Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/b1IdwfdFfrDLPam24WkZ0eqCMDU.roa
File: b1IdwfdFfrDLPam24WkZ0eqCMDU.roa (raw, json)
Hash identifier: QmQZNRGl0b8wT1OudWcW/kE7jcvrpxDyJQ5iQgUrdqs=
Subject key identifier: 6F:52:1D:C1:F7:45:7E:B0:CB:3D:A9:B6:E1:69:19:D1:EA:82:30:35
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0182181372F19BFBBD846007F8E1A7D3B57B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/b1IdwfdFfrDLPam24WkZ0eqCMDU.roa
Signing time: Tue 19 Jul 2022 20:08:23 +0000
ROA not before: Tue 19 Jul 2022 20:08:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:18:13:72:f1:9b:fb:bd:84:60:07:f8:e1:a7:d3:b5:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 19 20:08:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f521dc1f7457eb0cb3da9b6e16919d1ea823035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:95:6a:81:fb:34:4c:ba:18:dc:2b:36:b0:3e:
0d:96:48:62:4d:38:2a:57:2a:7e:d5:68:c4:cd:2c:
56:78:2f:21:34:ad:b5:2b:b7:cc:b5:96:7f:18:c8:
e6:6f:e6:1e:7b:f2:53:e0:4f:d6:58:7f:7a:7c:77:
ce:00:2b:ea:df:ad:30:14:e2:2c:15:21:4f:f2:c0:
35:33:34:7d:8b:dd:3b:0d:43:13:07:16:c8:aa:4b:
7b:90:60:89:3e:15:93:e4:0b:2f:94:9b:f1:f4:3b:
dd:ce:66:e0:06:1a:fd:51:ae:4f:29:42:69:78:64:
db:9d:df:b8:b2:4a:df:a4:64:d3:e6:7a:0a:b0:0f:
d3:c1:1a:c1:90:18:96:6e:2d:26:93:fc:9d:11:d2:
9d:55:fd:9e:aa:b3:25:aa:cb:41:d8:90:46:3a:19:
00:e0:bf:6c:aa:e6:89:89:23:69:ac:51:0e:60:35:
18:5b:fe:cd:6e:87:2f:90:85:2a:88:c4:99:f0:29:
ad:f2:94:a3:ff:0f:c2:c7:28:a2:05:92:5b:c3:31:
92:1a:88:a6:07:bf:07:6d:0e:14:9d:9b:7d:1d:18:
a8:98:b3:21:bf:6b:70:45:8d:b4:0f:79:9d:95:ca:
aa:d6:f3:d4:83:13:19:4b:7b:ea:94:8b:7a:7c:5c:
f7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:52:1D:C1:F7:45:7E:B0:CB:3D:A9:B6:E1:69:19:D1:EA:82:30:35
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/b1IdwfdFfrDLPam24WkZ0eqCMDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.140.255
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.157.0/24
77.90.173.0/24
77.90.179.0/24
77.90.191.0/24
185.230.12.0/24
213.209.129.0-213.209.130.255
213.209.133.0-213.209.134.255
213.209.138.0/24
213.209.144.0/24
213.209.147.0/24
213.209.149.0/24
213.209.151.0/24
213.209.157.0-213.209.158.255
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
35:c0:12:d6:3f:73:86:b6:7a:b6:49:bd:3b:52:b6:47:cc:8b:
b4:b2:d0:b0:9c:7b:97:e2:94:73:85:d1:2a:db:e6:00:f7:2d:
58:23:5a:87:4a:5c:7c:0b:ef:ed:49:3e:f0:03:45:82:02:5b:
f9:e2:44:f0:27:d0:72:8c:65:79:d7:14:1e:8b:e2:f4:8f:c6:
d3:7c:5f:46:05:2b:a4:d2:7f:79:43:61:26:81:4b:ac:a2:47:
bb:4d:8d:c7:e7:cf:95:66:14:aa:16:c9:96:bd:51:0a:1d:50:
2c:ba:b8:61:02:56:35:2c:cb:aa:a3:0b:6c:21:d0:17:e8:ab:
c5:e6:69:48:9d:29:73:c6:05:21:09:90:a8:9c:45:71:45:cb:
9f:38:40:d8:c4:d5:8c:e7:88:8a:d3:3b:f5:5d:69:86:3a:ee:
b8:85:91:72:05:e0:d6:cd:7a:1f:92:b6:90:b9:57:a0:69:9b:
73:3c:eb:21:d1:1f:39:f8:3d:5a:ea:7a:41:0b:b1:0a:70:18:
4c:ba:5a:df:a3:e4:ea:15:aa:c2:65:78:ca:33:2c:c5:e8:dd:
20:6f:fd:a1:95:d3:9c:36:3d:c4:aa:b8:1c:72:c4:ee:58:cf:
a0:83:c9:d7:89:ed:c7:db:76:84:9e:2c:73:e2:32:95:3d:49:
a8:88:0b:aa
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYIYE3Lxm/u9hGAH+OGn07V7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzE5MjAwODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjUyMWRjMWY3NDU3ZWIwY2IzZGE5YjZlMTY5MTlkMWVhODIzMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZVqgfs0TLoY3Cs2sD4NlkhiTTgq
Vyp+1WjEzSxWeC8hNK21K7fMtZZ/GMjmb+Yee/JT4E/WWH96fHfOACvq360wFOIs
FSFP8sA1MzR9i907DUMTBxbIqkt7kGCJPhWT5AsvlJvx9DvdzmbgBhr9Ua5PKUJp
eGTbnd+4skrfpGTT5noKsA/TwRrBkBiWbi0mk/ydEdKdVf2eqrMlqstB2JBGOhkA
4L9squaJiSNprFEOYDUYW/7NbocvkIUqiMSZ8Cmt8pSj/w/CxyiiBZJbwzGSGoim
B78HbQ4UnZt9HRiomLMhv2twRY20D3mdlcqq1vPUgxMZS3vqlIt6fFz3wwIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFG9SHcH3RX6wyz2ptuFpGdHqgjA1MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvYjFJZHdmZEZmckRMUGFtMjRXa1owZXFDTURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBpQQCAAEwgZ4wDAME
B01agAMEAE1agjAMAwQCTVqEAwQATVqMMAwDBAFNWo4DBABNWpQwDAMEAE1amQME
AE1amgMEAE1anQMEAE1arQMEAE1aswMEAE1avwMEALnmDDAMAwQA1dGBAwQA1dGC
MAwDBADV0YUDBADV0YYDBADV0YoDBADV0ZADBADV0ZMDBADV0ZUDBADV0ZcwDAME
ANXRnQMEANXRnjAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQAD
ggEBADXAEtY/c4a2erZJvTtStkfMi7Sy0LCce5filHOF0Srb5gD3LVgjWodKXHwL
7+1JPvADRYICW/niRPAn0HKMZXnXFB6L4vSPxtN8X0YFK6TSf3lDYSaBS6yiR7tN
jcfnz5VmFKoWyZa9UQodUCy6uGECVjUsy6qjC2wh0Bfoq8XmaUidKXPGBSEJkKic
RXFFy584QNjE1YzniIrTO/VdaYY67riFkXIF4NbNeh+StpC5V6Bpm3M86yHRHzn4
PVrqekELsQpwGEy6Wt+j5OoVqsJleMozLMXo3SBv/aGV05w2PcSquBxyxO5Yz6CD
ydeJ7cfbdoSeLHPiMpU9SaiIC6o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org