Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/iXArGIPdu0eFwmMOKj8PwcZrZY4.roa
File: iXArGIPdu0eFwmMOKj8PwcZrZY4.roa (raw, json)
Hash identifier: zysq6O8pK1h+oc+LeT5QeVeMmzrIu189M5BralYRnQQ=
Subject key identifier: 89:70:2B:18:83:DD:BB:47:85:C2:63:0E:2A:3F:0F:C1:C6:6B:65:8E
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0182458420A8E878B3EAA28F4F1E156581DE
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/iXArGIPdu0eFwmMOKj8PwcZrZY4.roa
Signing time: Thu 28 Jul 2022 15:54:23 +0000
ROA not before: Thu 28 Jul 2022 15:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.190.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:45:84:20:a8:e8:78:b3:ea:a2:8f:4f:1e:15:65:81:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 28 15:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89702b1883ddbb4785c2630e2a3f0fc1c66b658e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:33:5a:ed:78:c7:73:e5:a7:6e:cf:ef:0a:b4:
14:60:25:60:2d:29:a9:68:09:df:e9:39:5b:28:57:
24:aa:50:67:2c:40:a8:61:ec:d1:f6:e3:cc:4a:2c:
fc:e7:33:1a:3a:9c:a1:cb:fd:b2:cf:80:ec:2e:c8:
f7:f2:02:7b:93:c8:7e:ba:5d:f3:20:68:6f:0d:58:
1b:50:98:cb:d1:9d:57:43:a2:35:06:c4:5f:6d:34:
23:c5:84:07:2e:a7:aa:dc:06:2d:4f:ed:27:60:ad:
3c:c6:7d:bc:1c:d1:e0:96:4f:a4:66:80:d6:80:30:
6f:47:9f:24:63:64:c5:a6:62:94:eb:e1:36:82:a0:
53:e3:c6:92:2d:55:7e:20:5f:8e:96:72:cf:1e:b1:
20:dc:a1:73:c2:df:e1:51:09:1a:93:5a:ef:09:1f:
28:a6:65:48:3e:ba:bb:9a:28:31:51:6b:08:71:df:
c3:96:76:59:84:4b:08:b1:14:18:0c:9f:fb:2e:6f:
d5:d2:ef:19:b3:c2:15:cc:02:98:ec:d7:00:f9:9c:
26:d9:2f:4c:40:27:7c:59:ee:b6:dd:69:30:b3:81:
fe:d6:3f:96:52:a2:62:91:de:e7:cb:a6:b5:21:14:
f2:fb:15:1f:c0:f2:6e:19:b1:78:50:49:aa:ba:02:
72:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:70:2B:18:83:DD:BB:47:85:C2:63:0E:2A:3F:0F:C1:C6:6B:65:8E
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/iXArGIPdu0eFwmMOKj8PwcZrZY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.149.255
77.90.152.0/24
77.90.154.0/24
77.90.157.0/24
77.90.164.0/24
77.90.173.0/24
77.90.188.0/24
77.90.190.0/23
185.230.12.0/24
213.209.130.0/24
213.209.133.0/24
213.209.138.0/24
213.209.144.0/23
213.209.157.0-213.209.158.255
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
5f:6f:f9:e1:1c:2a:9a:6a:94:cd:9b:0e:3a:16:e6:f4:60:db:
00:67:d0:06:d8:8c:3c:1a:22:ad:6f:3e:e7:2a:6d:d3:fd:f2:
6c:65:55:f2:fe:ed:c6:00:48:6e:75:f3:3f:1f:4d:b2:9c:cd:
b3:9c:3a:b7:53:99:c5:55:54:2a:b6:36:01:70:9f:ac:57:f9:
f4:e0:60:d1:ca:13:21:6e:9f:dc:d4:50:ce:d8:45:83:81:6e:
09:ba:80:a2:da:3a:78:cc:e6:69:74:d1:d2:e1:03:89:9a:72:
da:8b:78:79:a6:76:dc:b9:5a:82:96:7a:84:9c:db:79:8a:f9:
5d:24:76:e7:35:cd:e7:1d:f5:75:4b:40:01:49:60:90:d7:92:
50:a2:e7:10:fb:3f:5e:14:e9:ad:ec:e9:49:98:d7:d3:27:b6:
57:60:b3:f0:fa:21:80:39:e5:66:e0:7b:43:64:ec:e7:94:fd:
c6:eb:45:bf:45:ab:c2:fd:de:8c:21:bf:41:f0:bf:44:ec:18:
ce:6e:e3:af:a1:38:ea:37:7c:e7:8d:06:d7:87:04:3e:c9:42:
51:80:38:35:56:74:d2:5a:39:36:e9:33:1f:c0:f9:c6:b9:fd:
9d:bc:79:ef:0f:66:36:29:50:e9:59:62:ff:3f:29:ab:bd:7e:
3e:10:7c:c5
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYJFhCCo6Hiz6qKPTx4VZYHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzI4MTU1NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTcwMmIxODgzZGRiYjQ3ODVjMjYzMGUyYTNmMGZjMWM2NmI2NThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DNa7XjHc+Wnbs/vCrQUYCVgLSmp
aAnf6TlbKFckqlBnLECoYezR9uPMSiz85zMaOpyhy/2yz4DsLsj38gJ7k8h+ul3z
IGhvDVgbUJjL0Z1XQ6I1BsRfbTQjxYQHLqeq3AYtT+0nYK08xn28HNHglk+kZoDW
gDBvR58kY2TFpmKU6+E2gqBT48aSLVV+IF+OlnLPHrEg3KFzwt/hUQkak1rvCR8o
pmVIPrq7migxUWsIcd/DlnZZhEsIsRQYDJ/7Lm/V0u8Zs8IVzAKY7NcA+Zwm2S9M
QCd8We623Wkws4H+1j+WUqJikd7ny6a1IRTy+xUfwPJuGbF4UEmqugJyyQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFIlwKxiD3btHhcJjDio/D8HGa2WOMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvaVhBckdJUGR1MGVGd21NT0tqOFB3Y1pyWlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBmwQCAAEwgZQwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAwDAME
AU1akgMEAU1alAMEAE1amAMEAE1amgMEAE1anQMEAE1apAMEAE1arQMEAE1avAME
AU1avgMEALnmDAMEANXRggMEANXRhQMEANXRigMEAdXRkDAMAwQA1dGdAwQA1dGe
MBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAX2/54Rwq
mmqUzZsOOhbm9GDbAGfQBtiMPBoirW8+5ypt0/3ybGVV8v7txgBIbnXzPx9NspzN
s5w6t1OZxVVUKrY2AXCfrFf59OBg0coTIW6f3NRQzthFg4FuCbqAoto6eMzmaXTR
0uEDiZpy2ot4eaZ23LlagpZ6hJzbeYr5XSR25zXN5x31dUtAAUlgkNeSUKLnEPs/
XhTprezpSZjX0ye2V2Cz8PohgDnlZuB7Q2Ts55T9xutFv0Wrwv3ejCG/QfC/ROwY
zm7jr6E46jd8540G14cEPslCUYA4NVZ00lo5NukzH8D5xrn9nbx57w9mNilQ6Vli
/z8pq71+PhB8xQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org