Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wLDvr3ppm3dvnTqaTVWtuNeTAcw.roa
File: wLDvr3ppm3dvnTqaTVWtuNeTAcw.roa (raw, json)
Hash identifier: 1DUhFW5qBUMkgZ6fclCjlW3JZzHCmA6qaHPJMqv34nE=
Subject key identifier: C0:B0:EF:AF:7A:69:9B:77:6F:9D:3A:9A:4D:55:AD:B8:D7:93:01:CC
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0184FBD96BB3F79D9004647F9C05AE722BA2
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wLDvr3ppm3dvnTqaTVWtuNeTAcw.roa
Signing time: Sat 10 Dec 2022 11:44:00 +0000
ROA not before: Sat 10 Dec 2022 11:44:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fb:d9:6b:b3:f7:9d:90:04:64:7f:9c:05:ae:72:2b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Dec 10 11:44:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0b0efaf7a699b776f9d3a9a4d55adb8d79301cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9b:04:bb:7c:af:35:8d:dc:c8:18:ed:77:4f:
7d:25:0b:3e:15:9a:ff:f7:f1:a5:63:86:8e:bd:b9:
77:0f:d2:7f:02:28:ef:c5:c8:f1:ea:2f:63:a8:63:
ea:44:d8:ac:fe:94:a4:0f:3f:af:b8:fc:f3:6a:87:
f6:3e:1b:c0:87:cc:ec:ba:69:5e:07:3f:cc:cb:69:
90:92:cb:a0:14:6b:0a:ec:e7:91:10:e7:41:96:b3:
43:85:d9:64:31:96:ba:29:2d:c9:54:00:61:2b:c7:
bf:6a:88:c3:90:dc:ad:c6:73:cd:35:d3:da:ae:85:
b5:ca:db:f0:cf:f0:41:52:1d:9c:b0:2e:a5:22:f1:
81:fd:43:5e:4f:df:60:76:f6:b1:e3:60:c3:b4:66:
21:88:56:39:15:35:45:b0:6f:da:ab:2c:e1:cd:ce:
60:85:86:25:a8:c3:a0:0a:e1:29:94:f9:83:b1:cd:
c4:47:32:c0:d4:8a:35:39:49:03:28:cc:6f:b2:16:
ab:d9:d2:a7:39:c2:7b:e2:9f:ab:27:50:09:cc:cc:
5a:3e:a4:c3:79:0b:0c:a8:67:f9:23:ae:eb:8b:3a:
40:8f:73:c2:1b:91:c4:b0:9c:c2:a7:73:e1:34:dd:
e9:cb:a2:b9:fd:42:78:f8:17:6c:96:05:ee:9b:c4:
13:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B0:EF:AF:7A:69:9B:77:6F:9D:3A:9A:4D:55:AD:B8:D7:93:01:CC
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wLDvr3ppm3dvnTqaTVWtuNeTAcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.156.0/24
77.90.184.0/23
77.90.188.0/24
185.230.14.0/24
213.209.136.0/24
213.209.138.0/24
213.209.143.0/24
213.209.146.0/24
213.209.149.0-213.209.151.255
213.209.156.0/23
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
40:cb:3d:e1:4d:a8:38:8c:e2:ca:29:c6:9b:f2:c8:9b:88:f6:
d1:70:b8:29:d3:12:36:16:e6:d8:13:91:4c:79:7c:d7:de:e2:
5c:46:2c:dd:00:f2:af:ea:5a:e1:3c:b9:9e:af:44:d8:a7:55:
fb:26:64:89:02:47:b3:19:cc:be:e9:70:03:24:f1:d8:d1:e3:
ae:44:1a:b0:93:8e:ae:a3:27:a6:8e:0f:2c:ed:0b:fb:6d:41:
71:e5:af:0c:c9:c1:f5:59:04:19:a2:c0:9e:8b:41:8e:54:59:
38:71:da:1e:e3:35:a8:12:f7:5f:5a:db:79:c1:e6:6d:2e:05:
c8:ec:f6:f2:de:69:0c:5c:b3:f0:4e:fa:23:54:8c:84:fa:6e:
33:9b:32:f7:68:cb:b9:c5:1f:03:1a:47:9f:b9:67:d5:fc:51:
0e:d8:1a:e9:fa:31:34:1f:49:b0:1d:a6:8a:6a:f7:9f:13:83:
d8:79:0a:cb:89:08:89:3c:68:03:fe:89:65:fd:fe:06:ea:9c:
05:e3:f9:1f:38:a9:36:c3:98:2f:51:20:ce:b2:01:97:9d:5b:
6c:d6:1d:4b:97:5e:73:94:c8:ce:40:0c:63:f3:d0:74:ae:9d:
37:8b:2c:22:a5:fd:19:53:d4:f1:18:23:e1:92:d8:4e:8e:2c:
f1:66:47:82
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYT72Wuz952QBGR/nAWuciuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMjEwMTE0NDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGIwZWZhZjdhNjk5Yjc3NmY5ZDNhOWE0ZDU1YWRiOGQ3OTMwMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpsEu3yvNY3cyBjtd099JQs+FZr/
9/GlY4aOvbl3D9J/Aijvxcjx6i9jqGPqRNis/pSkDz+vuPzzaof2PhvAh8zsumle
Bz/My2mQksugFGsK7OeREOdBlrNDhdlkMZa6KS3JVABhK8e/aojDkNytxnPNNdPa
roW1ytvwz/BBUh2csC6lIvGB/UNeT99gdvax42DDtGYhiFY5FTVFsG/aqyzhzc5g
hYYlqMOgCuEplPmDsc3ERzLA1Io1OUkDKMxvshar2dKnOcJ74p+rJ1AJzMxaPqTD
eQsMqGf5I67rizpAj3PCG5HEsJzCp3PhNN3py6K5/UJ4+BdslgXum8QTlQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFMCw7696aZt3b506mk1VrbjXkwHMMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvd0xEdnIzcHBtM2R2blRxYVRWV3R1TmVUQWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBlQQCAAEwgY4wDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAwDAME
AU1akgMEAE1alAMEAE1amQMEAE1anAMEAU1auAMEAE1avAMEALnmDgMEANXRiAME
ANXRigMEANXRjwMEANXRkjAMAwQA1dGVAwQD1dGQAwQB1dGcAwQA1dGfMBQEAgAC
MA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAQMs94U2oOIziyinG
m/LIm4j20XC4KdMSNhbm2BORTHl8197iXEYs3QDyr+pa4Ty5nq9E2KdV+yZkiQJH
sxnMvulwAyTx2NHjrkQasJOOrqMnpo4PLO0L+21BceWvDMnB9VkEGaLAnotBjlRZ
OHHaHuM1qBL3X1rbecHmbS4FyOz28t5pDFyz8E76I1SMhPpuM5sy92jLucUfAxpH
n7ln1fxRDtga6foxNB9JsB2mimr3nxOD2HkKy4kIiTxoA/6JZf3+BuqcBeP5Hzip
NsOYL1EgzrIBl51bbNYdS5dec5TIzkAMY/PQdK6dN4ssIqX9GVPU8Rgj4ZLYTo4s
8WZHgg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org