Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/kIiLe6N7IGCDzrHiw2hKeWtOjgo.roa
File: kIiLe6N7IGCDzrHiw2hKeWtOjgo.roa (raw, json)
Hash identifier: GJIJoqbjti66qqEF/IU4LfWaSK2ayU2aOifMZpD8gbs=
Subject key identifier: 90:88:8B:7B:A3:7B:20:60:83:CE:B1:E2:C3:68:4A:79:6B:4E:8E:0A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 08BCC88F
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/kIiLe6N7IGCDzrHiw2hKeWtOjgo.roa
Signing time: Wed 20 Apr 2022 12:01:16 +0000
ROA not before: Wed 20 Apr 2022 12:01:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.189.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146589839 (0x8bcc88f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 20 12:01:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90888b7ba37b206083ceb1e2c3684a796b4e8e0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4f:59:8b:38:81:a2:ae:36:34:06:45:5c:bf:
29:12:40:b2:43:b7:93:17:d9:28:28:0f:bf:01:c8:
46:97:76:1e:98:07:aa:fd:3b:9f:55:20:90:0f:ab:
a2:6e:e8:dc:05:e9:fd:11:79:fd:5d:5f:ec:1e:eb:
e7:ab:ac:ac:c7:c9:f6:62:9b:57:0a:b3:7c:d1:f6:
a5:cd:1f:98:df:ae:1d:55:af:f6:02:f9:aa:77:85:
b2:de:1c:38:12:4b:e9:b3:74:9e:2e:68:4c:b8:73:
de:ca:59:05:3a:6b:6c:f0:c9:cb:99:08:59:a2:02:
43:21:82:5b:14:88:bd:e2:15:ff:72:96:51:21:3f:
89:a4:aa:4d:3d:46:33:8d:84:00:4b:ae:bd:92:c9:
77:51:9c:98:d4:19:a3:2e:f3:72:af:be:08:a1:f1:
dc:20:fe:b3:c1:63:49:76:fb:b3:1e:1b:09:4c:06:
db:db:a5:45:74:bc:13:98:b7:1f:4f:49:c9:ab:5a:
19:9d:41:7f:41:50:e1:86:0f:9e:3f:ad:7a:42:38:
b9:e7:c1:08:33:89:db:b9:61:68:29:1d:ef:eb:7e:
6a:f1:55:e6:1a:3c:c6:fa:63:c8:87:f8:e3:ca:aa:
ae:89:c9:21:9f:42:6b:48:d8:ef:8c:be:dc:52:28:
36:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:88:8B:7B:A3:7B:20:60:83:CE:B1:E2:C3:68:4A:79:6B:4E:8E:0A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/kIiLe6N7IGCDzrHiw2hKeWtOjgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.152.0/24
77.90.157.0/24
77.90.180.0/24
77.90.185.0/24
77.90.189.0/24
77.90.191.0/24
185.230.13.0-185.230.14.255
213.209.130.0/24
213.209.136.0/24
213.209.138.0/24
213.209.146.0/23
213.209.149.0/24
213.209.156.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
11:3c:f1:3e:d9:e2:39:d7:bb:ce:79:f2:80:e8:45:b1:ae:ac:
9a:0d:b6:9d:91:cf:97:ef:5c:4c:14:9e:80:71:93:0e:b1:f5:
3b:2e:85:33:93:82:b0:4b:96:db:59:87:e2:8c:24:f5:c5:76:
32:84:10:70:42:7a:ec:e8:22:e3:1f:c5:9c:cd:a6:89:74:7a:
70:99:d3:90:77:1a:71:e2:3e:f1:32:e1:dd:02:e4:da:d1:00:
d0:ba:5a:3f:e6:24:de:44:d0:04:78:22:60:cf:24:93:85:46:
fd:5b:51:1a:81:f2:5b:6e:6b:e1:90:34:c4:ae:88:cc:ff:f2:
2f:ba:9c:07:db:09:20:2a:fb:95:84:e9:bb:25:61:57:0d:a7:
42:ea:04:b1:2f:47:1e:86:1a:c1:5f:e5:00:49:7b:c2:90:96:
bd:cd:dd:19:aa:ea:13:8f:a4:2d:1f:ba:a8:a7:0f:9d:51:f1:
76:d2:5b:83:ed:18:be:e0:ab:d3:e0:6a:9e:8d:d2:75:2a:99:
1e:31:4b:a8:89:80:32:20:61:f0:83:e1:13:c4:1d:17:b6:d3:
90:f8:15:17:5c:b3:5a:1c:2b:db:62:ef:8d:e7:88:33:92:b2:
7d:72:17:09:98:6b:9e:1c:5f:81:f3:4a:90:a3:e8:93:e6:b8:
9c:41:36:7f
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIECLzIjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQy
MDEyMDExNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA4ODhiN2JhMzdi
MjA2MDgzY2ViMWUyYzM2ODRhNzk2YjRlOGUwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANtPWYs4gaKuNjQGRVy/KRJAskO3kxfZKCgPvwHIRpd2HpgH
qv07n1UgkA+rom7o3AXp/RF5/V1f7B7r56usrMfJ9mKbVwqzfNH2pc0fmN+uHVWv
9gL5qneFst4cOBJL6bN0ni5oTLhz3spZBTprbPDJy5kIWaICQyGCWxSIveIV/3KW
USE/iaSqTT1GM42EAEuuvZLJd1GcmNQZoy7zcq++CKHx3CD+s8FjSXb7sx4bCUwG
29ulRXS8E5i3H09JyataGZ1Bf0FQ4YYPnj+tekI4uefBCDOJ27lhaCkd7+t+avFV
5ho8xvpjyIf448qqronJIZ9Ca0jY74y+3FIoNlkCAwEAAaOCAqQwggKgMB0GA1Ud
DgQWBBSQiIt7o3sgYIPOseLDaEp5a06OCjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2tJaUxlNk43SUdDRHpySGl3MmhLZVd0T2pnby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
uQYIKwYBBQUHAQcBAf8EgakwgaYwgY0EAgABMIGGMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqYAwQATVqdAwQATVq0
AwQATVq5AwQATVq9AwQATVq/MAwDBAC55g0DBAC55g4DBADV0YIDBADV0YgDBADV
0YoDBAHV0ZIDBADV0ZUDBADV0ZwwFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqG
SIb3DQEBCwUAA4IBAQARPPE+2eI517vOefKA6EWxrqyaDbadkc+X71xMFJ6AcZMO
sfU7LoUzk4KwS5bbWYfijCT1xXYyhBBwQnrs6CLjH8WczaaJdHpwmdOQdxpx4j7x
MuHdAuTa0QDQulo/5iTeRNAEeCJgzySThUb9W1EagfJbbmvhkDTErojM//IvupwH
2wkgKvuVhOm7JWFXDadC6gSxL0cehhrBX+UASXvCkJa9zd0ZquoTj6QtH7qopw+d
UfF20luD7Ri+4KvT4GqejdJ1KpkeMUuoiYAyIGHwg+ETxB0XttOQ+BUXXLNaHCvb
Yu+N54gzkrJ9chcJmGueHF+B80qQo+iT5ricQTZ/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org