Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TtQnqUm6eWsrjWNKseeiSyMc0no.roa
File: TtQnqUm6eWsrjWNKseeiSyMc0no.roa (raw, json)
Hash identifier: XaL8xTiFwSI4VGljrfIeviZEhjMn/tMQ1WhsVsHuZxA=
Subject key identifier: 4E:D4:27:A9:49:BA:79:6B:2B:8D:63:4A:B1:E7:A2:4B:23:1C:D2:7A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09296928
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TtQnqUm6eWsrjWNKseeiSyMc0no.roa
Signing time: Tue 17 May 2022 13:00:29 +0000
ROA not before: Tue 17 May 2022 13:00:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153708840 (0x9296928)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 17 13:00:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ed427a949ba796b2b8d634ab1e7a24b231cd27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:59:69:29:a5:5c:77:93:30:43:42:41:1e:15:
bb:fe:2d:6e:49:39:42:57:71:e6:f4:24:a9:6b:33:
ac:13:01:b4:8a:c6:21:59:c6:e0:12:6e:09:20:80:
a4:3f:8e:47:98:a9:04:37:03:9f:d6:2e:a3:72:bf:
37:54:c7:4e:1c:00:2e:da:ab:57:7f:05:a8:09:af:
00:21:34:d8:d0:09:80:30:01:4a:80:91:13:5b:6d:
1f:66:99:87:11:25:20:5f:02:a2:2e:6d:38:4a:a3:
c6:0c:15:75:28:40:08:3a:7d:9d:f9:c6:a6:7b:65:
7d:63:0c:3e:bf:a3:7c:2e:2d:30:d7:2a:c1:d8:00:
3a:19:b1:8f:ea:3d:73:bb:d6:bf:fd:8e:2f:bb:cc:
1f:c0:27:c7:94:37:1c:37:2c:ac:1f:75:83:0d:7e:
6b:83:98:db:04:b6:c4:b8:8e:c9:f5:d5:96:79:33:
7d:fc:85:b0:c4:24:02:7f:e8:0f:30:ed:1b:2d:ae:
e6:68:1d:67:b4:2b:7c:54:39:c5:ee:c3:64:4d:62:
73:89:b0:b5:46:8f:b1:47:3b:89:e1:31:67:2c:de:
6c:c7:da:82:93:73:46:be:f1:8b:46:c4:2a:98:4f:
8c:a2:b5:2c:6f:b4:73:0d:31:64:d1:d2:04:4c:78:
0b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D4:27:A9:49:BA:79:6B:2B:8D:63:4A:B1:E7:A2:4B:23:1C:D2:7A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TtQnqUm6eWsrjWNKseeiSyMc0no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.152.0/24
77.90.154.0-77.90.156.255
77.90.164.0/24
77.90.178.0/24
77.90.180.0/23
77.90.191.0/24
185.230.12.0/23
213.209.130.0/24
213.209.133.0/24
213.209.136.0/24
213.209.138.0/24
213.209.144.0/24
213.209.150.0/24
213.209.156.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
11:62:47:6a:aa:e6:a5:ca:1b:ff:19:54:bc:89:6f:66:04:6f:
58:43:c0:1a:e5:c6:e1:51:c6:e7:94:fd:2b:c7:17:28:a8:20:
38:c2:2f:d1:e4:39:36:83:65:1a:f5:f9:59:87:bd:26:55:3f:
8e:11:ad:b5:09:e8:a9:a9:64:e2:c3:28:76:1b:47:61:53:0f:
cf:cb:3d:27:c5:fc:e6:7e:c4:4e:ee:df:af:af:c7:e4:db:ae:
13:c4:1a:43:88:ef:08:4d:75:3f:f3:6c:3a:05:cc:af:c5:b2:
1a:ff:d4:f3:b3:68:fe:55:66:d0:02:fb:d7:ea:2f:94:f9:6c:
03:73:91:6a:c1:fb:68:bf:52:a0:83:aa:78:8e:60:af:ca:f7:
38:b8:60:5a:a9:cb:ea:6e:77:8b:e9:90:fd:77:3d:23:5f:e7:
e4:da:45:0f:18:81:a7:11:1e:50:c2:d4:23:6d:b8:a7:44:dd:
2a:8d:61:4a:5c:3a:92:28:6d:71:95:40:92:57:77:40:4c:da:
67:3d:2e:a1:b7:27:c3:62:52:8b:86:b4:d7:28:37:e8:4b:d8:
59:b7:a1:52:3b:1e:88:c6:59:17:90:ca:15:20:32:67:95:39:
98:9b:77:07:05:85:42:5c:f0:23:24:2e:99:33:0e:d9:9c:03:
e2:72:78:c7
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIECSlpKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUx
NzEzMDAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVkNDI3YTk0OWJh
Nzk2YjJiOGQ2MzRhYjFlN2EyNGIyMzFjZDI3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRZaSmlXHeTMENCQR4Vu/4tbkk5Qldx5vQkqWszrBMBtIrG
IVnG4BJuCSCApD+OR5ipBDcDn9Yuo3K/N1THThwALtqrV38FqAmvACE02NAJgDAB
SoCRE1ttH2aZhxElIF8Coi5tOEqjxgwVdShACDp9nfnGpntlfWMMPr+jfC4tMNcq
wdgAOhmxj+o9c7vWv/2OL7vMH8Anx5Q3HDcsrB91gw1+a4OY2wS2xLiOyfXVlnkz
ffyFsMQkAn/oDzDtGy2u5mgdZ7QrfFQ5xe7DZE1ic4mwtUaPsUc7ieExZyzebMfa
gpNzRr7xi0bEKphPjKK1LG+0cw0xZNHSBEx4C0MCAwEAAaOCAqowggKmMB0GA1Ud
DgQWBBRO1CepSbp5ayuNY0qx56JLIxzSejAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1R0UW5xVW02ZVdzcmpXTktzZWVpU3lNYzBuby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vwYIKwYBBQUHAQcBAf8Ega8wgawwgZMEAgABMIGMMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqYMAwDBAFNWpoDBABN
WpwDBABNWqQDBABNWrIDBAFNWrQDBABNWr8DBAG55gwDBADV0YIDBADV0YUDBADV
0YgDBADV0YoDBADV0ZADBADV0ZYDBADV0ZwwFAQCAAIwDgMFACoEKcIDBQAqBCnH
MA0GCSqGSIb3DQEBCwUAA4IBAQARYkdqqualyhv/GVS8iW9mBG9YQ8Aa5cbhUcbn
lP0rxxcoqCA4wi/R5Dk2g2Ua9flZh70mVT+OEa21CeipqWTiwyh2G0dhUw/Pyz0n
xfzmfsRO7t+vr8fk264TxBpDiO8ITXU/82w6BcyvxbIa/9Tzs2j+VWbQAvvX6i+U
+WwDc5Fqwftov1Kgg6p4jmCvyvc4uGBaqcvqbneL6ZD9dz0jX+fk2kUPGIGnER5Q
wtQjbbinRN0qjWFKXDqSKG1xlUCSV3dATNpnPS6htyfDYlKLhrTXKDfoS9hZt6FS
Ox6IxlkXkMoVIDJnlTmYm3cHBYVCXPAjJC6ZMw7ZnAPicnjH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org