Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U7av8aQ_IncUYy5SgHS8uRnkiG8.roa
File: U7av8aQ_IncUYy5SgHS8uRnkiG8.roa (raw, json)
Hash identifier: lKu19lKqlj4LbuYUuTGvT5gHUkLvX2F1iIoBVPsxa/g=
Subject key identifier: 53:B6:AF:F1:A4:3F:22:77:14:63:2E:52:80:74:BC:B9:19:E4:88:6F
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01823A23D5F80961C5C0D69037C98AA2B7DC
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U7av8aQ_IncUYy5SgHS8uRnkiG8.roa
Signing time: Tue 26 Jul 2022 10:53:23 +0000
ROA not before: Tue 26 Jul 2022 10:53:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3a:23:d5:f8:09:61:c5:c0:d6:90:37:c9:8a:a2:b7:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 26 10:53:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53b6aff1a43f227714632e528074bcb919e4886f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d5:ae:91:f6:bc:15:03:48:77:c7:57:b8:c7:
77:c1:6a:f2:15:96:e0:02:01:a3:3a:64:73:dc:0c:
52:ae:75:5f:be:c4:c6:13:e3:17:3f:81:9b:57:1d:
8d:4b:bf:07:d5:78:55:f7:04:fb:d5:fc:08:b8:64:
5c:40:23:18:17:55:d5:92:ce:d2:70:a1:84:44:84:
62:a4:a2:95:f2:8a:f4:61:58:0a:38:e2:1a:81:35:
7e:98:81:93:e8:b1:e7:f7:dc:56:99:34:e4:00:a9:
6b:38:fe:36:8d:2b:82:62:8b:14:61:5e:61:6a:ef:
57:27:52:a2:d8:58:67:d1:7f:bc:8a:dc:17:bf:43:
43:2c:c6:05:d2:32:4e:d7:d3:f3:8a:31:2c:47:81:
fa:c7:c7:a9:4f:35:a4:5e:7c:e8:9a:12:a9:c6:cd:
6e:99:fe:d0:29:a2:de:22:0c:30:3c:cb:20:f5:e9:
83:74:af:c9:d9:85:9d:99:00:4d:51:14:c5:50:64:
a7:1c:9c:0c:af:cc:64:bd:8c:ea:db:14:ed:83:c6:
4f:4e:12:d6:5e:fb:b3:75:cb:92:82:03:71:e7:9c:
06:e0:73:59:29:88:2f:ff:fe:ae:7e:00:2d:5a:ff:
a8:c6:27:3c:c7:6f:5b:26:5c:c0:0d:0f:38:17:8b:
71:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B6:AF:F1:A4:3F:22:77:14:63:2E:52:80:74:BC:B9:19:E4:88:6F
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U7av8aQ_IncUYy5SgHS8uRnkiG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.149.255
77.90.152.0/24
77.90.154.0/24
77.90.157.0/24
77.90.173.0/24
77.90.188.0/24
77.90.191.0/24
185.230.12.0/24
213.209.130.0/24
213.209.133.0/24
213.209.138.0/24
213.209.144.0/23
213.209.157.0-213.209.158.255
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
8f:81:43:05:bc:ce:40:44:a6:c7:76:1f:86:f0:8f:96:cc:3d:
fe:96:28:c6:e2:fd:37:01:f4:c3:71:0f:5b:19:27:c2:2d:2a:
3c:d2:ef:d0:be:36:f5:e0:47:eb:94:6a:17:cd:da:22:4b:ac:
dc:d4:2d:04:32:2f:5d:13:8b:94:7c:2f:92:d8:03:bf:75:29:
f5:d8:16:fc:31:11:6f:e5:67:46:fd:a7:6e:6f:5c:d0:df:5e:
c5:73:49:88:8c:b4:e3:a8:d4:28:bb:3d:8f:2e:6a:2c:0d:01:
cb:3c:1f:c9:63:05:db:e4:92:d3:71:2f:24:76:65:a1:b2:8d:
19:cf:66:cd:d2:01:84:25:8d:5a:1b:7b:71:16:1a:7d:b6:e6:
66:9d:45:35:fc:0c:ed:83:69:85:b6:50:e0:d3:3c:3e:1d:26:
3a:64:14:69:8e:e0:4b:15:9b:e9:3a:65:fa:7f:5b:18:ae:e7:
0c:f9:13:97:7b:34:67:a2:21:a2:ae:13:75:7c:34:31:bc:4e:
ad:f8:ec:c9:a7:71:e8:90:e1:41:3b:16:33:97:4d:8d:73:a4:
58:6f:80:d8:2b:e6:76:c1:4c:18:c9:90:6c:55:7e:66:e1:80:
a2:58:0d:c1:0a:37:3c:5c:86:de:04:68:80:f0:60:0b:5b:fe:
a8:f0:03:d1
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYI6I9X4CWHFwNaQN8mKorfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzI2MTA1MzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2I2YWZmMWE0M2YyMjc3MTQ2MzJlNTI4MDc0YmNiOTE5ZTQ4ODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdWukfa8FQNId8dXuMd3wWryFZbg
AgGjOmRz3AxSrnVfvsTGE+MXP4GbVx2NS78H1XhV9wT71fwIuGRcQCMYF1XVks7S
cKGERIRipKKV8or0YVgKOOIagTV+mIGT6LHn99xWmTTkAKlrOP42jSuCYosUYV5h
au9XJ1Ki2Fhn0X+8itwXv0NDLMYF0jJO19PzijEsR4H6x8epTzWkXnzomhKpxs1u
mf7QKaLeIgwwPMsg9emDdK/J2YWdmQBNURTFUGSnHJwMr8xkvYzq2xTtg8ZPThLW
XvuzdcuSggNx55wG4HNZKYgv//6ufgAtWv+oxic8x29bJlzADQ84F4txJQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFFO2r/GkPyJ3FGMuUoB0vLkZ5IhvMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVTdhdjhhUV9JbmNVWXk1U2dIUzh1Um5raUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBlQQCAAEwgY4wDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAwDAME
AU1akgMEAU1alAMEAE1amAMEAE1amgMEAE1anQMEAE1arQMEAE1avAMEAE1avwME
ALnmDAMEANXRggMEANXRhQMEANXRigMEAdXRkDAMAwQA1dGdAwQA1dGeMBQEAgAC
MA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAj4FDBbzOQESmx3Yf
hvCPlsw9/pYoxuL9NwH0w3EPWxknwi0qPNLv0L429eBH65RqF83aIkus3NQtBDIv
XROLlHwvktgDv3Up9dgW/DERb+VnRv2nbm9c0N9exXNJiIy046jUKLs9jy5qLA0B
yzwfyWMF2+SS03EvJHZlobKNGc9mzdIBhCWNWht7cRYafbbmZp1FNfwM7YNphbZQ
4NM8Ph0mOmQUaY7gSxWb6Tpl+n9bGK7nDPkTl3s0Z6Ihoq4TdXw0MbxOrfjsyadx
6JDhQTsWM5dNjXOkWG+A2CvmdsFMGMmQbFV+ZuGAolgNwQo3PFyG3gRogPBgC1v+
qPAD0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org