Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ONKVINwqHIwvrnouX5ydgD-LLJc.roa
File: ONKVINwqHIwvrnouX5ydgD-LLJc.roa (raw, json)
Hash identifier: kfSHnG3HwV67CtXVNFeYlwYxEBOfXJGGTME1ub7juzg=
Subject key identifier: 38:D2:95:20:DC:2A:1C:8C:2F:AE:7A:2E:5F:9C:9D:80:3F:8B:2C:97
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09407F51
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ONKVINwqHIwvrnouX5ydgD-LLJc.roa
Signing time: Sat 21 May 2022 22:36:29 +0000
ROA not before: Sat 21 May 2022 22:36:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155221841 (0x9407f51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 21 22:36:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38d29520dc2a1c8c2fae7a2e5f9c9d803f8b2c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ff:d3:eb:97:69:f8:8b:40:f9:ae:37:a2:e7:
da:bf:90:cc:55:4a:90:52:fb:e3:4d:1f:11:f1:2d:
98:8c:49:08:11:26:a0:7e:7c:bd:59:6e:0f:39:1f:
7b:dc:a8:fe:13:4d:82:be:c7:30:68:de:a8:1b:89:
ec:f6:23:9e:40:be:62:a5:74:a6:a3:d3:9c:63:2e:
b7:c9:47:bb:06:7e:83:58:22:d1:02:2d:60:51:dd:
8b:43:b1:a2:fa:e0:ad:9b:ac:8f:e7:95:37:2d:8f:
12:79:e3:d0:32:f1:2d:e8:cf:3c:78:de:56:49:96:
2f:da:a4:4a:43:2c:24:d3:68:de:28:3e:42:16:3e:
85:85:f9:94:47:d0:c6:ae:ca:a1:64:28:cf:0e:1b:
3c:a2:48:e4:5b:1f:93:24:c2:77:87:11:94:e3:b5:
f1:27:3d:76:a1:02:cd:bd:92:a5:53:88:0f:84:97:
48:4b:bb:a6:f5:2a:b4:4d:b2:27:2c:3d:dd:12:78:
bd:16:fb:49:bc:b7:b4:eb:86:76:01:41:7e:ae:4b:
86:1c:e8:de:36:11:55:7c:75:12:ad:65:22:07:f8:
ae:f1:d6:12:94:ac:af:c4:18:2e:34:9c:65:9f:37:
46:25:2f:4f:38:39:bd:e8:8c:40:40:bf:80:0b:67:
1f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D2:95:20:DC:2A:1C:8C:2F:AE:7A:2E:5F:9C:9D:80:3F:8B:2C:97
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ONKVINwqHIwvrnouX5ydgD-LLJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.152.0/24
77.90.164.0/24
77.90.178.0/24
77.90.180.0/23
77.90.191.0/24
185.230.13.0/24
213.209.130.0/24
213.209.133.0-213.209.134.255
213.209.136.0/24
213.209.138.0/24
213.209.144.0/24
213.209.150.0/24
213.209.156.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
b1:b1:95:ae:0e:f3:fd:12:24:b7:93:30:ab:fd:35:ac:e2:5f:
82:ee:72:4c:40:5f:ae:b1:26:06:0c:76:35:76:f4:fd:3a:d8:
52:63:fb:b3:24:54:20:ba:36:f5:42:1c:72:fe:c7:19:4f:34:
b1:27:9b:84:d0:7f:b9:ec:21:98:1a:3b:ce:ad:8a:b7:74:78:
cf:a6:ae:2b:52:53:32:25:49:3e:0c:ca:a5:c5:5a:e3:fa:5e:
38:52:9c:a4:d8:e7:96:48:52:e4:20:74:81:c2:d5:0d:1f:4d:
de:51:77:6b:31:df:8c:a0:e6:88:12:fe:47:b3:70:dc:67:f4:
12:b4:bc:61:4b:cf:2c:8e:2f:dc:70:77:d3:db:74:7e:ae:11:
65:cf:cd:3d:b8:85:99:f2:75:64:f4:58:e8:18:ff:dc:ec:29:
3e:3a:9e:50:e6:ab:b0:28:4f:cd:2a:98:9a:84:21:a9:d2:e7:
8c:c1:e7:53:99:35:87:27:2d:bf:dd:2e:87:8e:ca:31:bb:a5:
44:2e:0d:63:a3:b3:d8:4a:c1:21:cf:25:5e:34:5f:f4:0b:eb:
4a:88:e4:b8:86:42:9a:39:f5:f4:a0:a0:c6:4d:d1:6b:22:d5:
32:29:6e:71:21:31:72:62:40:de:9e:56:ae:5b:53:a8:ef:2c:
f2:3b:10:66
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIECUB/UTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUy
MTIyMzYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzhkMjk1MjBkYzJh
MWM4YzJmYWU3YTJlNWY5YzlkODAzZjhiMmM5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJv/0+uXafiLQPmuN6Ln2r+QzFVKkFL7400fEfEtmIxJCBEm
oH58vVluDzkfe9yo/hNNgr7HMGjeqBuJ7PYjnkC+YqV0pqPTnGMut8lHuwZ+g1gi
0QItYFHdi0OxovrgrZusj+eVNy2PEnnj0DLxLejPPHjeVkmWL9qkSkMsJNNo3ig+
QhY+hYX5lEfQxq7KoWQozw4bPKJI5FsfkyTCd4cRlOO18Sc9dqECzb2SpVOID4SX
SEu7pvUqtE2yJyw93RJ4vRb7Sby3tOuGdgFBfq5Lhhzo3jYRVXx1Eq1lIgf4rvHW
EpSsr8QYLjScZZ83RiUvTzg5veiMQEC/gAtnHxsCAwEAAaOCAqQwggKgMB0GA1Ud
DgQWBBQ40pUg3CocjC+uei5fnJ2AP4sslzAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L09OS1ZJTndxSEl3dnJub3VYNXlkZ0QtTExKYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
uQYIKwYBBQUHAQcBAf8EgakwgaYwgY0EAgABMIGGMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqYAwQATVqkAwQATVqy
AwQBTVq0AwQATVq/AwQAueYNAwQA1dGCMAwDBADV0YUDBADV0YYDBADV0YgDBADV
0YoDBADV0ZADBADV0ZYDBADV0ZwwFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqG
SIb3DQEBCwUAA4IBAQCxsZWuDvP9EiS3kzCr/TWs4l+C7nJMQF+usSYGDHY1dvT9
OthSY/uzJFQgujb1Qhxy/scZTzSxJ5uE0H+57CGYGjvOrYq3dHjPpq4rUlMyJUk+
DMqlxVrj+l44Upyk2OeWSFLkIHSBwtUNH03eUXdrMd+MoOaIEv5Hs3DcZ/QStLxh
S88sji/ccHfT23R+rhFlz809uIWZ8nVk9FjoGP/c7Ck+Op5Q5quwKE/NKpiahCGp
0ueMwedTmTWHJy2/3S6Hjsoxu6VELg1jo7PYSsEhzyVeNF/0C+tKiOS4hkKaOfX0
oKDGTdFrItUyKW5xITFyYkDenlauW1Oo7yzyOxBm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org