Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wlZNFVkKbIi-CcMkk7zQfzofXXA.roa
File: wlZNFVkKbIi-CcMkk7zQfzofXXA.roa (raw, json)
Hash identifier: URyvh2Fi+DOyC9rI6vjnxQ2PeGD98bVBIhSSjx1XYME=
Subject key identifier: C2:56:4D:15:59:0A:6C:88:BE:09:C3:24:93:BC:D0:7F:3A:1F:5D:70
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0182EFEB2A7DD4BE35BAC45BB91731DCDECB
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wlZNFVkKbIi-CcMkk7zQfzofXXA.roa
Signing time: Tue 30 Aug 2022 18:02:22 +0000
ROA not before: Tue 30 Aug 2022 18:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ef:eb:2a:7d:d4:be:35:ba:c4:5b:b9:17:31:dc:de:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 30 18:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c2564d15590a6c88be09c32493bcd07f3a1f5d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8e:ef:0b:69:a7:4f:d5:05:8e:05:b3:b7:9b:
f7:d7:ae:db:06:07:59:bf:af:e8:81:4d:b4:b9:fa:
31:92:4d:c9:7c:cb:16:43:bc:9f:d5:16:ed:9e:56:
d7:fe:9d:e1:5e:92:02:c3:d8:9a:0f:0c:4a:11:68:
bb:12:97:2c:fb:43:61:4b:99:14:41:77:6f:06:f0:
74:96:c7:2f:79:bd:6b:ee:46:ba:9a:72:1a:d5:b6:
d6:bd:ea:61:a4:be:e9:b4:11:11:9e:ce:f4:b8:38:
8e:a7:b3:c0:91:89:26:4a:72:d1:54:bd:fe:7b:e0:
f4:da:af:be:e9:da:21:a0:c1:c0:ab:47:0a:2e:a7:
7c:e7:e8:bf:5d:7e:d3:3e:85:0a:69:56:84:1b:59:
f0:63:1e:8b:b1:7d:e3:30:df:ad:ae:6b:49:74:8a:
40:0c:05:f9:8b:05:56:08:a2:6f:9e:1e:e5:39:28:
f3:0c:c8:fd:eb:d2:29:2c:af:e5:73:19:e3:41:b7:
3b:2e:91:16:9c:8f:82:9f:e6:d7:07:2b:80:3b:cc:
2a:ee:d3:08:02:8b:90:12:b9:6d:e8:eb:07:ab:fd:
12:04:f3:6c:4c:19:5c:7a:eb:9f:90:e9:04:dd:5c:
95:cd:26:79:54:2b:8f:72:84:db:6b:66:1e:fc:10:
94:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:56:4D:15:59:0A:6C:88:BE:09:C3:24:93:BC:D0:7F:3A:1F:5D:70
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wlZNFVkKbIi-CcMkk7zQfzofXXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.139.0-77.90.140.255
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.188.0/24
213.209.130.0/24
213.209.138.0/24
213.209.145.0/24
213.209.149.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
84:97:dd:51:3d:95:4b:8e:96:c2:36:48:46:ea:83:cf:13:57:
fe:6e:98:2b:17:e1:e7:ff:38:f6:bf:4b:bc:c5:9b:ba:f4:46:
35:1e:29:ca:83:77:89:b5:67:c1:1d:5c:12:1f:90:63:28:66:
0c:d4:e2:0b:4f:c4:49:e0:8c:85:98:16:d7:95:1b:b9:b4:ff:
bd:04:6e:30:f2:d3:61:b4:2e:bc:a5:2a:77:d1:54:b5:ad:69:
e3:d7:4d:ac:ac:46:6f:85:28:d5:02:28:43:18:89:f0:a4:89:
81:2b:89:4d:f6:62:a6:5a:de:80:db:e9:b2:69:ef:97:e3:a8:
74:f1:7b:89:27:07:88:a3:61:62:29:f1:a9:dc:11:cd:96:4b:
82:7f:2e:4c:00:da:93:af:92:61:af:af:37:49:95:51:24:a2:
ef:f4:ed:13:4d:37:fe:02:02:3c:e3:14:73:85:41:c6:ac:71:
d5:aa:ac:22:c4:de:4d:e2:ac:d5:f3:4c:88:5b:ca:17:2e:45:
fe:61:28:c5:a2:03:04:b5:2f:c3:1b:c5:32:85:4f:a8:82:f1:
98:1e:ef:f8:b0:b7:d1:28:c2:18:3d:ee:66:9e:6e:e5:27:f9:
ae:01:18:ca:17:d4:3f:13:76:ba:82:74:2f:44:e5:cb:c9:32:
77:43:f0:26
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYLv6yp91L41usRbuRcx3N7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwODMwMTgwMjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjU2NGQxNTU5MGE2Yzg4YmUwOWMzMjQ5M2JjZDA3ZjNhMWY1ZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp47vC2mnT9UFjgWzt5v3167bBgdZ
v6/ogU20ufoxkk3JfMsWQ7yf1RbtnlbX/p3hXpICw9iaDwxKEWi7Epcs+0NhS5kU
QXdvBvB0lscveb1r7ka6mnIa1bbWvephpL7ptBERns70uDiOp7PAkYkmSnLRVL3+
e+D02q++6dohoMHAq0cKLqd85+i/XX7TPoUKaVaEG1nwYx6LsX3jMN+trmtJdIpA
DAX5iwVWCKJvnh7lOSjzDMj969IpLK/lcxnjQbc7LpEWnI+Cn+bXByuAO8wq7tMI
AouQErlt6OsHq/0SBPNsTBlceuufkOkE3VyVzSZ5VCuPcoTba2Ye/BCUtQIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFMJWTRVZCmyIvgnDJJO80H86H11wMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvd2xaTkZWa0tiSWktQ2NNa2s3elFmem9mWFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAU1aiDAMAwQATVqLAwQATVqMMAwDBAFNWo4DBABN
WpQwDAMEAE1amQMEAE1amgMEAE1avAMEANXRggMEANXRigMEANXRkQMEANXRlQME
ANXRnTAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAISX
3VE9lUuOlsI2SEbqg88TV/5umCsX4ef/OPa/S7zFm7r0RjUeKcqDd4m1Z8EdXBIf
kGMoZgzU4gtPxEngjIWYFteVG7m0/70EbjDy02G0LrylKnfRVLWtaePXTaysRm+F
KNUCKEMYifCkiYEriU32YqZa3oDb6bJp75fjqHTxe4knB4ijYWIp8ancEc2WS4J/
LkwA2pOvkmGvrzdJlVEkou/07RNNN/4CAjzjFHOFQcascdWqrCLE3k3irNXzTIhb
yhcuRf5hKMWiAwS1L8MbxTKFT6iC8Zge7/iwt9Eowhg97maebuUn+a4BGMoX1D8T
drqCdC9E5cvJMndD8CY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org