Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bFxUNY0n_CyTMkW4S4E4vQufmDY.roa
File: bFxUNY0n_CyTMkW4S4E4vQufmDY.roa (raw, json)
Hash identifier: OgWYpCNt91mN9GdjtjSKQX/c3dLNSgZbrZnuujA3Xqk=
Subject key identifier: 6C:5C:54:35:8D:27:FC:2C:93:32:45:B8:4B:81:38:BD:0B:9F:98:36
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018389DE9ED844FCEE480DC8C79A1FD67A69
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bFxUNY0n_CyTMkW4S4E4vQufmDY.roa
Signing time: Thu 29 Sep 2022 15:30:11 +0000
ROA not before: Thu 29 Sep 2022 15:30:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:89:de:9e:d8:44:fc:ee:48:0d:c8:c7:9a:1f:d6:7a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 29 15:30:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c5c54358d27fc2c933245b84b8138bd0b9f9836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:26:f9:26:c2:15:1c:cb:99:80:fe:fd:22:57:
06:22:41:73:68:0f:4c:f1:65:d3:8e:29:03:4d:11:
ef:79:c4:2d:06:e1:18:bd:1a:bb:9f:5b:f1:24:97:
ac:27:2f:67:ca:73:7a:a3:4c:d9:a9:25:d5:ce:71:
a5:83:68:44:6f:cf:f7:60:c3:a0:d7:89:c1:de:8d:
3b:eb:e6:2e:8a:be:9d:05:0f:a1:df:e2:e1:b9:39:
ad:50:0e:7d:2d:3d:9c:38:49:09:92:4a:18:5b:9e:
b7:39:4a:cb:18:5c:6c:94:f7:0f:e0:7f:99:13:11:
dd:f3:6e:50:ad:1e:4a:b9:ba:08:40:d6:cb:e2:d9:
8d:04:91:90:dd:8c:ce:21:1c:d4:d7:dd:0c:bb:22:
30:53:8a:d9:f3:5a:68:40:00:57:f9:c7:78:17:37:
92:e9:20:4e:4a:e4:80:d0:67:52:d1:56:9a:c5:7a:
63:73:33:db:0d:63:b4:4c:70:56:36:ab:cb:ab:2a:
7b:b1:e7:25:7e:41:41:26:d4:1e:3d:df:88:4c:9e:
fa:5a:72:b9:b4:3d:da:fd:31:6c:42:59:b8:ed:0c:
d5:2a:86:7a:c1:72:6b:ed:ba:2c:69:22:eb:d9:46:
8b:e4:08:9e:35:8c:eb:6c:cb:ad:4e:4b:84:d6:c7:
91:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:5C:54:35:8D:27:FC:2C:93:32:45:B8:4B:81:38:BD:0B:9F:98:36
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bFxUNY0n_CyTMkW4S4E4vQufmDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.139.0-77.90.140.255
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
213.209.138.0/24
213.209.143.0/24
213.209.149.0/24
213.209.157.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
5c:63:04:e2:e5:9f:ce:fa:be:7a:85:cc:96:81:c3:a3:ba:d5:
28:f9:15:8f:05:6a:9f:19:78:8f:f0:df:66:19:56:c6:d3:d7:
91:5c:39:de:72:f2:39:7d:9b:5b:c6:7c:ba:44:84:d0:4b:b4:
58:44:59:1b:ae:a5:ef:04:30:8d:b3:2f:e2:b6:6f:32:da:13:
f5:69:e0:f8:b4:96:6c:5e:b0:ca:53:4b:88:52:46:a6:2e:90:
4c:6e:21:48:7f:c0:3c:f4:2b:9b:a1:e6:2f:b0:7d:ac:8b:b2:
4d:8b:35:47:b8:c1:07:7d:76:b8:e0:65:5d:3e:7e:20:b7:71:
30:1b:c6:8e:f5:8b:0a:d9:d0:87:a1:f8:bb:d1:d7:81:76:79:
39:69:7b:5c:4f:65:83:9e:0f:70:c5:5d:6b:0e:be:6b:66:10:
86:b2:7a:1e:1b:cd:c5:b1:f6:6e:55:96:14:59:5e:03:1c:8e:
95:de:3e:f1:e5:18:fe:76:4c:89:5e:0e:7d:d3:f0:d8:ab:05:
04:f0:3c:94:d6:3c:ea:a4:7c:e6:c7:8a:29:52:e9:45:8d:3d:
62:08:bb:c6:0a:57:0e:28:6b:a4:05:d3:7e:3a:91:fe:77:14:
52:9c:61:58:a9:0a:a1:b0:81:c2:e9:7a:81:02:f7:60:b0:ea:
51:e2:86:50
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAYOJ3p7YRPzuSA3Ix5of1nppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwOTI5MTUzMDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzVjNTQzNThkMjdmYzJjOTMzMjQ1Yjg0YjgxMzhiZDBiOWY5ODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyb5JsIVHMuZgP79IlcGIkFzaA9M
8WXTjikDTRHvecQtBuEYvRq7n1vxJJesJy9nynN6o0zZqSXVznGlg2hEb8/3YMOg
14nB3o076+Yuir6dBQ+h3+LhuTmtUA59LT2cOEkJkkoYW563OUrLGFxslPcP4H+Z
ExHd825QrR5KuboIQNbL4tmNBJGQ3YzOIRzU190MuyIwU4rZ81poQABX+cd4FzeS
6SBOSuSA0GdS0VaaxXpjczPbDWO0THBWNqvLqyp7seclfkFBJtQePd+ITJ76WnK5
tD3a/TFsQlm47QzVKoZ6wXJr7bosaSLr2UaL5AieNYzrbMutTkuE1seR3QIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFGxcVDWNJ/wskzJFuEuBOL0Ln5g2MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvYkZ4VU5ZMG5fQ3lUTWtXNFM0RTR2UXVmbURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBqBAIAATBkMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAU1aiDAMAwQATVqLAwQATVqMMAwDBAFNWo4DBABN
WpQwDAMEAE1amQMEAE1amgMEANXRigMEANXRjwMEANXRlQMEANXRnQMEANXRnzAU
BAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAFxjBOLln876
vnqFzJaBw6O61Sj5FY8Fap8ZeI/w32YZVsbT15FcOd5y8jl9m1vGfLpEhNBLtFhE
WRuupe8EMI2zL+K2bzLaE/Vp4Pi0lmxesMpTS4hSRqYukExuIUh/wDz0K5uh5i+w
fayLsk2LNUe4wQd9drjgZV0+fiC3cTAbxo71iwrZ0Ieh+LvR14F2eTlpe1xPZYOe
D3DFXWsOvmtmEIayeh4bzcWx9m5VlhRZXgMcjpXePvHlGP52TIleDn3T8NirBQTw
PJTWPOqkfObHiilS6UWNPWIIu8YKVw4oa6QF0346kf53FFKcYVipCqGwgcLpeoEC
92Cw6lHihlA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org