Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wTAo7k6nk_7toBR8gFACzVMPQRc.roa
File: wTAo7k6nk_7toBR8gFACzVMPQRc.roa (raw, json)
Hash identifier: 0TVJgic7AR7CNcMsfK3QFlDtvBZdCHDGaLdj+GLJJMM=
Subject key identifier: C1:30:28:EE:4E:A7:93:FE:ED:A0:14:7C:80:50:02:CD:53:0F:41:17
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018432AB2DEA5D9F29F5BC44016113E3D5F8
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wTAo7k6nk_7toBR8gFACzVMPQRc.roa
Signing time: Tue 01 Nov 2022 10:09:50 +0000
ROA not before: Tue 01 Nov 2022 10:09:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:ab:2d:ea:5d:9f:29:f5:bc:44:01:61:13:e3:d5:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 1 10:09:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c13028ee4ea793feeda0147c805002cd530f4117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c4:3d:c1:21:26:04:35:4e:e9:40:86:c4:0c:
ae:42:31:5d:ca:12:87:ad:0c:a1:85:93:79:f0:9c:
6f:b0:7b:17:9d:4c:18:0b:72:49:72:10:ff:7f:03:
2c:5d:9f:62:42:71:24:5b:07:fb:d8:22:1d:e6:bb:
ae:b3:16:91:9d:27:9a:35:97:ac:1a:88:d3:a8:e5:
1f:e5:1b:d1:04:4a:7c:dc:46:58:26:ce:70:ae:a1:
42:eb:36:b7:24:79:44:96:5a:52:f5:8c:fe:73:d4:
ec:da:79:c8:f9:50:d5:3b:1a:b3:07:1d:fd:46:ce:
b7:4d:d3:d9:2f:25:84:1e:94:9d:87:ec:63:7d:ec:
ce:36:51:31:79:b4:72:b6:79:61:9e:f5:3c:4a:ee:
6a:1e:5f:de:f7:ac:05:89:86:46:71:ef:f0:08:03:
cf:0f:3f:a2:d2:9e:f4:4a:9e:54:78:e8:b2:50:0f:
ab:a9:03:7d:b6:03:b5:d2:77:6b:ff:49:3d:a9:d3:
70:b4:d6:f7:0e:39:5e:97:8c:4b:5a:13:da:a0:17:
9a:31:91:e6:ca:2a:be:10:84:fd:d9:af:62:ed:65:
39:fb:dc:7e:b7:65:d0:c5:29:1b:eb:d1:81:11:dd:
9f:6b:86:4c:6d:68:11:b4:3b:27:e4:7a:f5:fe:18:
10:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:30:28:EE:4E:A7:93:FE:ED:A0:14:7C:80:50:02:CD:53:0F:41:17
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wTAo7k6nk_7toBR8gFACzVMPQRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.140.255
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.156.0/24
77.90.178.0/24
77.90.184.0/24
77.90.188.0/24
185.230.13.0-185.230.14.255
213.209.138.0/24
213.209.143.0/24
213.209.156.0/23
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
11:5d:18:98:cc:d2:be:36:37:b7:54:6a:db:5b:7a:be:81:b3:
20:2a:5b:ea:a0:ce:2d:23:02:8c:c6:61:32:96:ca:8b:14:6e:
e9:ab:76:bc:8c:e6:6f:64:8f:df:f9:3c:e8:c3:8a:42:cf:a2:
65:dc:f5:94:a0:75:96:8c:b9:9c:dd:fa:32:9e:24:c0:d8:34:
35:43:a5:be:f7:f5:56:3b:01:ef:cd:d5:99:f7:f9:d2:d6:30:
81:52:1a:8e:d4:9b:48:16:e7:0a:8e:49:44:bc:ae:89:73:eb:
81:11:e3:07:1f:27:08:a1:c3:1e:5b:af:4f:7c:33:98:26:e8:
52:b3:a7:5d:45:90:1f:72:b3:ae:76:6f:81:98:d3:47:2d:7c:
f5:89:60:32:e7:12:b3:0a:aa:f7:6c:42:d6:75:06:25:11:44:
45:05:00:e0:27:98:3b:4d:3b:05:ed:eb:a8:42:6e:56:e2:d9:
12:87:f9:08:a2:16:a3:3f:77:63:3e:c8:54:4b:8e:a6:ef:17:
67:0d:5f:3b:23:67:4f:6c:e4:c7:c0:55:6e:68:45:5d:dc:3c:
22:c1:24:9a:b6:29:97:a5:1e:9f:40:bd:d5:59:3a:1c:41:30:
9e:c4:2f:88:a9:36:48:f0:b9:30:21:06:90:51:ae:be:dc:bf:
d0:1f:8d:57
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYQyqy3qXZ8p9bxEAWET49X4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTAxMTAwOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTMwMjhlZTRlYTc5M2ZlZWRhMDE0N2M4MDUwMDJjZDUzMGY0MTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsQ9wSEmBDVO6UCGxAyuQjFdyhKH
rQyhhZN58JxvsHsXnUwYC3JJchD/fwMsXZ9iQnEkWwf72CId5ruusxaRnSeaNZes
GojTqOUf5RvRBEp83EZYJs5wrqFC6za3JHlEllpS9Yz+c9Ts2nnI+VDVOxqzBx39
Rs63TdPZLyWEHpSdh+xjfezONlExebRytnlhnvU8Su5qHl/e96wFiYZGce/wCAPP
Dz+i0p70Sp5UeOiyUA+rqQN9tgO10ndr/0k9qdNwtNb3Djlel4xLWhPaoBeaMZHm
yiq+EIT92a9i7WU5+9x+t2XQxSkb69GBEd2fa4ZMbWgRtDsn5Hr1/hgQIwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFMEwKO5Op5P+7aAUfIBQAs1TD0EXMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvd1RBbzdrNm5rXzd0b0JSOGdGQUN6Vk1QUVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDB8BAIAATB2MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ajDAMAwQBTVqOAwQATVqUMAwDBABNWpkDBABN
WpoDBABNWpwDBABNWrIDBABNWrgDBABNWrwwDAMEALnmDQMEALnmDgMEANXRigME
ANXRjwMEAdXRnAMEANXRnzAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcN
AQELBQADggEBABFdGJjM0r42N7dUattber6BsyAqW+qgzi0jAozGYTKWyosUbumr
dryM5m9kj9/5POjDikLPomXc9ZSgdZaMuZzd+jKeJMDYNDVDpb739VY7Ae/N1Zn3
+dLWMIFSGo7Um0gW5wqOSUS8rolz64ER4wcfJwihwx5br098M5gm6FKzp11FkB9y
s652b4GY00ctfPWJYDLnErMKqvdsQtZ1BiURREUFAOAnmDtNOwXt66hCblbi2RKH
+QiiFqM/d2M+yFRLjqbvF2cNXzsjZ09s5MfAVW5oRV3cPCLBJJq2KZelHp9AvdVZ
OhxBMJ7EL4ipNkjwuTAhBpBRrr7cv9AfjVc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org