Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/YpUh5TAx2m_3aByf1C2tLcWccRg.roa
File: YpUh5TAx2m_3aByf1C2tLcWccRg.roa (raw, json)
Hash identifier: Dnm5H6Ug6evipXlbS6fZgi+TxGSfx8PWJa/VxbJEeDQ=
Subject key identifier: 62:95:21:E5:30:31:DA:6F:F7:68:1C:9F:D4:2D:AD:2D:C5:9C:71:18
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0789B1A8
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/YpUh5TAx2m_3aByf1C2tLcWccRg.roa
Signing time: Tue 22 Feb 2022 09:40:08 +0000
ROA not before: Tue 22 Feb 2022 09:40:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126464424 (0x789b1a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 22 09:40:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=629521e53031da6ff7681c9fd42dad2dc59c7118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a6:02:04:10:ad:cc:63:2a:d4:de:d4:20:49:
50:18:7f:af:69:8e:67:d6:f6:c7:89:cd:2b:fe:a9:
a5:a8:59:98:69:0c:b0:d1:b3:ad:17:a3:56:e9:b2:
1f:a1:f9:18:31:bf:f3:20:e6:bc:77:9d:b4:89:bb:
11:39:ee:87:e6:28:5c:11:d1:f5:b1:41:53:b2:1c:
30:fb:34:95:d5:96:3d:80:c9:14:4a:49:b6:c7:41:
34:c8:ec:2d:c5:eb:e4:d8:27:96:07:1a:53:97:9c:
ec:4b:a7:1e:b0:ee:3f:76:9e:3a:4e:5a:71:2d:87:
f0:66:5f:22:be:6f:a8:bf:99:a7:ba:96:ea:fc:14:
f9:b0:10:2f:5d:61:39:8e:48:3d:52:7a:e2:b7:75:
6d:5b:07:78:45:25:65:9b:1e:30:54:d7:99:94:ab:
9f:15:ff:a2:63:21:eb:63:82:60:d8:ef:69:5b:a9:
7f:bd:4e:80:ca:82:05:84:a2:f3:c6:dd:b1:f3:8d:
a8:bf:50:26:a9:fa:4e:9c:91:59:f6:53:b1:c2:d3:
f7:f5:7e:09:d7:3b:03:87:ce:d2:2e:e7:ec:d6:c8:
cb:50:9d:2f:4c:89:bd:52:10:b1:42:2c:65:ec:65:
63:38:f3:d8:dd:ec:7f:b1:85:e2:d3:09:4b:ef:60:
e9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:95:21:E5:30:31:DA:6F:F7:68:1C:9F:D4:2D:AD:2D:C5:9C:71:18
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/YpUh5TAx2m_3aByf1C2tLcWccRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
213.209.130.0/24
213.209.138.0/24
213.209.147.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
60:ac:d1:6d:ea:eb:fa:95:55:3b:0a:cd:a6:df:4d:ac:d3:31:
ae:3c:ac:62:ea:c8:a5:ed:14:52:cc:1b:80:bb:b9:44:00:be:
9e:a4:b5:ec:11:ab:f3:46:08:a8:80:1d:eb:4b:63:ee:72:37:
39:3a:37:cd:80:06:51:57:dc:8f:dc:27:ac:d5:c4:83:b5:b4:
aa:11:70:36:51:f5:a4:dd:fa:37:ea:9a:e5:94:de:ba:15:ed:
4e:0a:e0:2f:c7:0d:55:20:e6:ad:46:4a:68:19:35:a1:ca:27:
31:81:62:07:e9:48:ac:65:67:d9:e6:d4:97:49:95:2b:41:c7:
53:0c:42:77:99:a1:93:3c:f0:1b:b1:f9:9c:96:d6:b0:2e:f2:
64:9c:42:53:07:89:14:bd:96:fe:37:3f:73:42:ef:2c:e5:91:
01:4f:e2:23:3f:f8:72:a0:f2:79:71:a3:6c:b2:69:f3:f5:37:
40:d7:3c:2d:1b:84:02:91:93:b3:33:bf:c9:04:70:37:b4:1b:
32:68:1c:20:b0:2d:4d:bf:30:0a:c5:1c:dd:ea:ee:07:ce:bf:
3a:5d:09:09:74:aa:af:d7:d7:04:0a:47:35:ea:63:bd:63:a2:
cf:99:b1:1e:55:35:02:6f:35:a6:e8:82:01:64:96:28:cc:a3:
da:2f:d2:4c
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIEB4mxqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDIy
MjA5NDAwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjI5NTIxZTUzMDMx
ZGE2ZmY3NjgxYzlmZDQyZGFkMmRjNTljNzExODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6mAgQQrcxjKtTe1CBJUBh/r2mOZ9b2x4nNK/6ppahZmGkM
sNGzrRejVumyH6H5GDG/8yDmvHedtIm7ETnuh+YoXBHR9bFBU7IcMPs0ldWWPYDJ
FEpJtsdBNMjsLcXr5NgnlgcaU5ec7EunHrDuP3aeOk5acS2H8GZfIr5vqL+Zp7qW
6vwU+bAQL11hOY5IPVJ64rd1bVsHeEUlZZseMFTXmZSrnxX/omMh62OCYNjvaVup
f71OgMqCBYSi88bdsfONqL9QJqn6TpyRWfZTscLT9/V+Cdc7A4fO0i7n7NbIy1Cd
L0yJvVIQsUIsZexlYzjz2N3sf7GF4tMJS+9g6dMCAwEAAaOCAnAwggJsMB0GA1Ud
DgQWBBRilSHlMDHab/doHJ/ULa0txZxxGDAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1lwVWg1VEF4Mm1fM2FCeWYxQzJ0TGNXY2NSZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hQYIKwYBBQUHAQcBAf8EdjB0MFwEAgABMFYwDAMEB01agAMEAE1agjAMAwQCTVqE
AwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAwDAMEAU1akgMEAE1alAMEAE1amQME
ANXRggMEANXRigMEANXRkzAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcN
AQELBQADggEBAGCs0W3q6/qVVTsKzabfTazTMa48rGLqyKXtFFLMG4C7uUQAvp6k
tewRq/NGCKiAHetLY+5yNzk6N82ABlFX3I/cJ6zVxIO1tKoRcDZR9aTd+jfqmuWU
3roV7U4K4C/HDVUg5q1GSmgZNaHKJzGBYgfpSKxlZ9nm1JdJlStBx1MMQneZoZM8
8Bux+ZyW1rAu8mScQlMHiRS9lv43P3NC7yzlkQFP4iM/+HKg8nlxo2yyafP1N0DX
PC0bhAKRk7Mzv8kEcDe0GzJoHCCwLU2/MArFHN3q7gfOvzpdCQl0qq/X1wQKRzXq
Y71jos+ZsR5VNQJvNaboggFklijMo9ov0kw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org