Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nlBcrBgnC_maZMSohSLGaVDqXMU.roa
File: nlBcrBgnC_maZMSohSLGaVDqXMU.roa (raw, json)
Hash identifier: yB2MfwfbrInrWgTtYDHoZy9+5Hv3QH/ITe9B/Cn2Dhw=
Subject key identifier: 9E:50:5C:AC:18:27:0B:F9:9A:64:C4:A8:85:22:C6:69:50:EA:5C:C5
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 07C29EEA
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nlBcrBgnC_maZMSohSLGaVDqXMU.roa
Signing time: Mon 07 Mar 2022 20:30:49 +0000
ROA not before: Mon 07 Mar 2022 20:30:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130195178 (0x7c29eea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 7 20:30:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e505cac18270bf99a64c4a88522c66950ea5cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:21:46:da:f4:dc:e0:9a:ae:d5:01:a1:f0:6b:
18:93:7d:d4:1a:46:1c:7e:85:86:bd:39:38:e7:c8:
47:0a:16:d6:b2:0c:4d:34:05:f6:c6:4c:c9:12:77:
94:ab:34:04:1d:7c:13:0c:3e:59:0b:3e:08:55:96:
0c:61:15:c3:df:ff:9f:bb:79:95:72:09:0f:dd:f9:
47:6e:23:26:24:3f:7e:c2:0d:f0:42:f9:39:5f:78:
28:9f:e4:48:c0:88:c1:69:bb:af:bc:25:bd:07:c9:
12:14:77:56:f1:4d:8f:09:5f:84:1a:45:c4:bf:9b:
82:87:da:fc:f0:d1:63:d1:6c:54:0e:4c:0c:d8:6b:
a3:1c:d1:ba:37:4d:85:53:1e:85:bd:aa:46:e9:d9:
e9:27:52:81:d7:ff:31:40:28:47:61:01:79:1b:a3:
18:eb:dc:42:1b:bd:24:cc:83:19:b4:0d:c3:b6:3a:
ce:89:3b:d8:32:22:20:ce:d8:2e:3f:a2:5d:8b:1c:
1f:d5:89:0e:32:13:a5:e1:6d:15:11:02:46:52:c8:
20:dd:94:03:42:de:54:ed:97:40:4c:31:e4:20:57:
4a:9e:7d:64:ec:2e:11:cc:6a:cb:93:5a:87:97:49:
9c:ed:0d:6a:94:63:40:ba:4a:70:7f:0b:45:ae:b2:
ac:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:50:5C:AC:18:27:0B:F9:9A:64:C4:A8:85:22:C6:69:50:EA:5C:C5
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nlBcrBgnC_maZMSohSLGaVDqXMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.179.0/24
77.90.185.0/24
213.209.129.0-213.209.130.255
213.209.133.0/24
213.209.136.0/24
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
07:64:26:28:6a:a7:12:c9:a1:43:a1:90:ce:5f:11:1c:57:bd:
bc:f4:00:24:0e:12:f1:80:6c:83:c4:9b:d6:a1:53:15:d3:89:
a7:88:45:1b:df:38:c7:15:dc:45:2b:c4:2d:69:8d:13:72:9d:
79:92:13:b9:9d:54:fa:49:7e:7d:e3:a0:06:7c:12:71:9b:fb:
84:ab:00:7b:02:c7:b4:d0:77:b5:bb:5d:76:3d:45:2a:a2:8f:
c8:eb:a1:87:a9:ed:25:83:60:b9:b0:87:aa:70:bb:98:58:35:
44:05:75:20:7c:dd:ce:b0:66:e9:2b:b9:ca:0a:13:1f:60:ad:
45:ac:d9:a0:2a:4d:0e:cc:88:36:9a:5f:39:28:31:d3:ed:09:
66:33:9b:72:4d:01:6b:13:8b:16:06:ef:6c:8e:fa:a0:41:2c:
74:0e:67:fe:48:46:ef:6e:2a:a3:bf:85:63:d5:9f:63:6a:3f:
10:09:ba:63:c0:57:67:e4:49:1b:4c:fa:1e:24:70:15:65:d3:
18:df:1e:f9:69:96:ac:3d:6b:6b:8c:bf:a4:a8:f4:77:ae:dd:
a1:ad:93:c5:2d:5f:4b:ce:40:dc:5b:ce:ae:20:63:65:13:f7:
b3:98:d6:53:25:2b:df:9c:53:6b:c7:75:d0:92:5f:74:9c:46:
94:5d:f6:1d
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIEB8Ke6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMw
NzIwMzA0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU1MDVjYWMxODI3
MGJmOTlhNjRjNGE4ODUyMmM2Njk1MGVhNWNjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAhRtr03OCartUBofBrGJN91BpGHH6Fhr05OOfIRwoW1rIM
TTQF9sZMyRJ3lKs0BB18Eww+WQs+CFWWDGEVw9//n7t5lXIJD935R24jJiQ/fsIN
8EL5OV94KJ/kSMCIwWm7r7wlvQfJEhR3VvFNjwlfhBpFxL+bgofa/PDRY9FsVA5M
DNhroxzRujdNhVMehb2qRunZ6SdSgdf/MUAoR2EBeRujGOvcQhu9JMyDGbQNw7Y6
zok72DIiIM7YLj+iXYscH9WJDjITpeFtFRECRlLIIN2UA0LeVO2XQEwx5CBXSp59
ZOwuEcxqy5Nah5dJnO0NapRjQLpKcH8LRa6yrM8CAwEAAaOCAoYwggKCMB0GA1Ud
DgQWBBSeUFysGCcL+ZpkxKiFIsZpUOpcxTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L25sQmNyQmduQ19tYVpNU29oU0xHYVZEcVhNVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mwYIKwYBBQUHAQcBAf8EgYswgYgwcAQCAAEwajAMAwQHTVqAAwQATVqCMAwDBAJN
WoQDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqSAwQATVqUAwQATVqz
AwQATVq5MAwDBADV0YEDBADV0YIDBADV0YUDBADV0YgDBADV0YowFAQCAAIwDgMF
ACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQAHZCYoaqcSyaFDoZDOXxEc
V7289AAkDhLxgGyDxJvWoVMV04mniEUb3zjHFdxFK8QtaY0Tcp15khO5nVT6SX59
46AGfBJxm/uEqwB7Ase00He1u112PUUqoo/I66GHqe0lg2C5sIeqcLuYWDVEBXUg
fN3OsGbpK7nKChMfYK1FrNmgKk0OzIg2ml85KDHT7QlmM5tyTQFrE4sWBu9sjvqg
QSx0Dmf+SEbvbiqjv4Vj1Z9jaj8QCbpjwFdn5EkbTPoeJHAVZdMY3x75aZasPWtr
jL+kqPR3rt2hrZPFLV9LzkDcW86uIGNlE/ezmNZTJSvfnFNrx3XQkl90nEaUXfYd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org