Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lpdFIuvK1CQOUYVq6yRTzXTzVCw.roa
File: lpdFIuvK1CQOUYVq6yRTzXTzVCw.roa (raw, json)
Hash identifier: a3SC9xwzcC6SDhvBweAKIeKmSMbTHu8dcxSSoHyUjlM=
Subject key identifier: 96:97:45:22:EB:CA:D4:24:0E:51:85:6A:EB:24:53:CD:74:F3:54:2C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01840582DA077E0F5DBD0E62A1370FC06AAA
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lpdFIuvK1CQOUYVq6yRTzXTzVCw.roa
Signing time: Sun 23 Oct 2022 15:42:52 +0000
ROA not before: Sun 23 Oct 2022 15:42:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:05:82:da:07:7e:0f:5d:bd:0e:62:a1:37:0f:c0:6a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 23 15:42:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96974522ebcad4240e51856aeb2453cd74f3542c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0f:74:ca:4d:9b:47:5e:19:5c:0c:70:ef:11:
54:5d:b9:48:ab:01:f5:c9:d3:4d:74:32:62:88:75:
ad:e7:51:fa:50:1a:15:28:8d:39:34:92:91:51:54:
54:28:56:f4:0f:1d:8a:9a:9f:a9:9f:28:1e:23:f5:
77:43:53:80:df:81:ea:2d:7e:e3:f4:f1:dd:bd:6a:
bc:cb:ff:bc:c4:36:f4:75:8f:f7:e7:b7:d7:06:82:
25:7b:e1:15:cf:16:ca:50:0f:e7:7f:cb:08:86:e2:
67:45:d2:be:30:34:e3:c3:82:08:2d:63:77:88:92:
75:9e:ee:89:cc:ca:7a:6d:4c:a3:50:e5:d3:44:c3:
02:b1:84:4d:0a:b8:45:ca:57:88:88:e5:93:72:3f:
87:1a:21:49:bb:6b:d3:c3:f0:ea:84:00:fe:44:0e:
03:42:08:32:0c:96:ec:53:59:a7:40:cc:15:fb:a4:
d2:5a:d5:b3:6b:b6:8b:da:80:35:62:13:d5:77:6b:
af:82:93:40:f0:9d:25:c9:45:5b:d1:ff:51:bb:da:
73:4a:7a:f5:1f:c6:4f:5e:d9:b8:fc:73:5d:56:5f:
23:f6:ef:6c:86:63:68:d0:14:5d:eb:d3:12:1e:b8:
da:d1:96:05:c2:7b:09:b6:f4:b0:ca:73:be:ce:ec:
be:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:97:45:22:EB:CA:D4:24:0E:51:85:6A:EB:24:53:CD:74:F3:54:2C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lpdFIuvK1CQOUYVq6yRTzXTzVCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.140.255
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.156.0/24
77.90.178.0/24
77.90.184.0/24
185.230.13.0/24
213.209.138.0/24
213.209.143.0/24
213.209.156.0/23
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
71:89:3d:72:a0:35:1d:a0:53:ab:9e:06:e3:5a:79:35:8a:07:
be:84:14:96:ff:24:cc:d8:5b:78:0c:86:6d:21:18:7f:4a:53:
12:6c:b3:98:90:cc:2e:c9:ac:f4:56:85:90:35:bd:38:ab:52:
5d:4d:ea:86:e6:2a:db:74:36:f0:53:b1:ed:48:f6:cf:d0:92:
9f:be:2e:5d:4b:ab:94:e2:03:9b:b0:2b:70:52:2c:0e:7d:f5:
83:91:3c:27:d6:57:7c:67:6d:8e:7a:83:5d:9d:fe:dd:0a:79:
7f:90:e3:bf:aa:f2:62:18:7a:1f:2a:5e:c9:55:10:8b:ab:2f:
5a:22:4c:8a:8a:2a:5f:01:f0:0e:ea:5b:f1:fb:31:41:81:08:
5f:ae:01:98:e0:18:e6:84:46:39:b4:72:54:5c:18:39:12:78:
ae:e7:4a:e0:e3:e4:2c:b3:c1:47:2d:0f:b5:4a:11:f7:0e:e9:
fc:4f:c1:84:06:8c:43:56:8b:3a:36:bc:4c:5b:58:65:7c:71:
2b:a7:22:39:1f:4b:93:77:70:97:f4:4e:f6:59:c1:68:f3:ef:
f7:e4:55:ca:d5:91:b6:69:dd:42:e6:5b:1f:62:39:26:09:c6:
c2:a8:7c:81:01:32:79:8a:84:f1:2d:cc:74:84:29:f3:81:52:
b3:1a:7e:c1
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYQFgtoHfg9dvQ5ioTcPwGqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMDIzMTU0MjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njk3NDUyMmViY2FkNDI0MGU1MTg1NmFlYjI0NTNjZDc0ZjM1NDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgg90yk2bR14ZXAxw7xFUXblIqwH1
ydNNdDJiiHWt51H6UBoVKI05NJKRUVRUKFb0Dx2Kmp+pnygeI/V3Q1OA34HqLX7j
9PHdvWq8y/+8xDb0dY/357fXBoIle+EVzxbKUA/nf8sIhuJnRdK+MDTjw4IILWN3
iJJ1nu6JzMp6bUyjUOXTRMMCsYRNCrhFyleIiOWTcj+HGiFJu2vTw/DqhAD+RA4D
QggyDJbsU1mnQMwV+6TSWtWza7aL2oA1YhPVd2uvgpNA8J0lyUVb0f9Ru9pzSnr1
H8ZPXtm4/HNdVl8j9u9shmNo0BRd69MSHrja0ZYFwnsJtvSwynO+zuy+1wIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFJaXRSLrytQkDlGFauskU81081QsMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbHBkRkl1dksxQ1FPVVlWcTZ5UlR6WFR6VkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBuBAIAATBoMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ajDAMAwQBTVqOAwQATVqUMAwDBABNWpkDBABN
WpoDBABNWpwDBABNWrIDBABNWrgDBAC55g0DBADV0YoDBADV0Y8DBAHV0ZwDBADV
0Z8wFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQBxiT1y
oDUdoFOrngbjWnk1ige+hBSW/yTM2Ft4DIZtIRh/SlMSbLOYkMwuyaz0VoWQNb04
q1JdTeqG5irbdDbwU7HtSPbP0JKfvi5dS6uU4gObsCtwUiwOffWDkTwn1ld8Z22O
eoNdnf7dCnl/kOO/qvJiGHofKl7JVRCLqy9aIkyKiipfAfAO6lvx+zFBgQhfrgGY
4BjmhEY5tHJUXBg5Eniu50rg4+Qss8FHLQ+1ShH3Dun8T8GEBoxDVos6NrxMW1hl
fHErpyI5H0uTd3CX9E72WcFo8+/35FXK1ZG2ad1C5lsfYjkmCcbCqHyBATJ5ioTx
Lcx0hCnzgVKzGn7B
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org