Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lsZmLrtmDuQj7lpcLBMSAL35sGo.roa
File: lsZmLrtmDuQj7lpcLBMSAL35sGo.roa (raw, json)
Hash identifier: Hwx+RD6aqkRVpYQQPR3zTqFG67igHERpN/YqNdvGK6s=
Subject key identifier: 96:C6:66:2E:BB:66:0E:E4:23:EE:5A:5C:2C:13:12:00:BD:F9:B0:6A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0771BFB3
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lsZmLrtmDuQj7lpcLBMSAL35sGo.roa
Signing time: Mon 14 Feb 2022 16:28:43 +0000
ROA not before: Mon 14 Feb 2022 16:28:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124895155 (0x771bfb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 14 16:28:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96c6662ebb660ee423ee5a5c2c131200bdf9b06a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:07:76:7d:c5:7c:99:62:91:a1:72:a5:71:80:
8f:4f:dd:99:ff:df:89:84:66:cf:da:db:6b:dc:3a:
57:bc:cb:88:61:cb:a0:07:ed:03:a6:f0:c0:26:49:
44:98:04:a6:a8:75:4d:1a:65:64:f3:36:8c:25:50:
d5:b5:0a:47:73:64:5a:28:38:6b:c7:f6:02:90:cc:
66:81:2b:53:92:2b:fd:53:d5:da:b1:75:58:ba:6b:
d1:de:1a:3c:59:72:62:a4:c9:24:db:d3:eb:db:54:
b4:e7:8d:0c:3a:b6:a4:fc:17:4f:eb:cb:d6:8d:42:
15:32:5a:cb:5c:5a:90:25:eb:2a:31:81:b3:e1:14:
1d:fb:b7:5a:a6:7c:31:4e:ae:80:02:3c:d2:c6:ce:
4f:5f:01:4b:28:81:f6:87:e9:6e:2e:98:1e:a9:a7:
1c:33:93:de:55:fe:1f:28:a0:e5:38:e0:e4:15:1f:
87:37:2a:a8:46:6b:33:7b:fe:af:72:08:f7:a2:5d:
3b:9d:af:78:54:76:90:f4:0e:3e:84:00:a9:c5:42:
a9:fd:5f:a4:f1:62:80:0e:66:b7:44:b6:c9:fd:70:
f1:c3:c1:78:53:1e:e9:47:93:e4:11:e4:99:ae:9e:
da:8a:3c:7c:7f:b2:47:06:ad:56:48:b5:f0:33:da:
3a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:C6:66:2E:BB:66:0E:E4:23:EE:5A:5C:2C:13:12:00:BD:F9:B0:6A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lsZmLrtmDuQj7lpcLBMSAL35sGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.157.0/24
213.209.130.0/24
213.209.138.0/24
213.209.147.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
0c:84:12:74:fc:7f:36:dd:6d:12:74:2d:c0:5b:6e:4c:48:7b:
67:b1:ef:02:7d:84:c6:83:3a:51:37:8f:99:cb:ca:d1:fc:eb:
3e:d3:6e:49:5e:3a:0d:c6:9a:87:91:40:4e:ed:1a:20:2b:41:
77:ea:0f:5b:27:8e:38:5e:c7:64:e7:f4:e3:a0:42:30:9c:b4:
ec:4f:4b:64:e4:2a:b6:21:1d:d9:ab:6c:da:5e:57:46:62:66:
a2:30:7a:7e:63:d3:16:0c:59:00:fd:61:40:c2:08:e1:06:12:
cc:ba:5f:20:87:f4:a3:f4:f3:7c:88:6c:9e:1b:46:3d:06:92:
cf:f7:4b:e1:69:65:95:e6:3d:64:b6:8e:34:c6:c6:08:59:0e:
5c:e3:f9:93:b3:64:b3:9f:ff:e1:89:87:f4:5d:f0:31:6f:33:
cc:25:6f:ee:7a:40:d7:9f:a7:9c:db:43:f6:4a:c6:1c:46:a2:
d0:5b:1b:93:bc:34:95:5c:8f:20:a3:2a:62:f9:98:12:57:26:
64:65:fd:4f:81:86:62:44:13:7c:b4:0b:91:dd:79:d1:31:1f:
56:e7:b6:83:59:e2:7d:de:e4:32:43:4d:66:5b:3c:5a:42:d7:
5d:e2:c5:b5:13:2d:97:3f:fb:1e:2a:44:27:a0:fe:e7:c7:4a:
9b:d7:17:a8
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIEB3G/szANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDIx
NDE2Mjg0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTZjNjY2MmViYjY2
MGVlNDIzZWU1YTVjMmMxMzEyMDBiZGY5YjA2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcHdn3FfJlikaFypXGAj0/dmf/fiYRmz9rba9w6V7zLiGHL
oAftA6bwwCZJRJgEpqh1TRplZPM2jCVQ1bUKR3NkWig4a8f2ApDMZoErU5Ir/VPV
2rF1WLpr0d4aPFlyYqTJJNvT69tUtOeNDDq2pPwXT+vL1o1CFTJay1xakCXrKjGB
s+EUHfu3WqZ8MU6ugAI80sbOT18BSyiB9ofpbi6YHqmnHDOT3lX+Hyig5Tjg5BUf
hzcqqEZrM3v+r3II96JdO52veFR2kPQOPoQAqcVCqf1fpPFigA5mt0S2yf1w8cPB
eFMe6UeT5BHkma6e2oo8fH+yRwatVki18DPaOq0CAwEAAaOCAnYwggJyMB0GA1Ud
DgQWBBSWxmYuu2YO5CPuWlwsExIAvfmwajAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2xzWm1McnRtRHVRajdscGNMQk1TQUwzNXNHby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
iwYIKwYBBQUHAQcBAf8EfDB6MGIEAgABMFwwDAMEB01agAMEAE1agjAMAwQCTVqE
AwQATVqKAwQATVqMMAwDBAFNWo4DBABNWpAwDAMEAU1akgMEAE1alAMEAE1amQME
AE1anQMEANXRggMEANXRigMEANXRkzAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJ
KoZIhvcNAQELBQADggEBAAyEEnT8fzbdbRJ0LcBbbkxIe2ex7wJ9hMaDOlE3j5nL
ytH86z7TbkleOg3GmoeRQE7tGiArQXfqD1snjjhex2Tn9OOgQjCctOxPS2TkKrYh
HdmrbNpeV0ZiZqIwen5j0xYMWQD9YUDCCOEGEsy6XyCH9KP083yIbJ4bRj0Gks/3
S+FpZZXmPWS2jjTGxghZDlzj+ZOzZLOf/+GJh/Rd8DFvM8wlb+56QNefp5zbQ/ZK
xhxGotBbG5O8NJVcjyCjKmL5mBJXJmRl/U+BhmJEE3y0C5HdedExH1bntoNZ4n3e
5DJDTWZbPFpC113ixbUTLZc/+x4qRCeg/ufHSpvXF6g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org