Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/trbTrF2Ue6gSlRgHsKg3UX1DVH4.roa
File: trbTrF2Ue6gSlRgHsKg3UX1DVH4.roa (raw, json)
Hash identifier: k8cqGiSgp7wmvD/s8+wE+vOaA0ND9dvTBQNojImkE/Q=
Subject key identifier: B6:B6:D3:AC:5D:94:7B:A8:12:95:18:07:B0:A8:37:51:7D:43:54:7E
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0181E46FE06999813E61BF5FDE8387737F1D
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/trbTrF2Ue6gSlRgHsKg3UX1DVH4.roa
Signing time: Sat 09 Jul 2022 19:29:06 +0000
ROA not before: Sat 09 Jul 2022 19:29:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e4:6f:e0:69:99:81:3e:61:bf:5f:de:83:87:73:7f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 9 19:29:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6b6d3ac5d947ba812951807b0a837517d43547e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ac:24:e9:0d:6f:ee:8d:ef:0d:66:0d:46:f2:
27:94:ed:c8:d6:9e:cf:84:e4:06:c9:a1:c8:02:45:
ce:d7:ed:38:52:dc:34:5d:aa:88:f2:fd:a7:2e:e2:
8c:be:a8:00:65:eb:fa:45:19:cd:90:9d:0c:8b:fb:
99:f6:dd:d0:d0:a6:1c:21:30:ef:dd:49:b4:28:b7:
0b:9b:06:f4:fb:42:39:d5:a8:ea:b2:1b:2b:a6:7b:
82:4a:06:35:24:af:e1:a9:c4:e2:c7:e7:38:12:f9:
9b:78:26:b9:72:c0:74:de:bb:c2:4c:31:cc:dd:3e:
29:ca:eb:8a:1e:83:37:f0:16:dd:78:12:62:25:91:
ad:cc:be:9e:62:6a:82:c4:a6:cc:57:02:8a:ff:19:
af:18:0f:40:34:64:35:12:49:50:b1:1a:f5:1a:3d:
c7:52:fb:ef:33:6e:00:42:4c:e1:78:00:2c:96:85:
7a:6a:9a:86:7d:df:53:35:77:2b:0a:dc:a4:79:4a:
f1:7d:b9:bc:ff:5e:3c:05:ed:a0:a1:3d:36:5d:7d:
da:ac:51:aa:36:fd:1c:54:2c:d5:e9:f5:da:65:08:
22:c6:a2:0a:b6:db:ea:69:03:47:46:2d:1b:bd:3e:
fb:d9:7f:b5:05:cc:f8:06:34:e9:5e:13:18:ef:70:
b7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B6:D3:AC:5D:94:7B:A8:12:95:18:07:B0:A8:37:51:7D:43:54:7E
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/trbTrF2Ue6gSlRgHsKg3UX1DVH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.140.255
77.90.142.0-77.90.148.255
77.90.150.0/24
77.90.153.0-77.90.154.255
77.90.157.0/24
77.90.179.0/24
77.90.181.0/24
77.90.191.0/24
213.209.130.0/24
213.209.133.0-213.209.134.255
213.209.138.0/24
213.209.147.0/24
213.209.149.0/24
213.209.151.0/24
213.209.158.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
59:e5:a9:01:8c:78:63:1a:8c:df:f3:3e:42:39:c9:c6:dc:85:
45:16:6d:ad:88:3e:77:7a:35:a2:ce:3b:3e:28:34:55:72:f8:
13:5f:7d:80:4d:da:39:41:a1:6e:8b:e8:01:97:73:ed:9a:ea:
89:36:65:6a:c2:04:e0:15:d3:a6:f9:d3:48:13:72:97:3f:0e:
e5:f2:d8:f9:29:0b:a9:fe:60:5d:92:7e:73:6d:3e:9b:0a:ab:
68:55:d1:71:65:e7:b3:f0:13:1c:39:b7:43:60:99:85:4e:a6:
21:ab:c6:47:fb:f7:20:4a:4d:fa:a4:12:3c:ea:77:b0:63:e9:
9c:16:0a:3d:04:35:b1:d0:10:f2:42:72:aa:67:da:3f:51:17:
f2:dd:91:f3:03:61:69:b4:76:c5:40:67:31:09:f8:6e:17:d5:
f7:41:b6:61:6a:65:2e:90:f2:96:97:48:4f:5f:5b:b0:a6:be:
27:eb:a8:a8:7b:13:89:d3:2b:9e:3b:2b:4e:9a:77:d8:58:35:
f5:f3:d3:07:12:75:69:80:b6:ff:b5:b3:18:e2:71:07:e9:51:
32:1c:66:b3:30:f2:e5:9f:7a:3b:2a:d3:fa:2f:ff:c6:9d:6d:
e2:1c:34:61:9c:21:99:29:00:be:4f:b2:4e:fc:74:7c:45:85:
81:7c:00:b8
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYHkb+BpmYE+Yb9f3oOHc38dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzA5MTkyOTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmI2ZDNhYzVkOTQ3YmE4MTI5NTE4MDdiMGE4Mzc1MTdkNDM1NDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnawk6Q1v7o3vDWYNRvInlO3I1p7P
hOQGyaHIAkXO1+04Utw0XaqI8v2nLuKMvqgAZev6RRnNkJ0Mi/uZ9t3Q0KYcITDv
3Um0KLcLmwb0+0I51ajqshsrpnuCSgY1JK/hqcTix+c4EvmbeCa5csB03rvCTDHM
3T4pyuuKHoM38BbdeBJiJZGtzL6eYmqCxKbMVwKK/xmvGA9ANGQ1EklQsRr1Gj3H
UvvvM24AQkzheAAsloV6apqGfd9TNXcrCtykeUrxfbm8/148Be2goT02XX3arFGq
Nv0cVCzV6fXaZQgixqIKttvqaQNHRi0bvT772X+1Bcz4BjTpXhMY73C3DwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFLa206xdlHuoEpUYB7CoN1F9Q1R+MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdHJiVHJGMlVlNmdTbFJnSHNLZzNVWDFEVkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBjwQCAAEwgYgwDAME
B01agAMEAE1agjAMAwQCTVqEAwQATVqMMAwDBAFNWo4DBABNWpQDBABNWpYwDAME
AE1amQMEAE1amgMEAE1anQMEAE1aswMEAE1atQMEAE1avwMEANXRgjAMAwQA1dGF
AwQA1dGGAwQA1dGKAwQA1dGTAwQA1dGVAwQA1dGXAwQA1dGeMBQEAgACMA4DBQAq
BCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAWeWpAYx4YxqM3/M+QjnJxtyF
RRZtrYg+d3o1os47Pig0VXL4E199gE3aOUGhbovoAZdz7ZrqiTZlasIE4BXTpvnT
SBNylz8O5fLY+SkLqf5gXZJ+c20+mwqraFXRcWXns/ATHDm3Q2CZhU6mIavGR/v3
IEpN+qQSPOp3sGPpnBYKPQQ1sdAQ8kJyqmfaP1EX8t2R8wNhabR2xUBnMQn4bhfV
90G2YWplLpDylpdIT19bsKa+J+uoqHsTidMrnjsrTpp32Fg19fPTBxJ1aYC2/7Wz
GOJxB+lRMhxmszDy5Z96OyrT+i//xp1t4hw0YZwhmSkAvk+yTvx0fEWFgXwAuA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org