Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/i_alZsdi15pwrIpKVe_NTaBC83Y.roa
File: i_alZsdi15pwrIpKVe_NTaBC83Y.roa (raw, json)
Hash identifier: frXLBZdXFN+vvDbr2uf3OLoPyRoNqn0ZWZgT2OJ0knY=
Subject key identifier: 8B:F6:A5:66:C7:62:D7:9A:70:AC:8A:4A:55:EF:CD:4D:A0:42:F3:76
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01849AC868E299CE2B2074AB178AD6602586
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/i_alZsdi15pwrIpKVe_NTaBC83Y.roa
Signing time: Mon 21 Nov 2022 15:22:16 +0000
ROA not before: Mon 21 Nov 2022 15:22:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:c8:68:e2:99:ce:2b:20:74:ab:17:8a:d6:60:25:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 21 15:22:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8bf6a566c762d79a70ac8a4a55efcd4da042f376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bc:da:85:dd:b3:60:0e:46:f5:2c:05:a0:46:
30:b9:27:c3:11:1b:d8:75:cc:89:de:18:06:20:c7:
ae:f9:fc:04:d8:15:39:e7:0f:4f:b2:1a:c7:eb:d2:
31:fb:6e:75:4e:b4:9c:43:a8:15:97:95:26:8a:a1:
00:52:12:85:49:f7:6f:16:9f:f9:ec:1f:f9:ac:78:
dc:b2:50:66:41:cc:56:db:25:e7:eb:af:9f:c6:6e:
b9:13:0a:17:c2:c7:cc:54:d0:97:ef:d3:75:d3:ab:
7c:67:66:38:ca:cf:63:e7:cf:a4:dc:32:4c:ff:4a:
4c:ea:ce:8c:20:a7:04:04:eb:4f:72:fb:73:67:96:
10:44:b5:19:01:7b:c6:e3:39:a7:90:98:49:a6:66:
03:38:35:a8:9d:c8:4f:f5:8e:d5:89:80:24:4d:62:
26:b0:db:30:17:ee:db:84:4d:db:2d:21:c7:fe:34:
2f:cb:d9:24:97:d6:08:6f:cc:d0:b8:89:72:9d:13:
bf:dd:d6:97:5c:5a:d5:b3:32:8e:6c:92:b1:44:f4:
bb:cf:48:d4:57:db:e3:c0:b1:41:e8:f8:a8:06:a7:
1f:22:c8:8c:f2:5d:b4:3c:e8:a7:4a:ac:c1:97:0e:
69:d7:5a:ae:7a:5e:84:80:23:63:b0:77:7a:13:cd:
5d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F6:A5:66:C7:62:D7:9A:70:AC:8A:4A:55:EF:CD:4D:A0:42:F3:76
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/i_alZsdi15pwrIpKVe_NTaBC83Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.139.0-77.90.140.255
77.90.142.0-77.90.148.255
77.90.154.0/24
77.90.156.0/24
77.90.178.0/24
77.90.184.0/23
77.90.188.0/24
185.230.14.0/24
213.209.138.0/24
213.209.143.0/24
213.209.149.0/24
213.209.151.0/24
213.209.156.0/23
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
4f:a7:68:33:6f:36:c5:52:5d:a3:3f:48:de:57:86:4c:d7:55:
2f:aa:a3:d5:d3:69:d5:39:1e:58:fe:f1:8a:82:41:9a:87:52:
14:f5:23:37:d7:dd:a0:98:08:57:0d:c0:e4:7b:21:7d:28:36:
6f:37:9e:99:a8:93:d7:af:b6:19:ec:36:7d:3c:c5:79:0f:01:
21:bb:da:94:1e:49:de:f7:b7:4d:e8:09:aa:9f:c2:dd:c4:21:
ff:70:ec:96:15:a6:56:2c:40:ed:32:78:df:a4:b9:ec:41:50:
ec:05:d8:38:7d:af:ab:ee:3f:d2:5b:6b:96:4a:aa:e2:85:f1:
67:53:a7:53:c9:cc:df:0f:5c:e5:2d:36:3a:ba:11:2e:69:00:
3d:3b:38:ca:df:12:67:8f:21:36:ed:6b:8f:b1:31:f0:4d:15:
3d:e9:4a:0b:25:79:f7:67:75:2f:d0:a5:22:80:9d:40:47:74:
9f:2c:86:ee:3d:00:d5:e8:61:12:d6:b4:51:af:b1:5b:81:9b:
98:44:8d:0d:aa:32:24:8b:3d:d8:97:b7:e1:20:22:fe:f6:82:
e5:19:6e:d7:42:15:9d:48:58:01:51:89:b6:55:1f:b7:a7:b0:
49:71:79:d6:78:a9:43:67:f5:bc:fc:f5:3d:8d:e9:16:9f:6f:
be:3b:1a:a0
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYSayGjimc4rIHSrF4rWYCWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTIxMTUyMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmY2YTU2NmM3NjJkNzlhNzBhYzhhNGE1NWVmY2Q0ZGEwNDJmMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrzahd2zYA5G9SwFoEYwuSfDERvY
dcyJ3hgGIMeu+fwE2BU55w9PshrH69Ix+251TrScQ6gVl5UmiqEAUhKFSfdvFp/5
7B/5rHjcslBmQcxW2yXn66+fxm65EwoXwsfMVNCX79N106t8Z2Y4ys9j58+k3DJM
/0pM6s6MIKcEBOtPcvtzZ5YQRLUZAXvG4zmnkJhJpmYDODWonchP9Y7ViYAkTWIm
sNswF+7bhE3bLSHH/jQvy9kkl9YIb8zQuIlynRO/3daXXFrVszKObJKxRPS7z0jU
V9vjwLFB6PioBqcfIsiM8l20POinSqzBlw5p11quel6EgCNjsHd6E81duwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFIv2pWbHYteacKyKSlXvzU2gQvN2MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvaV9hbFpzZGkxNXB3cklwS1ZlX05UYUJDODNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBhwQCAAEwgYAwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIMAwDBABNWosDBABNWowwDAMEAU1ajgME
AE1alAMEAE1amgMEAE1anAMEAE1asgMEAU1auAMEAE1avAMEALnmDgMEANXRigME
ANXRjwMEANXRlQMEANXRlwMEAdXRnAMEANXRnzAUBAIAAjAOAwUAKgQpwgMFACoE
KccwDQYJKoZIhvcNAQELBQADggEBAE+naDNvNsVSXaM/SN5XhkzXVS+qo9XTadU5
Hlj+8YqCQZqHUhT1IzfX3aCYCFcNwOR7IX0oNm83npmok9evthnsNn08xXkPASG7
2pQeSd73t03oCaqfwt3EIf9w7JYVplYsQO0yeN+kuexBUOwF2Dh9r6vuP9Jba5ZK
quKF8WdTp1PJzN8PXOUtNjq6ES5pAD07OMrfEmePITbta4+xMfBNFT3pSgslefdn
dS/QpSKAnUBHdJ8shu49ANXoYRLWtFGvsVuBm5hEjQ2qMiSLPdiXt+EgIv72guUZ
btdCFZ1IWAFRibZVH7ensElxedZ4qUNn9bz89T2N6Rafb747GqA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org