Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dzHDjI1HK1cbAto8NfJdRN_yG9o.roa
File: dzHDjI1HK1cbAto8NfJdRN_yG9o.roa (raw, json)
Hash identifier: hsqXq2gSxBtZrAYDo2pkIByiaUPOx6rEjyjJH9hmRaw=
Subject key identifier: 77:31:C3:8C:8D:47:2B:57:1B:02:DA:3C:35:F2:5D:44:DF:F2:1B:DA
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09255A2C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dzHDjI1HK1cbAto8NfJdRN_yG9o.roa
Signing time: Mon 16 May 2022 15:37:29 +0000
ROA not before: Mon 16 May 2022 15:37:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153442860 (0x9255a2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 16 15:37:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7731c38c8d472b571b02da3c35f25d44dff21bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5a:d5:6c:7b:b1:e6:7b:eb:d7:08:70:5b:91:
06:0c:21:76:92:71:14:46:31:6d:36:4d:e7:99:78:
81:58:83:4f:ec:e4:01:eb:e3:9d:f8:ac:40:e2:e4:
01:b5:92:b1:bb:65:be:a5:f6:b7:d4:38:17:c5:ba:
ab:07:19:66:a7:ed:22:42:f2:14:24:81:dc:df:c7:
b2:37:fe:dd:a6:8a:5c:cb:50:80:54:bd:f1:e9:b6:
2f:96:ee:39:8a:c6:8b:53:3c:e6:34:62:0c:00:19:
db:89:d0:5d:ef:74:d4:34:d2:92:4b:5d:b2:b3:15:
7a:b6:50:6b:98:64:5c:5b:a3:2d:19:fa:a1:86:93:
99:2f:8c:d3:25:99:1d:5c:5a:ea:3c:ae:26:5b:68:
2a:96:f0:92:fe:57:db:35:f9:9b:eb:d8:3a:52:67:
d1:0c:6b:de:62:82:3b:49:08:c1:6d:be:f3:6b:11:
9e:37:23:84:8d:ff:3b:67:d6:fc:dc:39:a9:1e:30:
23:67:4d:f1:20:cd:a0:71:4a:7c:8d:9d:62:ab:72:
ff:e1:da:f0:90:a1:65:fb:5f:ad:94:70:dc:59:1e:
7c:be:a6:95:04:92:2d:b6:c1:f7:e0:db:e6:66:96:
45:d1:46:c2:ea:f0:71:ed:8d:01:cf:3c:70:2d:bb:
be:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:31:C3:8C:8D:47:2B:57:1B:02:DA:3C:35:F2:5D:44:DF:F2:1B:DA
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dzHDjI1HK1cbAto8NfJdRN_yG9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.152.0/24
77.90.154.0-77.90.156.255
77.90.164.0/24
77.90.178.0/24
77.90.180.0/23
77.90.191.0/24
185.230.12.0/23
213.209.130.0/24
213.209.133.0/24
213.209.136.0/24
213.209.138.0/24
213.209.144.0/24
213.209.146.0/24
213.209.150.0/24
213.209.156.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
aa:2d:6b:fb:a8:a7:0d:fb:42:2d:1d:c2:1b:a6:5f:d1:53:a0:
fb:d7:e4:ef:79:c6:84:db:3b:8d:a3:9d:4e:56:c3:41:b9:22:
1e:a7:3a:da:13:fa:d8:49:f8:61:00:a0:9a:b2:57:b7:5d:8c:
2a:48:37:85:dc:55:0e:95:6f:f6:c1:9f:f8:84:a4:77:f2:fa:
a2:c8:b8:97:c1:10:51:ce:4b:e0:ef:12:5e:70:82:a4:8c:73:
17:09:2d:5d:9e:cf:cd:e1:74:35:68:83:3d:a0:40:9e:d0:01:
84:12:84:1e:39:f0:71:01:7e:6e:d3:4c:91:3f:5b:6e:40:6b:
b6:f8:60:82:e7:ff:02:87:4a:c3:96:0e:91:3d:be:1e:6e:34:
9d:b4:7e:19:59:18:0f:49:3a:4e:c4:74:c2:77:46:37:af:4a:
94:1a:21:88:a0:06:c2:e0:88:4d:08:c5:98:e7:4c:dd:77:4d:
15:b8:de:3b:98:4a:83:90:37:25:96:92:b2:27:6f:3d:44:b4:
0a:3d:93:14:c8:b6:90:92:d0:36:cc:b0:59:66:eb:b8:c6:15:
94:25:d8:05:19:81:f2:74:ca:58:6b:91:a9:83:5a:97:b6:3e:
6d:b3:04:cd:e0:da:88:bc:28:7d:c4:62:e3:1f:e2:d9:5f:2e:
57:e2:f8:ca
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIECSVaLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUx
NjE1MzcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzczMWMzOGM4ZDQ3
MmI1NzFiMDJkYTNjMzVmMjVkNDRkZmYyMWJkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVa1Wx7seZ769cIcFuRBgwhdpJxFEYxbTZN55l4gViDT+zk
AevjnfisQOLkAbWSsbtlvqX2t9Q4F8W6qwcZZqftIkLyFCSB3N/Hsjf+3aaKXMtQ
gFS98em2L5buOYrGi1M85jRiDAAZ24nQXe901DTSkktdsrMVerZQa5hkXFujLRn6
oYaTmS+M0yWZHVxa6jyuJltoKpbwkv5X2zX5m+vYOlJn0Qxr3mKCO0kIwW2+82sR
njcjhI3/O2fW/Nw5qR4wI2dN8SDNoHFKfI2dYqty/+Ha8JChZftfrZRw3FkefL6m
lQSSLbbB9+Db5maWRdFGwurwce2NAc88cC27vp8CAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBR3McOMjUcrVxsC2jw18l1E3/Ib2jAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2R6SERqSTFISzFjYkF0bzhOZkpkUk5feUc5by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xQYIKwYBBQUHAQcBAf8EgbUwgbIwgZkEAgABMIGSMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqYMAwDBAFNWpoDBABN
WpwDBABNWqQDBABNWrIDBAFNWrQDBABNWr8DBAG55gwDBADV0YIDBADV0YUDBADV
0YgDBADV0YoDBADV0ZADBADV0ZIDBADV0ZYDBADV0ZwwFAQCAAIwDgMFACoEKcID
BQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQCqLWv7qKcN+0ItHcIbpl/RU6D71+Tv
ecaE2zuNo51OVsNBuSIepzraE/rYSfhhAKCasle3XYwqSDeF3FUOlW/2wZ/4hKR3
8vqiyLiXwRBRzkvg7xJecIKkjHMXCS1dns/N4XQ1aIM9oECe0AGEEoQeOfBxAX5u
00yRP1tuQGu2+GCC5/8Ch0rDlg6RPb4ebjSdtH4ZWRgPSTpOxHTCd0Y3r0qUGiGI
oAbC4IhNCMWY50zdd00VuN47mEqDkDcllpKyJ289RLQKPZMUyLaQktA2zLBZZuu4
xhWUJdgFGYHydMpYa5Gpg1qXtj5tswTN4NqIvCh9xGLjH+LZXy5X4vjK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org