Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Szs7yC2lGeMGH1nEK3JJHDhLQls.roa
File: Szs7yC2lGeMGH1nEK3JJHDhLQls.roa (raw, json)
Hash identifier: ZMv6NdGy8hlH2Z8/w1a8j6Zu3excqwHif9z/8nR+FDE=
Subject key identifier: 4B:3B:3B:C8:2D:A5:19:E3:06:1F:59:C4:2B:72:49:1C:38:4B:42:5B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09D5D5F6
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Szs7yC2lGeMGH1nEK3JJHDhLQls.roa
Signing time: Thu 23 Jun 2022 14:01:19 +0000
ROA not before: Thu 23 Jun 2022 14:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165008886 (0x9d5d5f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 23 14:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b3b3bc82da519e3061f59c42b72491c384b425b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:98:6d:a0:45:7d:d3:db:1e:a8:99:b3:bd:86:
1e:85:ec:e3:7a:14:6e:b9:3b:2f:91:22:71:6c:75:
05:29:eb:ee:0b:89:06:e1:4d:40:62:3d:c5:6c:bf:
95:4a:56:54:da:71:eb:b7:1c:29:42:24:21:48:c9:
54:c2:4d:9c:40:a6:93:22:92:7b:32:cc:24:71:44:
29:04:1a:6a:0c:7d:15:a9:30:36:19:48:7c:fb:29:
6e:9d:c9:9c:c9:0c:94:96:2b:eb:d6:a9:2e:49:bc:
19:b6:c8:bd:68:39:ce:45:e0:a7:5d:ab:2c:08:ff:
8a:42:5f:b1:d4:06:11:a5:b4:81:c7:51:da:f3:6c:
41:c3:eb:7f:f0:dd:bb:79:77:9d:1f:de:35:ea:a4:
70:f8:3a:a9:91:b3:e3:8c:4f:af:b9:27:08:c9:42:
5c:74:0a:82:e2:b5:d4:3e:bf:69:db:ce:d2:e3:c8:
0e:e2:52:9c:90:b5:ae:08:61:84:31:89:2c:3d:9f:
2e:f0:dc:ae:cc:c6:53:50:6d:f3:ae:bd:35:f9:55:
a6:ad:a3:5e:79:4a:bc:bb:98:b5:06:e8:6a:1e:07:
d8:de:7d:82:b2:bf:ea:f1:46:b2:38:fd:8e:1b:be:
7c:c6:06:37:c3:8b:e1:87:30:55:ff:97:da:47:76:
7c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:3B:3B:C8:2D:A5:19:E3:06:1F:59:C4:2B:72:49:1C:38:4B:42:5B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Szs7yC2lGeMGH1nEK3JJHDhLQls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.164.0/24
77.90.179.0/24
77.90.181.0/24
77.90.191.0/24
213.209.130.0/24
213.209.138.0/24
213.209.147.0/24
213.209.151.0/24
213.209.158.0/23
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
75:56:29:ce:15:84:0d:97:9d:ef:35:af:4c:c3:7c:f1:f8:ad:
81:d5:7d:27:85:30:50:ac:ea:6d:e2:6a:84:68:15:e3:3b:84:
d6:1a:38:c3:9c:12:a2:d7:d2:42:c1:5b:c8:5e:2a:d5:6a:8b:
9d:37:6f:f1:f7:c1:53:51:63:43:cc:96:2c:74:99:cd:a3:56:
a8:cc:af:93:41:b6:56:e9:54:20:fa:76:47:1f:76:f6:33:8f:
f8:6d:a2:d5:6e:01:91:cc:8e:03:44:29:cc:b4:f2:f7:32:37:
c5:33:7c:38:b5:75:d1:59:50:38:58:10:32:d1:a5:4a:58:8f:
d4:e7:55:5d:e0:e9:97:0a:0a:dc:02:bb:b8:f2:e1:e4:47:8d:
2c:e4:c9:b5:c5:83:d9:81:c8:8c:c5:6b:68:66:03:b1:6b:d3:
d3:1f:9a:43:33:71:8a:e9:97:88:c2:f2:0b:77:88:c1:07:1a:
b7:81:fb:9a:62:af:e5:d4:53:78:ed:d2:84:78:e1:46:e3:e7:
b6:16:b9:f3:2f:bd:ce:26:dd:29:33:fb:09:7a:40:0b:de:8e:
cd:48:ce:ff:e6:8f:d0:20:7e:db:a1:fa:39:52:24:4f:f4:b8:
30:d8:23:b2:98:13:e7:d2:9f:5a:77:e8:fe:fe:ac:fb:05:59:
b9:f1:7d:30
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIECdXV9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
MzE0MDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGIzYjNiYzgyZGE1
MTllMzA2MWY1OWM0MmI3MjQ5MWMzODRiNDI1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANyYbaBFfdPbHqiZs72GHoXs43oUbrk7L5EicWx1BSnr7guJ
BuFNQGI9xWy/lUpWVNpx67ccKUIkIUjJVMJNnECmkyKSezLMJHFEKQQaagx9Fakw
NhlIfPspbp3JnMkMlJYr69apLkm8GbbIvWg5zkXgp12rLAj/ikJfsdQGEaW0gcdR
2vNsQcPrf/Ddu3l3nR/eNeqkcPg6qZGz44xPr7knCMlCXHQKguK11D6/advO0uPI
DuJSnJC1rghhhDGJLD2fLvDcrszGU1Bt8669NflVpq2jXnlKvLuYtQboah4H2N59
grK/6vFGsjj9jhu+fMYGN8OL4YcwVf+X2kd2fKcCAwEAAaOCAqAwggKcMB0GA1Ud
DgQWBBRLOzvILaUZ4wYfWcQrckkcOEtCWzAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1N6czd5QzJsR2VNR0gxbkVLM0pKSERoTFFscy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tQYIKwYBBQUHAQcBAf8EgaUwgaIwgYkEAgABMIGCMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpIDBABNWpQwDAME
AE1amQMEAE1amgMEAE1apAMEAE1aswMEAE1atQMEAE1avwMEANXRggMEANXRigME
ANXRkwMEANXRlwMEAdXRnjAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcN
AQELBQADggEBAHVWKc4VhA2Xne81r0zDfPH4rYHVfSeFMFCs6m3iaoRoFeM7hNYa
OMOcEqLX0kLBW8heKtVqi503b/H3wVNRY0PMlix0mc2jVqjMr5NBtlbpVCD6dkcf
dvYzj/htotVuAZHMjgNEKcy08vcyN8UzfDi1ddFZUDhYEDLRpUpYj9TnVV3g6ZcK
CtwCu7jy4eRHjSzkybXFg9mByIzFa2hmA7Fr09MfmkMzcYrpl4jC8gt3iMEHGreB
+5pir+XUU3jt0oR44Ubj57YWufMvvc4m3Skz+wl6QAvejs1Izv/mj9Agftuh+jlS
JE/0uDDYI7KYE+fSn1p36P7+rPsFWbnxfTA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org