Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vnZl-dLgWQwXQzX0T6NN19qoWpE.roa
File: vnZl-dLgWQwXQzX0T6NN19qoWpE.roa (raw, json)
Hash identifier: QMGtPTmMWwXq7KF+sLOJerVvLJqkU1Y9cAhVWeS2jbY=
Subject key identifier: BE:76:65:F9:D2:E0:59:0C:17:43:35:F4:4F:A3:4D:D7:DA:A8:5A:91
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09AFA8E7
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vnZl-dLgWQwXQzX0T6NN19qoWpE.roa
Signing time: Fri 17 Jun 2022 12:29:44 +0000
ROA not before: Fri 17 Jun 2022 12:29:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162506983 (0x9afa8e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 17 12:29:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be7665f9d2e0590c174335f44fa34dd7daa85a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:75:70:b6:b5:fa:b3:11:e6:e2:3a:d2:ca:91:
de:58:77:d3:cc:83:0c:68:23:82:4d:6f:9d:e0:fe:
30:36:89:f8:cf:d4:0a:ef:c3:6f:2d:b0:f2:89:d0:
ef:a1:53:b3:f6:76:2f:02:d8:3f:c2:18:9b:ac:2f:
70:de:3e:74:c0:f6:23:c5:d6:fb:0b:5f:f7:40:5b:
e1:ec:9f:4e:76:d3:c3:f0:b0:dd:69:04:a0:19:f2:
0b:ec:22:81:c4:5c:61:64:e7:aa:d6:22:94:0d:c5:
d8:c0:79:82:8f:03:95:d8:d3:c6:b7:6f:5f:15:c2:
50:39:54:40:d6:22:3b:d4:7f:6e:3f:3a:57:ae:ba:
4d:58:94:25:57:ca:20:0f:e5:1a:7f:c4:3b:03:7e:
6d:fd:05:27:dc:34:06:f7:ab:a6:23:51:8f:c7:9c:
f5:86:42:0f:06:f0:7b:df:0d:2e:55:c0:4a:d5:3f:
da:f3:a0:1a:21:71:84:62:42:e6:19:5c:7d:31:8e:
e7:2c:80:9c:8b:0c:5a:59:2c:c6:52:b3:d7:6f:0e:
dc:b8:16:64:51:6f:32:3a:71:c4:d0:5e:18:55:51:
a4:b7:06:db:9b:3a:27:27:19:52:96:ec:9a:81:02:
1b:26:c4:d3:5e:b0:ed:e6:13:07:be:2d:ea:fc:84:
42:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:76:65:F9:D2:E0:59:0C:17:43:35:F4:4F:A3:4D:D7:DA:A8:5A:91
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vnZl-dLgWQwXQzX0T6NN19qoWpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.138.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.149.255
77.90.153.0/24
77.90.164.0/24
77.90.179.0/24
77.90.181.0/24
77.90.191.0/24
185.230.15.0/24
213.209.130.0/24
213.209.136.0/24
213.209.138.0/24
213.209.143.0-213.209.144.255
213.209.147.0/24
213.209.158.0/23
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
7c:0f:d4:08:82:da:d8:84:65:0b:3e:3d:93:7f:4f:d8:0f:8a:
6b:3e:54:a6:ed:be:40:43:02:b4:96:4e:e0:11:b4:95:45:e2:
aa:68:b9:84:22:1a:bf:e0:4a:a7:ef:0d:0d:9f:77:57:53:ea:
e2:ed:6c:5d:39:ef:f5:a4:94:cb:73:0e:18:78:3b:23:ea:50:
14:23:0a:c8:b5:39:4c:00:f7:cd:b1:ee:dc:c3:03:d2:da:fd:
4e:84:4f:9b:ac:0b:47:30:39:1c:b7:af:82:78:ee:44:30:ff:
f6:08:e3:b7:9c:dc:68:24:77:22:1c:95:77:72:0c:7c:b9:4b:
62:df:2e:44:5a:78:c7:18:6b:1d:17:15:68:b9:8b:61:eb:11:
79:4e:7d:4e:91:49:25:76:d8:b7:38:19:88:e0:75:82:69:61:
59:03:d6:55:3d:d9:57:23:a4:88:f6:05:81:b0:2d:a9:e4:af:
cc:dc:70:11:09:89:35:80:6a:03:39:22:0e:1a:5d:c4:89:e5:
00:1e:93:e8:a0:cd:e1:4f:08:c7:fb:a0:01:54:b5:f7:b4:89:
52:f8:7c:ff:2c:7a:d4:4b:6a:5d:dc:59:00:78:26:cf:27:96:
eb:75:49:d7:eb:1f:b1:df:b8:c7:c3:02:38:fe:36:9b:c5:86:
1b:6c:c4:50
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIECa+o5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYx
NzEyMjk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmU3NjY1ZjlkMmUw
NTkwYzE3NDMzNWY0NGZhMzRkZDdkYWE4NWE5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALR1cLa1+rMR5uI60sqR3lh308yDDGgjgk1vneD+MDaJ+M/U
Cu/Dby2w8onQ76FTs/Z2LwLYP8IYm6wvcN4+dMD2I8XW+wtf90Bb4eyfTnbTw/Cw
3WkEoBnyC+wigcRcYWTnqtYilA3F2MB5go8DldjTxrdvXxXCUDlUQNYiO9R/bj86
V666TViUJVfKIA/lGn/EOwN+bf0FJ9w0BverpiNRj8ec9YZCDwbwe98NLlXAStU/
2vOgGiFxhGJC5hlcfTGO5yyAnIsMWlksxlKz128O3LgWZFFvMjpxxNBeGFVRpLcG
25s6JycZUpbsmoECGybE016w7eYTB74t6vyEQq0CAwEAAaOCAqwwggKoMB0GA1Ud
DgQWBBS+dmX50uBZDBdDNfRPo03X2qhakTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3ZuWmwtZExnV1F3WFF6WDBUNk5OMTlxb1dwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wQYIKwYBBQUHAQcBAf8EgbEwga4wgZUEAgABMIGOMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpIDBAFNWpQDBABN
WpkDBABNWqQDBABNWrMDBABNWrUDBABNWr8DBAC55g8DBADV0YIDBADV0YgDBADV
0YowDAMEANXRjwMEANXRkAMEANXRkwMEAdXRnjAUBAIAAjAOAwUAKgQpwgMFACoE
KccwDQYJKoZIhvcNAQELBQADggEBAHwP1AiC2tiEZQs+PZN/T9gPims+VKbtvkBD
ArSWTuARtJVF4qpouYQiGr/gSqfvDQ2fd1dT6uLtbF057/WklMtzDhh4OyPqUBQj
Csi1OUwA982x7tzDA9La/U6ET5usC0cwORy3r4J47kQw//YI47ec3GgkdyIclXdy
DHy5S2LfLkRaeMcYax0XFWi5i2HrEXlOfU6RSSV22Lc4GYjgdYJpYVkD1lU92Vcj
pIj2BYGwLankr8zccBEJiTWAagM5Ig4aXcSJ5QAek+igzeFPCMf7oAFUtfe0iVL4
fP8setRLal3cWQB4Js8nlut1SdfrH7HfuMfDAjj+NpvFhhtsxFA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org