Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jq8Cjkw5SLRRnOQOKfLlWeE92w0.roa
File: jq8Cjkw5SLRRnOQOKfLlWeE92w0.roa (raw, json)
Hash identifier: 5MvnS9JIg7J38YBx5TJXLN2ZK673Ojiv2fTvoIJCVNA=
Subject key identifier: 8E:AF:02:8E:4C:39:48:B4:51:9C:E4:0E:29:F2:E5:59:E1:3D:DB:0D
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 08C750AF
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jq8Cjkw5SLRRnOQOKfLlWeE92w0.roa
Signing time: Fri 22 Apr 2022 12:33:19 +0000
ROA not before: Fri 22 Apr 2022 12:33:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147280047 (0x8c750af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 22 12:33:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8eaf028e4c3948b4519ce40e29f2e559e13ddb0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8a:ff:cd:8b:27:a6:f0:b1:44:c4:84:ef:4d:
c7:93:a1:90:4b:bc:58:23:dd:16:72:85:7a:c7:45:
6a:de:ff:28:e3:2f:62:86:60:8d:60:26:51:89:ae:
7b:61:78:11:d9:41:c3:73:9e:d1:97:bd:77:af:c8:
c2:73:7b:e2:e5:c4:aa:a7:87:76:aa:f5:eb:52:82:
27:6c:e0:b1:6c:98:74:ae:dd:10:dd:c0:74:04:5d:
65:a8:ee:12:50:ec:ef:42:ab:9f:87:22:0e:c0:cd:
65:66:cb:e7:77:73:16:b6:1a:85:0e:e0:21:97:85:
11:06:8d:da:de:8a:ac:46:4c:c6:bb:68:bf:00:62:
fb:5b:01:3e:29:06:92:93:65:c5:41:d5:99:de:9b:
82:38:87:7a:5a:8e:5a:be:4b:45:86:dc:2a:3e:9c:
b7:d4:18:d0:57:7d:4b:13:d9:be:0c:01:94:12:57:
b3:85:44:ee:01:0b:bc:d6:8c:33:de:1e:46:11:84:
2c:16:3b:64:af:8b:7e:db:e4:cf:bd:68:bc:47:83:
49:ab:1a:2f:4d:61:34:1c:b5:5d:05:e9:35:43:54:
10:6d:65:f5:3f:7e:93:76:20:49:d7:a7:23:14:4f:
90:34:09:79:09:ea:f4:c2:62:06:74:7a:64:24:82:
9f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:AF:02:8E:4C:39:48:B4:51:9C:E4:0E:29:F2:E5:59:E1:3D:DB:0D
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jq8Cjkw5SLRRnOQOKfLlWeE92w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.140.255
77.90.142.0-77.90.148.255
77.90.152.0/24
77.90.178.0/24
77.90.180.0/24
77.90.185.0/24
77.90.191.0/24
185.230.13.0-185.230.14.255
213.209.130.0/24
213.209.136.0/24
213.209.138.0/24
213.209.146.0/23
213.209.149.0/24
213.209.156.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
a9:d2:ba:b3:f1:c4:1b:58:90:8f:3c:08:1a:1b:e7:3b:e5:93:
c7:b2:72:0d:45:80:d4:50:c4:37:dd:28:1b:20:76:31:b5:54:
4e:19:e9:09:a4:78:39:0f:26:40:96:90:1a:6c:dc:3c:d1:84:
34:b6:a9:db:d9:aa:97:a1:62:e1:96:0c:89:c5:3f:ec:4a:28:
3b:e8:d8:d6:cf:e6:1d:43:af:c7:1f:6e:f6:4b:f3:6b:8e:77:
71:55:13:34:bd:63:6f:77:6f:9a:db:f3:23:8c:b0:bb:c0:e8:
b4:a2:af:c0:d5:5f:cc:41:06:7e:59:46:b2:52:8c:25:d4:54:
b5:18:1c:f1:31:63:d3:e8:07:69:15:d1:9f:35:cd:32:3a:75:
d3:be:82:79:6b:a0:4d:95:c7:28:a8:3a:92:96:18:69:ae:34:
6d:ec:08:92:25:8a:b3:b1:88:27:7c:9b:40:25:78:eb:51:4c:
bb:33:a6:ff:d8:a3:bc:0a:4f:a4:7e:92:82:a0:a7:2e:b7:f0:
d9:ea:32:f1:ed:52:c4:40:54:28:42:ee:49:26:4a:0b:3f:a1:
2b:d6:6f:46:51:9a:7f:94:48:67:3e:5e:98:57:50:7b:9d:7c:
fb:0f:83:34:8e:b9:e7:c3:33:9a:b6:8b:3c:d5:4e:61:24:b7:
e5:41:73:0a
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIECMdQrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQy
MjEyMzMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGVhZjAyOGU0YzM5
NDhiNDUxOWNlNDBlMjlmMmU1NTllMTNkZGIwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuK/82LJ6bwsUTEhO9Nx5OhkEu8WCPdFnKFesdFat7/KOMv
YoZgjWAmUYmue2F4EdlBw3Oe0Ze9d6/IwnN74uXEqqeHdqr161KCJ2zgsWyYdK7d
EN3AdARdZajuElDs70Krn4ciDsDNZWbL53dzFrYahQ7gIZeFEQaN2t6KrEZMxrto
vwBi+1sBPikGkpNlxUHVmd6bgjiHelqOWr5LRYbcKj6ct9QY0Fd9SxPZvgwBlBJX
s4VE7gELvNaMM94eRhGELBY7ZK+Lftvkz71ovEeDSasaL01hNBy1XQXpNUNUEG1l
9T9+k3YgSdenIxRPkDQJeQnq9MJiBnR6ZCSCn/0CAwEAAaOCApcwggKTMB0GA1Ud
DgQWBBSOrwKOTDlItFGc5A4p8uVZ4T3bDTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2pxOENqa3c1U0xSUm5PUU9LZkxsV2VFOTJ3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rAYIKwYBBQUHAQcBAf8EgZwwgZkwgYAEAgABMHowDAMEB01agAMEAE1agjAMAwQC
TVqEAwQATVqMMAwDBAFNWo4DBABNWpQDBABNWpgDBABNWrIDBABNWrQDBABNWrkD
BABNWr8wDAMEALnmDQMEALnmDgMEANXRggMEANXRiAMEANXRigMEAdXRkgMEANXR
lQMEANXRnDAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEB
AKnSurPxxBtYkI88CBob5zvlk8eycg1FgNRQxDfdKBsgdjG1VE4Z6QmkeDkPJkCW
kBps3DzRhDS2qdvZqpehYuGWDInFP+xKKDvo2NbP5h1Dr8cfbvZL82uOd3FVEzS9
Y293b5rb8yOMsLvA6LSir8DVX8xBBn5ZRrJSjCXUVLUYHPExY9PoB2kV0Z81zTI6
ddO+gnlroE2VxyioOpKWGGmuNG3sCJIlirOxiCd8m0AleOtRTLszpv/Yo7wKT6R+
koKgpy638NnqMvHtUsRAVChC7kkmSgs/oSvWb0ZRmn+USGc+XphXUHudfPsPgzSO
uefDM5q2izzVTmEkt+VBcwo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org