Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/aLhT8x0xC5BmyuYS1RVo5x_2yOY.roa
File: aLhT8x0xC5BmyuYS1RVo5x_2yOY.roa (raw, json)
Hash identifier: pHTStC1Ls1rSXGvNJJarEMeS1/yx8Qz4QVxsm/mBZCM=
Subject key identifier: 68:B8:53:F3:1D:31:0B:90:66:CA:E6:12:D5:15:68:E7:1F:F6:C8:E6
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 07782B8E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/aLhT8x0xC5BmyuYS1RVo5x_2yOY.roa
Signing time: Thu 17 Feb 2022 07:09:15 +0000
ROA not before: Thu 17 Feb 2022 07:09:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125315982 (0x7782b8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 17 07:09:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68b853f31d310b9066cae612d51568e71ff6c8e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bf:bc:5f:50:b3:11:4f:07:36:ba:ba:ff:9e:
f4:33:03:6c:4f:9a:b4:f4:ac:d3:16:b8:19:dc:f7:
d2:a8:ac:76:6f:0d:42:13:c5:4e:30:3d:78:4c:ec:
c9:f5:a2:8a:a7:25:84:81:7f:bf:34:5f:49:fd:57:
ab:31:5c:e6:61:e6:de:9c:98:75:ad:bb:31:ba:49:
d3:30:de:56:54:cc:c0:32:bf:8a:da:a5:a0:8a:7c:
60:0d:75:f9:d9:d9:9d:cc:a8:a2:b7:06:84:8d:79:
15:f2:21:c1:ea:05:22:28:a7:9f:4a:16:30:ad:8f:
1d:6d:e3:8a:f1:2a:4a:6b:98:98:11:21:77:72:6c:
36:a4:16:ed:4b:96:0d:51:ed:46:0c:af:57:84:80:
a7:49:29:1e:5f:13:d2:8e:20:15:d5:62:30:30:40:
c1:41:74:97:15:86:73:d9:c7:2b:cb:19:1c:d6:a8:
d5:fe:eb:ed:71:6c:bb:ca:19:d1:f4:58:84:da:be:
a7:bd:04:dc:06:a4:eb:5c:02:b8:28:1a:91:86:ed:
ab:64:1b:83:8b:9e:b2:2a:e1:e1:6c:6b:69:37:99:
49:4b:56:4f:e9:3a:e5:b4:e9:4e:49:d7:33:e4:3b:
01:05:07:7d:3f:16:22:28:b0:44:61:2c:11:24:95:
42:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B8:53:F3:1D:31:0B:90:66:CA:E6:12:D5:15:68:E7:1F:F6:C8:E6
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/aLhT8x0xC5BmyuYS1RVo5x_2yOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.157.0/24
185.230.14.0/24
213.209.130.0/24
213.209.138.0/24
213.209.147.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
a7:b9:a6:fb:2a:cb:64:f3:69:ad:48:da:fc:31:3c:8c:38:fc:
be:10:65:85:83:c2:81:e2:f9:c9:cd:65:f5:67:17:d2:bd:66:
e7:71:79:52:ea:da:a0:89:78:33:58:23:6e:ad:9c:00:eb:f2:
a4:49:87:e8:29:ee:94:66:ff:c0:d9:8b:8a:8f:30:90:13:60:
06:4b:7f:70:d1:53:7c:ef:6e:59:e8:3f:4d:b3:70:b0:61:06:
f5:18:d8:53:68:a8:89:26:ad:c9:55:9c:55:d3:43:eb:a3:4a:
3a:f0:3f:1b:3c:63:56:fc:c2:01:03:05:77:c4:b6:de:94:aa:
33:a5:72:f2:75:ac:98:ca:16:02:55:6b:d3:20:88:7a:66:8d:
dd:ea:59:df:1e:cc:ee:79:4b:82:fc:38:40:b3:c5:b6:23:55:
ac:ac:67:4e:77:45:29:f8:d3:b3:ac:81:df:b3:ed:85:33:76:
70:f8:c6:0f:57:b1:ba:67:96:b0:c5:b1:33:1c:57:70:59:72:
49:30:9f:34:45:6c:6b:91:52:d4:3c:95:f2:c0:cf:ca:e8:05:
c0:61:a4:ad:94:da:b2:f8:a4:d8:ef:0b:3b:9f:c5:47:28:39:
ad:b6:65:fc:62:be:d2:a2:54:15:ab:6f:92:50:23:f6:59:2f:
ff:fd:56:88
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIEB3grjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDIx
NzA3MDkxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhiODUzZjMxZDMx
MGI5MDY2Y2FlNjEyZDUxNTY4ZTcxZmY2YzhlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKm/vF9QsxFPBza6uv+e9DMDbE+atPSs0xa4Gdz30qisdm8N
QhPFTjA9eEzsyfWiiqclhIF/vzRfSf1XqzFc5mHm3pyYda27MbpJ0zDeVlTMwDK/
itqloIp8YA11+dnZncyoorcGhI15FfIhweoFIiinn0oWMK2PHW3jivEqSmuYmBEh
d3JsNqQW7UuWDVHtRgyvV4SAp0kpHl8T0o4gFdViMDBAwUF0lxWGc9nHK8sZHNao
1f7r7XFsu8oZ0fRYhNq+p70E3Aak61wCuCgakYbtq2Qbg4uesirh4WxraTeZSUtW
T+k65bTpTknXM+Q7AQUHfT8WIiiwRGEsESSVQuMCAwEAAaOCAn4wggJ6MB0GA1Ud
DgQWBBRouFPzHTELkGbK5hLVFWjnH/bI5jAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2FMaFQ4eDB4QzVCbXl1WVMxUlZvNXhfMnlPWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
kwYIKwYBBQUHAQcBAf8EgYMwgYAwaAQCAAEwYjAMAwQHTVqAAwQATVqCMAwDBAJN
WoQDBABNWooDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqSAwQATVqUAwQATVqZ
AwQATVqdAwQAueYOAwQA1dGCAwQA1dGKAwQA1dGTMBQEAgACMA4DBQAqBCnCAwUA
KgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAp7mm+yrLZPNprUja/DE8jDj8vhBlhYPC
geL5yc1l9WcX0r1m53F5UuraoIl4M1gjbq2cAOvypEmH6CnulGb/wNmLio8wkBNg
Bkt/cNFTfO9uWeg/TbNwsGEG9RjYU2ioiSatyVWcVdND66NKOvA/GzxjVvzCAQMF
d8S23pSqM6Vy8nWsmMoWAlVr0yCIemaN3epZ3x7M7nlLgvw4QLPFtiNVrKxnTndF
KfjTs6yB37PthTN2cPjGD1exumeWsMWxMxxXcFlySTCfNEVsa5FS1DyV8sDPyugF
wGGkrZTasvik2O8LO5/FRyg5rbZl/GK+0qJUFatvklAj9lkv//1WiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org