Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/PfS0HjBWK3HhN-qPil2AnTLMXmg.roa
File: PfS0HjBWK3HhN-qPil2AnTLMXmg.roa (raw, json)
Hash identifier: nbvu4ACrs6MFw07o0s/avS7gvPmpHbKcK2vqLUBjtDQ=
Subject key identifier: 3D:F4:B4:1E:30:56:2B:71:E1:37:EA:8F:8A:5D:80:9D:32:CC:5E:68
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01844DBC36F3CD4A884D5696704646AF71B6
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/PfS0HjBWK3HhN-qPil2AnTLMXmg.roa
Signing time: Sun 06 Nov 2022 16:18:11 +0000
ROA not before: Sun 06 Nov 2022 16:18:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:4d:bc:36:f3:cd:4a:88:4d:56:96:70:46:46:af:71:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 6 16:18:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3df4b41e30562b71e137ea8f8a5d809d32cc5e68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:94:e7:27:55:e4:15:e9:0c:17:74:1a:92:97:
b8:55:e1:47:4a:4f:b8:a2:6a:b6:88:b0:3f:ce:c7:
8c:25:3a:96:7c:df:98:a8:f2:03:bc:b3:1d:42:13:
d2:bd:20:a7:1c:70:3b:76:35:4d:70:6c:ab:75:b3:
a2:c0:15:9d:77:95:7c:f0:c6:c0:ef:b9:6d:a7:d8:
2f:17:95:78:df:4e:4a:d0:64:df:20:4a:44:25:5f:
08:a0:aa:59:7c:dd:02:02:ef:0d:a4:38:55:45:e2:
c3:dd:e8:9a:1d:76:47:5e:6e:f2:c9:8b:63:3a:5c:
08:aa:05:d6:44:6d:24:b0:a4:3d:41:42:b5:ca:2a:
d6:59:46:39:14:54:cf:71:e2:24:97:48:d9:e6:92:
46:10:72:81:86:0d:cd:49:11:5d:df:ea:12:ae:86:
07:de:dc:1b:1c:30:d4:d3:17:67:cb:43:20:e5:7f:
07:0a:50:c6:a9:50:d1:b8:8e:03:a8:f8:0d:be:5d:
9f:a2:00:4b:5f:ab:b8:88:2a:27:e5:56:a0:f6:8a:
82:c8:c8:8b:f4:6b:3b:14:f8:c3:7a:ac:8f:7e:6a:
31:08:42:d8:0c:f4:85:a5:2b:c0:87:72:31:d7:30:
59:8f:8d:e9:6b:50:4d:a6:a6:b0:23:ed:cd:15:e1:
f3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F4:B4:1E:30:56:2B:71:E1:37:EA:8F:8A:5D:80:9D:32:CC:5E:68
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/PfS0HjBWK3HhN-qPil2AnTLMXmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.140.255
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.156.0/24
77.90.178.0/24
77.90.184.0/24
77.90.188.0/24
185.230.13.0-185.230.14.255
213.209.138.0/24
213.209.143.0/24
213.209.149.0/24
213.209.156.0/23
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
2d:9e:f1:7c:8d:95:68:25:72:0d:1b:de:21:66:2b:88:44:26:
ca:74:7e:6d:c2:2e:d2:53:14:0c:b7:db:44:53:a4:73:06:48:
1f:94:02:ad:e8:6e:38:13:7f:2d:60:a2:29:ee:76:8d:af:d3:
20:0d:79:c7:1f:09:5a:9b:d1:b6:a8:2c:81:14:7b:b1:cf:26:
a2:71:e6:b4:bc:dc:a3:0c:3c:e5:a8:4d:d5:ce:fc:7b:90:9d:
23:13:97:d3:6a:61:8d:e2:12:4e:67:cb:21:bb:84:eb:f7:73:
b4:16:69:92:d2:1b:12:65:90:04:98:69:68:22:1c:89:b9:6f:
6e:81:89:3b:e8:fb:38:99:62:f7:dd:d1:c9:38:2c:2f:68:a1:
b9:9d:7c:a0:bd:5c:ac:6c:86:af:25:a3:ab:ec:a9:93:b4:27:
93:00:8f:58:21:2c:54:89:e1:8d:89:b4:f8:0a:3c:4b:72:e5:
16:76:55:50:47:dc:34:db:28:35:7c:62:0f:b6:3e:f7:29:a2:
bc:2f:3b:cb:9b:29:98:e4:38:5d:a7:91:90:86:9f:dc:4e:1d:
34:5a:82:b7:14:78:d6:da:6b:49:fe:9e:26:71:a4:98:25:a6:
1c:8c:d6:15:06:bc:fa:8c:b3:7c:a2:4f:5b:4d:eb:73:7c:fe:
3b:f2:6f:a0
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYRNvDbzzUqITVaWcEZGr3G2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTA2MTYxODExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGY0YjQxZTMwNTYyYjcxZTEzN2VhOGY4YTVkODA5ZDMyY2M1ZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspTnJ1XkFekMF3Qakpe4VeFHSk+4
omq2iLA/zseMJTqWfN+YqPIDvLMdQhPSvSCnHHA7djVNcGyrdbOiwBWdd5V88MbA
77ltp9gvF5V4305K0GTfIEpEJV8IoKpZfN0CAu8NpDhVReLD3eiaHXZHXm7yyYtj
OlwIqgXWRG0ksKQ9QUK1yirWWUY5FFTPceIkl0jZ5pJGEHKBhg3NSRFd3+oSroYH
3twbHDDU0xdny0Mg5X8HClDGqVDRuI4DqPgNvl2fogBLX6u4iCon5Vag9oqCyMiL
9Gs7FPjDeqyPfmoxCELYDPSFpSvAh3Ix1zBZj43pa1BNpqawI+3NFeHzZQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFD30tB4wVitx4Tfqj4pdgJ0yzF5oMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvUGZTMEhqQldLM0hoTi1xUGlsMkFuVExNWG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBggQCAAEwfDAMAwQH
TVqAAwQATVqCMAwDBAJNWoQDBABNWowwDAMEAU1ajgMEAE1alDAMAwQATVqZAwQA
TVqaAwQATVqcAwQATVqyAwQATVq4AwQATVq8MAwDBAC55g0DBAC55g4DBADV0YoD
BADV0Y8DBADV0ZUDBAHV0ZwDBADV0Z8wFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0G
CSqGSIb3DQEBCwUAA4IBAQAtnvF8jZVoJXING94hZiuIRCbKdH5twi7SUxQMt9tE
U6RzBkgflAKt6G44E38tYKIp7naNr9MgDXnHHwlam9G2qCyBFHuxzyaicea0vNyj
DDzlqE3Vzvx7kJ0jE5fTamGN4hJOZ8shu4Tr93O0FmmS0hsSZZAEmGloIhyJuW9u
gYk76Ps4mWL33dHJOCwvaKG5nXygvVysbIavJaOr7KmTtCeTAI9YISxUieGNibT4
CjxLcuUWdlVQR9w02yg1fGIPtj73KaK8LzvLmymY5Dhdp5GQhp/cTh00WoK3FHjW
2mtJ/p4mcaSYJaYcjNYVBrz6jLN8ok9bTetzfP478m+g
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org