Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ZaB90a2Wc6ywwTCeKI8Kgw4nhtc.roa
File: ZaB90a2Wc6ywwTCeKI8Kgw4nhtc.roa (raw, json)
Hash identifier: l56MYG+O9ihEQyx1NHl7OeCvAgUKz7R8s3PQH0zoy7w=
Subject key identifier: 65:A0:7D:D1:AD:96:73:AC:B0:C1:30:9E:28:8F:0A:83:0E:27:86:D7
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09BB9D77
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ZaB90a2Wc6ywwTCeKI8Kgw4nhtc.roa
Signing time: Mon 20 Jun 2022 09:57:44 +0000
ROA not before: Mon 20 Jun 2022 09:57:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163290487 (0x9bb9d77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 20 09:57:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65a07dd1ad9673acb0c1309e288f0a830e2786d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c6:de:ea:e1:89:c5:29:03:4d:11:60:81:5e:
87:dc:a5:17:e1:10:ff:45:b2:f1:8c:15:3f:9a:e5:
b1:fd:49:42:95:20:17:32:25:8a:69:ca:9d:0a:a3:
51:96:dc:39:12:74:4a:2e:ec:7d:b1:3d:46:c8:df:
eb:d6:60:75:f2:b3:f8:44:d6:0a:fa:eb:2f:1e:9b:
bc:2e:13:2a:f9:12:94:c2:74:e9:68:0c:03:4e:ad:
9e:e6:9e:9f:f6:7f:77:aa:2e:cb:69:cc:36:12:e9:
71:df:ad:e3:c1:1c:ec:14:7c:e4:64:ad:db:e1:f1:
50:e2:ca:5b:d9:2d:3c:7e:79:ae:d9:98:df:e8:5f:
71:99:b9:a1:57:f0:1a:8e:a8:b5:9a:4a:0f:cf:2e:
7c:79:0e:c0:9f:4a:fe:4d:a2:d2:e4:c5:d5:f5:f9:
0f:ff:71:ae:09:50:fa:44:24:e8:42:e1:80:1a:db:
1d:c3:a2:ca:1f:ad:6e:85:67:ec:f8:90:88:57:ed:
c3:0c:da:35:c6:95:f8:0a:3a:fa:e2:dc:5e:0e:38:
61:51:77:bf:9e:f4:91:69:5e:25:76:47:92:55:8f:
d0:f3:a5:c6:8d:11:dc:00:59:69:f1:69:d0:e7:cc:
e5:90:c5:2d:e4:86:f0:f0:88:e8:9c:a0:a7:78:53:
68:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A0:7D:D1:AD:96:73:AC:B0:C1:30:9E:28:8F:0A:83:0E:27:86:D7
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ZaB90a2Wc6ywwTCeKI8Kgw4nhtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.149.255
77.90.153.0/24
77.90.164.0/24
77.90.179.0/24
77.90.181.0/24
77.90.188.0/24
77.90.191.0/24
185.230.15.0/24
213.209.130.0/24
213.209.136.0/24
213.209.138.0/24
213.209.143.0/24
213.209.147.0/24
213.209.158.0/23
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
8c:eb:8b:42:44:97:ba:17:b0:1c:55:ab:54:bc:ba:bb:9a:ff:
6a:c1:57:9b:a0:70:f6:b8:04:5a:5f:6e:a5:c7:48:40:7c:f1:
08:a6:85:6d:0a:4c:09:ff:71:4a:8a:c0:ff:77:33:9a:8e:5f:
25:86:fd:61:1e:f9:b2:b8:b5:ee:82:08:18:45:e4:4f:67:5c:
24:bf:4a:0f:84:cd:e0:6c:5d:c7:0f:fb:44:80:0b:d1:fb:41:
83:17:ce:aa:b3:4c:a0:3c:c4:97:8b:83:d8:ef:6c:fa:fa:41:
ef:7f:e7:99:15:91:da:67:6a:3a:5c:40:4e:67:a6:00:1e:d9:
18:1c:44:a6:99:53:70:f1:e9:34:21:8d:2e:a5:0e:d5:54:76:
61:aa:da:2e:48:84:95:c2:16:0b:ba:fc:c4:0c:e4:25:a2:c7:
84:55:d8:57:85:77:d3:d5:01:4b:b3:99:b9:18:a5:d7:c3:83:
bf:a1:d1:98:5d:cb:32:4c:ed:e8:92:34:3f:05:58:41:0a:3c:
c0:95:4e:79:88:08:bb:ac:d6:73:e0:d6:c8:57:96:64:4a:2a:
24:9e:b0:f9:b3:9c:c6:dc:92:4c:b3:a6:3c:09:cc:5e:24:e8:
f1:23:d4:f0:d1:22:a4:0d:a6:d8:5e:f1:e9:0e:e8:c8:99:e0:
01:da:03:27
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIECbuddzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
MDA5NTc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjVhMDdkZDFhZDk2
NzNhY2IwYzEzMDllMjg4ZjBhODMwZTI3ODZkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPG3urhicUpA00RYIFeh9ylF+EQ/0Wy8YwVP5rlsf1JQpUg
FzIlimnKnQqjUZbcORJ0Si7sfbE9Rsjf69ZgdfKz+ETWCvrrLx6bvC4TKvkSlMJ0
6WgMA06tnuaen/Z/d6ouy2nMNhLpcd+t48Ec7BR85GSt2+HxUOLKW9ktPH55rtmY
3+hfcZm5oVfwGo6otZpKD88ufHkOwJ9K/k2i0uTF1fX5D/9xrglQ+kQk6ELhgBrb
HcOiyh+tboVn7PiQiFftwwzaNcaV+Ao6+uLcXg44YVF3v570kWleJXZHklWP0POl
xo0R3ABZafFp0OfM5ZDFLeSG8PCI6Jygp3hTaG0CAwEAAaOCAqowggKmMB0GA1Ud
DgQWBBRloH3RrZZzrLDBMJ4ojwqDDieG1zAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1phQjkwYTJXYzZ5d3dUQ2VLSThLZ3c0bmh0Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vwYIKwYBBQUHAQcBAf8Ega8wgawwgZMEAgABMIGMMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpIDBAFNWpQDBABN
WpkDBABNWqQDBABNWrMDBABNWrUDBABNWrwDBABNWr8DBAC55g8DBADV0YIDBADV
0YgDBADV0YoDBADV0Y8DBADV0ZMDBAHV0Z4wFAQCAAIwDgMFACoEKcIDBQAqBCnH
MA0GCSqGSIb3DQEBCwUAA4IBAQCM64tCRJe6F7AcVatUvLq7mv9qwVeboHD2uARa
X26lx0hAfPEIpoVtCkwJ/3FKisD/dzOajl8lhv1hHvmyuLXugggYReRPZ1wkv0oP
hM3gbF3HD/tEgAvR+0GDF86qs0ygPMSXi4PY72z6+kHvf+eZFZHaZ2o6XEBOZ6YA
HtkYHESmmVNw8ek0IY0upQ7VVHZhqtouSISVwhYLuvzEDOQloseEVdhXhXfT1QFL
s5m5GKXXw4O/odGYXcsyTO3okjQ/BVhBCjzAlU55iAi7rNZz4NbIV5ZkSioknrD5
s5zG3JJMs6Y8CcxeJOjxI9Tw0SKkDabYXvHpDujImeAB2gMn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org