Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/_mizGh5guehWp5Z04wvFqGseJB4.roa
File: _mizGh5guehWp5Z04wvFqGseJB4.roa (raw, json)
Hash identifier: qAyfV4X7nJVF9PAMrjhGW2tkwstPm5ElLJOoL7OY0gk=
Subject key identifier: FE:68:B3:1A:1E:60:B9:E8:56:A7:96:74:E3:0B:C5:A8:6B:1E:24:1E
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 093A4DD4
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/_mizGh5guehWp5Z04wvFqGseJB4.roa
Signing time: Thu 19 May 2022 06:35:17 +0000
ROA not before: Thu 19 May 2022 06:35:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154815956 (0x93a4dd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 19 06:35:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe68b31a1e60b9e856a79674e30bc5a86b1e241e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c1:80:97:f6:66:65:b2:ef:a1:30:e5:c1:ac:
b4:c2:05:35:9b:59:cf:ea:23:f3:dd:c7:22:51:72:
0a:e3:e5:58:38:1f:ca:76:2a:cd:b3:9e:1d:92:14:
0f:72:61:a2:e6:0d:61:b8:69:04:85:9d:26:6d:c2:
36:8b:3f:99:75:d9:0e:36:fc:19:db:99:2c:39:53:
39:ff:44:de:4c:29:70:da:55:17:79:08:40:26:b9:
65:87:f6:4b:c0:9c:df:5e:bc:f7:f5:7f:32:5e:e0:
68:2e:87:4a:b3:1f:8d:e2:cb:89:02:04:61:9d:ad:
ae:3b:26:1e:3f:4e:66:d8:d5:f1:85:8f:eb:6b:80:
01:93:0f:04:ae:7f:2c:eb:41:24:11:7a:47:9e:bb:
41:b9:ef:d8:0c:47:99:d1:04:b7:42:de:f3:8b:2a:
1b:b8:f7:bd:eb:c7:5a:46:f6:56:68:ee:b3:7c:30:
28:c4:77:fb:fd:43:e8:0f:79:00:c7:93:6b:13:f2:
3b:90:65:04:71:6d:a4:ce:5e:b6:c7:e3:29:37:24:
96:1f:74:5d:f5:a3:70:b4:a7:30:78:91:21:5c:a4:
1e:0f:34:c4:87:f1:e5:54:e7:a2:0b:d2:8e:a4:2f:
ae:d0:71:a4:72:c1:2d:38:a7:a6:af:08:92:d5:b0:
2b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:68:B3:1A:1E:60:B9:E8:56:A7:96:74:E3:0B:C5:A8:6B:1E:24:1E
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/_mizGh5guehWp5Z04wvFqGseJB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.152.0/24
77.90.154.0/24
77.90.164.0/24
77.90.178.0/24
77.90.180.0/23
77.90.191.0/24
185.230.13.0/24
213.209.130.0/24
213.209.133.0-213.209.134.255
213.209.136.0/24
213.209.138.0/24
213.209.144.0/24
213.209.150.0/24
213.209.156.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
0f:92:94:bc:11:b0:4d:67:4b:d4:ff:0d:6a:0c:fc:85:1c:28:
1a:eb:62:7e:73:63:43:27:26:59:5f:13:5a:a0:24:e3:7b:b7:
0c:a4:68:a7:5d:52:28:cd:24:19:d5:aa:54:c3:ca:7f:f0:00:
ca:57:74:01:f5:c9:7e:1f:13:4a:b6:5c:02:04:4e:7c:16:7a:
e7:de:6a:92:4c:87:5c:f4:a6:c5:2d:17:90:75:fd:b1:d5:6a:
cd:bf:33:04:1e:fb:b4:13:28:c6:b4:9c:b3:bd:e9:a7:e3:aa:
6e:51:4a:2d:c4:4c:fb:0e:6e:cd:e3:2c:17:58:17:e3:19:14:
ef:2e:03:26:9d:93:1f:32:bf:a1:17:27:c5:1c:03:1f:54:b6:
52:ae:63:5c:2f:36:79:7c:41:b1:c6:f9:a6:9f:d4:db:a2:37:
e5:e2:e1:1e:cf:79:e4:95:90:b8:37:ba:ea:37:2a:5a:4c:e5:
19:9b:a0:42:c5:ed:d5:21:cd:e0:02:dc:ac:0b:17:73:7c:9c:
01:87:ce:75:a2:f7:9a:6d:1d:f3:36:5c:f7:d2:c6:a7:40:1c:
b4:49:19:d8:9c:aa:f6:d5:3f:7c:11:9a:4a:1e:c7:14:69:6b:
59:01:9e:48:e7:46:ff:70:a0:82:3c:41:49:7e:92:d4:8c:30:
a6:50:1c:02
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIECTpN1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUx
OTA2MzUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmU2OGIzMWExZTYw
YjllODU2YTc5Njc0ZTMwYmM1YTg2YjFlMjQxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTBgJf2ZmWy76Ew5cGstMIFNZtZz+oj893HIlFyCuPlWDgf
ynYqzbOeHZIUD3JhouYNYbhpBIWdJm3CNos/mXXZDjb8GduZLDlTOf9E3kwpcNpV
F3kIQCa5ZYf2S8Cc31689/V/Ml7gaC6HSrMfjeLLiQIEYZ2trjsmHj9OZtjV8YWP
62uAAZMPBK5/LOtBJBF6R567Qbnv2AxHmdEEt0Le84sqG7j3vevHWkb2Vmjus3ww
KMR3+/1D6A95AMeTaxPyO5BlBHFtpM5etsfjKTcklh90XfWjcLSnMHiRIVykHg80
xIfx5VTnogvSjqQvrtBxpHLBLTinpq8IktWwK5UCAwEAAaOCAqowggKmMB0GA1Ud
DgQWBBT+aLMaHmC56FanlnTjC8Woax4kHjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L19taXpHaDVndWVoV3A1WjA0d3ZGcUdzZUpCNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vwYIKwYBBQUHAQcBAf8Ega8wgawwgZMEAgABMIGMMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqYAwQATVqaAwQATVqk
AwQATVqyAwQBTVq0AwQATVq/AwQAueYNAwQA1dGCMAwDBADV0YUDBADV0YYDBADV
0YgDBADV0YoDBADV0ZADBADV0ZYDBADV0ZwwFAQCAAIwDgMFACoEKcIDBQAqBCnH
MA0GCSqGSIb3DQEBCwUAA4IBAQAPkpS8EbBNZ0vU/w1qDPyFHCga62J+c2NDJyZZ
XxNaoCTje7cMpGinXVIozSQZ1apUw8p/8ADKV3QB9cl+HxNKtlwCBE58Fnrn3mqS
TIdc9KbFLReQdf2x1WrNvzMEHvu0EyjGtJyzvemn46puUUotxEz7Dm7N4ywXWBfj
GRTvLgMmnZMfMr+hFyfFHAMfVLZSrmNcLzZ5fEGxxvmmn9Tbojfl4uEez3nklZC4
N7rqNypaTOUZm6BCxe3VIc3gAtysCxdzfJwBh851oveabR3zNlz30sanQBy0SRnY
nKr21T98EZpKHscUaWtZAZ5I50b/cKCCPEFJfpLUjDCmUBwC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org