Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jXe72YmK8G2JNywsvOG1WKIkaLY.roa
File: jXe72YmK8G2JNywsvOG1WKIkaLY.roa (raw, json)
Hash identifier: tGeCzEOpvlvsWj8OhJX65kMySnrFSB7Hv7zUxzGzs+Q=
Subject key identifier: 8D:77:BB:D9:89:8A:F0:6D:89:37:2C:2C:BC:E1:B5:58:A2:24:68:B6
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0184AA960BF84E38BB563AF95DD99F5B49F8
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jXe72YmK8G2JNywsvOG1WKIkaLY.roa
Signing time: Thu 24 Nov 2022 17:01:10 +0000
ROA not before: Thu 24 Nov 2022 17:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:aa:96:0b:f8:4e:38:bb:56:3a:f9:5d:d9:9f:5b:49:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 24 17:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d77bbd9898af06d89372c2cbce1b558a22468b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:50:ed:b2:3f:c8:bf:53:c8:63:f5:4a:d8:de:
c7:f1:97:6e:f8:98:fc:9a:04:ca:88:51:94:03:65:
af:35:cf:7f:60:a1:4b:ec:08:eb:f1:4d:eb:3b:83:
65:44:83:67:39:b3:f9:65:15:08:d5:cd:ec:f3:b2:
fb:24:d5:79:82:0c:99:15:74:9a:3e:b5:d2:ea:74:
fb:35:ec:6b:3c:85:30:a2:1f:7a:f5:09:78:3b:12:
17:e4:aa:ff:52:b4:f8:3c:fd:ce:f3:c1:a3:e3:f1:
b4:5a:4a:ba:5e:d9:55:20:b8:2d:06:e0:87:cd:15:
ee:79:cd:2b:41:39:89:d6:f8:7c:cd:46:f3:58:a3:
bd:d2:03:1f:b1:3f:3c:f1:d8:51:58:56:3d:99:94:
4b:48:8d:c4:66:c2:27:ac:16:c5:f3:45:50:10:19:
b8:1c:40:57:15:b7:69:0c:7b:a3:db:4a:b7:02:68:
2d:69:f7:9f:06:f8:98:28:97:b2:f5:d5:c1:d9:a7:
0f:57:92:bd:f5:b0:78:89:13:e8:4e:4d:82:9d:15:
b8:0c:e1:1f:51:e9:f2:bb:5c:7e:8a:3c:64:f9:04:
a3:8a:93:1e:e1:6f:c9:f7:f9:66:51:3f:a2:e9:10:
8c:ac:2d:27:50:be:5b:13:76:9f:72:68:53:49:3b:
53:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:77:BB:D9:89:8A:F0:6D:89:37:2C:2C:BC:E1:B5:58:A2:24:68:B6
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jXe72YmK8G2JNywsvOG1WKIkaLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.154.0/24
77.90.156.0/24
77.90.178.0/24
77.90.184.0/23
77.90.188.0/24
185.230.14.0/24
213.209.136.0/24
213.209.138.0/24
213.209.143.0/24
213.209.146.0/24
213.209.149.0/24
213.209.151.0/24
213.209.156.0/23
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
4a:b4:d9:5f:56:46:ab:9d:7d:fe:a9:5b:0b:21:7f:e8:1f:ba:
ab:1f:98:5c:51:19:34:23:00:5d:c8:93:05:cd:5f:af:78:2b:
84:dc:47:75:d7:e6:19:31:25:54:90:dc:79:26:69:dd:cd:d5:
50:28:f0:d3:27:ed:2b:44:a0:ca:53:92:2a:f3:be:be:ae:a6:
3f:11:eb:90:56:cf:c6:d9:ff:80:4d:f0:cd:dc:aa:d6:59:b4:
7a:57:4c:03:15:70:93:bc:36:11:a7:f5:08:16:f5:64:a2:e0:
07:34:f7:be:fc:96:a7:61:ae:bd:af:be:09:a7:b5:38:c4:01:
fe:b8:26:d2:cc:16:dc:00:a5:81:ee:13:5d:d1:1c:c9:b4:cb:
2d:05:bb:f8:2e:42:55:f9:e3:68:b1:08:f2:9b:be:f7:46:62:
b7:03:58:0d:56:7b:88:fb:d4:69:9d:ed:a1:81:aa:b1:b0:3c:
07:27:b6:24:45:6e:82:96:2e:db:58:31:b8:bf:c8:96:cc:84:
cd:49:9e:cc:82:79:c1:aa:55:69:d8:d9:34:74:97:6a:48:be:
77:89:1b:22:da:07:80:e3:0e:46:4f:f8:d5:82:99:42:2b:58:
fa:cc:d2:b5:4b:02:64:4c:11:59:7e:93:40:d8:04:8d:3b:ed:
08:14:aa:ea
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYSqlgv4Tji7Vjr5XdmfW0n4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTI0MTcwMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDc3YmJkOTg5OGFmMDZkODkzNzJjMmNiY2UxYjU1OGEyMjQ2OGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1Dtsj/Iv1PIY/VK2N7H8Zdu+Jj8
mgTKiFGUA2WvNc9/YKFL7Ajr8U3rO4NlRINnObP5ZRUI1c3s87L7JNV5ggyZFXSa
PrXS6nT7NexrPIUwoh969Ql4OxIX5Kr/UrT4PP3O88Gj4/G0Wkq6XtlVILgtBuCH
zRXuec0rQTmJ1vh8zUbzWKO90gMfsT888dhRWFY9mZRLSI3EZsInrBbF80VQEBm4
HEBXFbdpDHuj20q3AmgtafefBviYKJey9dXB2acPV5K99bB4iRPoTk2CnRW4DOEf
Uenyu1x+ijxk+QSjipMe4W/J9/lmUT+i6RCMrC0nUL5bE3afcmhTSTtT8wIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFI13u9mJivBtiTcsLLzhtViiJGi2MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvalhlNzJZbUs4RzJKTnl3c3ZPRzFXS0lrYUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBiwQCAAEwgYQwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpQDBABN
WpoDBABNWpwDBABNWrIDBAFNWrgDBABNWrwDBAC55g4DBADV0YgDBADV0YoDBADV
0Y8DBADV0ZIDBADV0ZUDBADV0ZcDBAHV0ZwDBADV0Z8wFAQCAAIwDgMFACoEKcID
BQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQBKtNlfVkarnX3+qVsLIX/oH7qrH5hc
URk0IwBdyJMFzV+veCuE3Ed11+YZMSVUkNx5JmndzdVQKPDTJ+0rRKDKU5Iq876+
rqY/EeuQVs/G2f+ATfDN3KrWWbR6V0wDFXCTvDYRp/UIFvVkouAHNPe+/JanYa69
r74Jp7U4xAH+uCbSzBbcAKWB7hNd0RzJtMstBbv4LkJV+eNosQjym773RmK3A1gN
VnuI+9Rpne2hgaqxsDwHJ7YkRW6Cli7bWDG4v8iWzITNSZ7MgnnBqlVp2Nk0dJdq
SL53iRsi2geA4w5GT/jVgplCK1j6zNK1SwJkTBFZfpNA2ASNO+0IFKrq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org