9RcYjyQ6KH72Xt0XzyiYpZaz5Zxw6UCAwEAAaOCAoowggKGMB0GA1Ud
DgQWBBQ75k0IYFjIIh6fYY6QH62X3y+wZjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L08tWk5DR0JZeUNJZW4yR09rQi10bDk4dnNHWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nwYIKwYBBQUHAQcBAf8EgY8wgYwwdAQCAAEwbjAMAwQHTVqAAwQATVqCMAwDBAJN
WoQDBABNWooDBABNWowwDAMEAU1ajgMEAE1alAMEAE1algMEAE1anQMEAE1atAME
AU1auDAMAwQAueYNAwQAueYOAwQA1dGCAwQA1dGIAwQA1dGKAwQB1dGSMBQEAgAC
MA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAkNu++esdx3z3UhCU
PUdiSgUls/h3fNrD67e3TLcutTHRD8JzdVphi1EcUCn8mqsTOFvaozb7O7Tl+xNN
xRqJl9oyX3zFiK5aopZALiAS1yYvRzceqs/g1Cad0EObbBEF8TpCuvyrqtkUL/KR
vMOUbVkj5qFcORNbUEvxGRO/Rd4ariOYbP9bmXLsriDqY4YFQZmhzPbUdFMXhtFM
apUbEm0ea6stBCTaFQXTEmgsrfqdqip8fJpTpQRr+KKmOp7Rp6ehyqNg2e7fnw72
g07uaBF1jL2COiV5bnxfKtJbTDaXrXkYxlAaU6zXmRhfguVkDxcJfjxeevXSdVsU
gycGQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org