Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/X-CkLM9BFsF5vnqk7_kLvgsJ1hE.roa
File: X-CkLM9BFsF5vnqk7_kLvgsJ1hE.roa (raw, json)
Hash identifier: v7PjgtsJxFCQfpdme6SBcuoOvGG/NBZnSpD7BJX2Rrk=
Subject key identifier: 5F:E0:A4:2C:CF:41:16:C1:79:BE:7A:A4:EF:F9:0B:BE:0B:09:D6:11
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 07459A5C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/X-CkLM9BFsF5vnqk7_kLvgsJ1hE.roa
Signing time: Tue 25 Jan 2022 15:40:52 +0000
ROA not before: Tue 25 Jan 2022 15:40:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122002012 (0x7459a5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 25 15:40:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fe0a42ccf4116c179be7aa4eff90bbe0b09d611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4c:7b:8c:11:2b:0a:50:9d:40:2c:32:8d:8c:
74:0f:37:23:40:56:a0:7d:a1:a6:be:cf:bd:1f:06:
07:37:9b:0d:ac:bc:83:28:93:9c:1c:ed:a0:b3:67:
a5:1e:51:d3:55:b3:5f:a0:8a:39:e1:52:24:04:66:
52:40:43:49:0d:85:34:7e:a7:f6:53:89:74:04:f9:
65:31:e0:d4:76:70:d3:17:08:f6:5b:09:70:91:ce:
52:12:85:e3:ca:d1:b8:8e:8b:4b:19:ea:a1:fd:9d:
74:c7:81:5c:8e:46:d0:cf:62:16:08:07:87:ed:0c:
b3:68:3c:b8:f2:f3:11:c5:b2:81:26:c2:74:d6:0e:
00:21:b4:10:85:ac:bf:36:8c:2d:b4:15:bc:30:de:
e4:a0:75:2c:07:b0:e9:0a:de:27:10:ed:ab:8a:d5:
31:0d:95:cf:d9:4d:58:df:68:1c:c4:0c:b6:68:58:
11:f8:cf:bb:8b:66:25:1b:17:0a:df:75:49:2c:ce:
50:b0:92:00:4e:a2:c7:69:d8:00:3d:26:a2:b3:71:
14:9b:0b:95:63:1c:af:6c:5b:f2:f8:ed:a9:ba:88:
4f:0b:2b:dd:c1:c0:0f:5c:64:4d:26:96:81:0c:70:
fd:f2:61:4d:15:ef:5a:8a:90:ea:04:f3:7e:6a:3b:
b5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E0:A4:2C:CF:41:16:C1:79:BE:7A:A4:EF:F9:0B:BE:0B:09:D6:11
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/X-CkLM9BFsF5vnqk7_kLvgsJ1hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
213.209.130.0/24
213.209.138.0/24
213.209.147.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
0e:e8:f2:8f:de:85:23:b6:cb:b4:47:a3:fe:13:17:9b:cf:04:
c8:ae:b4:5b:35:1d:e8:a9:25:75:53:a4:e1:8f:d3:6c:e6:8b:
0d:1e:53:bd:30:9b:d7:01:84:e6:4c:72:6a:0e:d7:20:74:65:
30:db:35:8f:f3:81:70:17:e0:0f:58:d5:dc:e3:a3:83:11:ff:
d7:a5:33:6e:56:2f:05:5c:9a:50:8c:1d:41:e7:3f:4b:b2:1c:
71:3f:20:f1:01:21:13:6d:f8:7e:ab:f4:42:e9:29:fa:56:e4:
f2:dd:1a:35:b0:4f:bd:9a:4d:bc:7f:76:0f:39:e4:8b:3d:be:
0d:78:db:bd:ec:41:8b:42:d8:7a:2a:b3:89:92:ee:43:b7:d9:
e1:cc:a2:07:59:e2:60:d9:8a:e4:20:a2:4b:44:17:cc:0f:26:
cb:fd:87:8a:e9:99:d6:d2:12:ec:e8:b0:b7:89:ac:71:b6:53:
fd:54:5d:48:ef:6a:a3:28:06:98:b9:bc:f1:ce:c3:5a:76:66:
bb:4f:28:a1:9d:cf:d3:ac:9c:44:c4:30:59:79:a8:c9:24:4c:
da:f9:fa:bd:2b:3b:18:93:ac:96:29:e1:c8:b8:5c:85:2d:30:
16:7e:63:a5:ee:d6:7f:96:4f:ef:9c:a5:90:06:22:a1:c5:65:
70:ba:78:33
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEB0WaXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDEy
NTE1NDA1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZlMGE0MmNjZjQx
MTZjMTc5YmU3YWE0ZWZmOTBiYmUwYjA5ZDYxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBMe4wRKwpQnUAsMo2MdA83I0BWoH2hpr7PvR8GBzebDay8
gyiTnBztoLNnpR5R01WzX6CKOeFSJARmUkBDSQ2FNH6n9lOJdAT5ZTHg1HZw0xcI
9lsJcJHOUhKF48rRuI6LSxnqof2ddMeBXI5G0M9iFggHh+0Ms2g8uPLzEcWygSbC
dNYOACG0EIWsvzaMLbQVvDDe5KB1LAew6QreJxDtq4rVMQ2Vz9lNWN9oHMQMtmhY
EfjPu4tmJRsXCt91SSzOULCSAE6ix2nYAD0morNxFJsLlWMcr2xb8vjtqbqITwsr
3cHAD1xkTSaWgQxw/fJhTRXvWoqQ6gTzfmo7tckCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBRf4KQsz0EWwXm+eqTv+Qu+CwnWETAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1gtQ2tMTTlCRnNGNXZucWs3X2tMdmdzSjFoRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wVgQCAAEwUDAMAwQHTVqAAwQATVqCMAwDBAJNWoQD
BABNWooDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqSAwQATVqUAwQA1dGCAwQA
1dGKAwQA1dGTMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOC
AQEADujyj96FI7bLtEej/hMXm88EyK60WzUd6KkldVOk4Y/TbOaLDR5TvTCb1wGE
5kxyag7XIHRlMNs1j/OBcBfgD1jV3OOjgxH/16UzblYvBVyaUIwdQec/S7IccT8g
8QEhE234fqv0Qukp+lbk8t0aNbBPvZpNvH92Dznkiz2+DXjbvexBi0LYeiqziZLu
Q7fZ4cyiB1niYNmK5CCiS0QXzA8my/2HiumZ1tIS7Oiwt4mscbZT/VRdSO9qoygG
mLm88c7DWnZmu08ooZ3P06ycRMQwWXmoySRM2vn6vSs7GJOslinhyLhchS0wFn5j
pe7Wf5ZP75ylkAYiocVlcLp4Mw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org