Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d_xXHtzCQKaj0dY7bTaJLKeai7Q.roa
File: d_xXHtzCQKaj0dY7bTaJLKeai7Q.roa (raw, json)
Hash identifier: x5Db30jfLeWtbSnzyOEhR27t3vrISUgxuWvuvl5hBWI=
Subject key identifier: 77:FC:57:1E:DC:C2:40:A6:A3:D1:D6:3B:6D:36:89:2C:A7:9A:8B:B4
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 08A59185
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d_xXHtzCQKaj0dY7bTaJLKeai7Q.roa
Signing time: Sat 16 Apr 2022 19:04:25 +0000
ROA not before: Sat 16 Apr 2022 19:04:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.189.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145068421 (0x8a59185)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 16 19:04:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77fc571edcc240a6a3d1d63b6d36892ca79a8bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a7:05:0e:5a:06:16:0f:91:b4:a6:87:2e:86:
d2:b5:19:ac:f2:c4:13:fc:db:3c:a9:a1:ad:1e:c6:
01:3a:08:d0:db:a0:e7:18:64:48:2a:57:95:6a:49:
7c:62:31:06:f9:38:c0:e8:84:7e:40:a9:de:bd:fb:
36:88:bc:82:09:ac:16:1d:44:f3:1a:fb:f4:a4:a6:
f8:bf:2b:5d:52:77:76:c2:0e:19:5f:f8:7a:06:09:
a9:03:7b:10:d5:ce:fa:b5:64:3b:de:35:4a:5c:9b:
55:c5:05:c7:ca:7f:ec:4c:2d:1e:ce:e5:0b:4e:e6:
e9:14:50:1b:f0:2c:55:b2:83:24:b4:ba:e3:e0:83:
1d:a7:02:5c:ea:d0:fb:23:7d:ca:09:d1:be:bd:01:
ee:73:73:a1:14:92:09:95:94:63:6e:6f:b6:25:ab:
8c:0f:e7:80:ef:85:f3:9d:c5:74:e5:9b:e4:25:a2:
b0:6d:68:29:bc:1f:c6:74:3d:75:ed:6b:c9:8e:85:
50:ba:4c:df:74:4b:ae:37:54:b6:f6:bc:bb:b2:ff:
6f:d8:1e:dc:3f:e1:f6:b9:47:55:46:ce:0b:2e:72:
17:2d:fc:38:85:6d:73:72:92:51:16:99:6a:64:c2:
e1:37:5e:58:7c:c2:41:98:fc:51:05:7b:90:02:f0:
af:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:FC:57:1E:DC:C2:40:A6:A3:D1:D6:3B:6D:36:89:2C:A7:9A:8B:B4
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d_xXHtzCQKaj0dY7bTaJLKeai7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.157.0/24
77.90.180.0/24
77.90.184.0/23
77.90.189.0/24
185.230.13.0-185.230.14.255
213.209.130.0/24
213.209.134.0/24
213.209.136.0/24
213.209.138.0/24
213.209.146.0/23
213.209.156.0/23
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
9d:38:ee:2b:dd:5b:8a:6d:b1:85:14:6a:c6:63:aa:c3:11:e6:
05:90:f9:b9:2d:53:a4:57:ff:ef:3a:21:6a:e2:a5:3b:9c:6a:
76:62:6a:96:69:a8:02:2a:b8:16:6c:81:0b:3b:65:cb:d7:b5:
6d:d5:f8:3f:a8:5b:e0:58:a0:a9:87:a3:80:5d:9a:e6:85:34:
36:3e:ef:db:1c:e5:79:12:19:3b:b2:5e:80:a8:90:e7:9c:30:
cf:fa:d8:99:a4:e4:d5:a8:5a:d2:05:b8:46:b9:a5:f7:3b:65:
5e:94:5e:50:52:18:08:80:08:70:c9:b5:43:73:0d:74:8d:0b:
f0:cf:33:b4:ad:c9:a4:49:10:34:ac:e1:29:4b:c9:0a:0a:db:
e0:73:ff:b6:48:fd:48:b0:2a:9b:bc:98:d6:38:ab:c5:bf:6e:
03:5b:26:29:5e:07:22:da:53:f0:4a:7c:2b:b7:c4:9d:bb:77:
ea:db:03:37:5c:c0:69:14:25:08:05:da:17:33:8c:b1:92:a7:
f4:01:3c:e3:34:38:c1:2f:8c:78:05:5c:0f:dd:e1:c4:e0:59:
e4:cf:fc:66:b5:25:d9:32:1d:c2:63:63:bd:75:65:d0:2d:da:
68:80:7c:da:44:9f:6f:df:a1:59:be:1f:9d:e3:3f:80:2f:6f:
d7:56:58:10
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIECKWRhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQx
NjE5MDQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdmYzU3MWVkY2My
NDBhNmEzZDFkNjNiNmQzNjg5MmNhNzlhOGJiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmnBQ5aBhYPkbSmhy6G0rUZrPLEE/zbPKmhrR7GAToI0Nug
5xhkSCpXlWpJfGIxBvk4wOiEfkCp3r37Noi8ggmsFh1E8xr79KSm+L8rXVJ3dsIO
GV/4egYJqQN7ENXO+rVkO941SlybVcUFx8p/7EwtHs7lC07m6RRQG/AsVbKDJLS6
4+CDHacCXOrQ+yN9ygnRvr0B7nNzoRSSCZWUY25vtiWrjA/ngO+F853FdOWb5CWi
sG1oKbwfxnQ9de1ryY6FULpM33RLrjdUtva8u7L/b9ge3D/h9rlHVUbOCy5yFy38
OIVtc3KSURaZamTC4TdeWHzCQZj8UQV7kALwrzMCAwEAAaOCApcwggKTMB0GA1Ud
DgQWBBR3/Fce3MJApqPR1jttNoksp5qLtDAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2RfeFhIdHpDUUthajBkWTdiVGFKTEtlYWk3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rAYIKwYBBQUHAQcBAf8EgZwwgZkwgYAEAgABMHowDAMEB01agAMEAE1agjAMAwQC
TVqEAwQATVqKAwQATVqMMAwDBAFNWo4DBABNWpQDBABNWp0DBABNWrQDBAFNWrgD
BABNWr0wDAMEALnmDQMEALnmDgMEANXRggMEANXRhgMEANXRiAMEANXRigMEAdXR
kgMEAdXRnDAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEB
AJ047ivdW4ptsYUUasZjqsMR5gWQ+bktU6RX/+86IWripTucanZiapZpqAIquBZs
gQs7ZcvXtW3V+D+oW+BYoKmHo4BdmuaFNDY+79sc5XkSGTuyXoCokOecMM/62Jmk
5NWoWtIFuEa5pfc7ZV6UXlBSGAiACHDJtUNzDXSNC/DPM7StyaRJEDSs4SlLyQoK
2+Bz/7ZI/UiwKpu8mNY4q8W/bgNbJileByLaU/BKfCu3xJ27d+rbAzdcwGkUJQgF
2hczjLGSp/QBPOM0OMEvjHgFXA/d4cTgWeTP/Ga1JdkyHcJjY711ZdAt2miAfNpE
n2/foVm+H53jP4Avb9dWWBA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org