Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/xpOe0XDIdEXypCe3KWmrgPhKSf8.roa
File: xpOe0XDIdEXypCe3KWmrgPhKSf8.roa (raw, json)
Hash identifier: 6bJ9aNwSsncvtWJv4tPqwnEK7ybVjrgevHY6PqsE0JY=
Subject key identifier: C6:93:9E:D1:70:C8:74:45:F2:A4:27:B7:29:69:AB:80:F8:4A:49:FF
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0956F1C3
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/xpOe0XDIdEXypCe3KWmrgPhKSf8.roa
Signing time: Sat 28 May 2022 19:27:53 +0000
ROA not before: Sat 28 May 2022 19:27:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
77.90.191.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.181.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156692931 (0x956f1c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 28 19:27:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6939ed170c87445f2a427b72969ab80f84a49ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b7:83:2b:fe:5e:98:79:85:d5:82:b1:ab:71:
89:4f:11:45:89:fa:09:9c:53:86:3b:2b:f7:70:ec:
ea:0d:e7:19:d3:65:3c:92:97:3d:c1:ca:09:73:29:
b7:41:cd:7d:d7:91:3f:2e:91:59:07:39:cd:01:ba:
52:16:3c:25:b5:d1:5c:00:e0:ff:c5:b1:4d:e8:cd:
48:bc:ff:8d:98:ed:37:2e:95:93:92:ca:18:a0:9a:
27:9e:6b:47:38:54:5b:26:00:bf:75:fc:c4:51:fd:
16:8d:50:9f:7f:12:fe:60:96:39:45:23:30:79:2f:
87:90:8e:1b:8c:f4:0d:90:fb:e2:39:20:bb:4c:c2:
98:88:7c:f6:1b:5b:16:67:e1:27:f3:f7:68:44:78:
0c:a3:bb:e4:59:4d:99:a6:47:a7:d6:f8:bd:f4:fd:
3a:48:3c:21:84:87:89:3b:ab:7e:6c:ce:03:c1:2f:
3b:72:81:72:81:70:61:55:06:0f:a6:e5:12:b3:21:
57:b5:6c:2a:6a:d3:d8:b0:b5:66:27:a3:5e:7d:9a:
3c:6f:e4:4d:83:92:32:35:7c:53:46:cc:2e:e2:e7:
4a:54:70:d2:7e:76:16:8a:34:ea:f0:62:bf:e9:35:
6a:16:b1:56:9c:90:25:46:25:e8:88:c6:4b:05:47:
79:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:93:9E:D1:70:C8:74:45:F2:A4:27:B7:29:69:AB:80:F8:4A:49:FF
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/xpOe0XDIdEXypCe3KWmrgPhKSf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.157.0/24
77.90.164.0/24
77.90.178.0/24
77.90.181.0/24
77.90.191.0/24
185.230.13.0/24
213.209.130.0/24
213.209.133.0-213.209.134.255
213.209.136.0/24
213.209.138.0/24
213.209.144.0/24
213.209.156.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
8a:a9:7c:e9:e5:73:2d:95:18:c3:9e:0e:60:eb:62:1c:8c:ee:
31:8a:b6:96:46:fa:0b:8a:a8:78:38:c0:91:ce:d5:36:6f:23:
75:03:8e:b5:66:02:bb:e2:bf:2b:98:40:5b:aa:fc:81:57:09:
79:3c:ff:5e:f9:27:92:7a:98:39:c4:44:76:e7:9c:b5:56:66:
b6:36:dd:af:bb:b4:d0:91:17:4a:fe:05:d1:a0:51:a1:7d:0b:
22:04:90:da:a1:8e:7a:ce:0a:65:97:4d:1d:6d:6e:76:9a:b4:
dd:33:96:03:2c:e1:9b:50:bf:3e:93:d5:a6:42:c9:b7:99:07:
ea:86:7f:23:1b:b2:bb:fb:78:c3:38:2b:d5:fc:dc:7c:64:50:
76:56:b3:fa:ce:19:51:df:c4:16:de:7d:f3:4e:cf:17:71:49:
b0:44:92:17:24:c5:b2:78:9b:63:fd:30:40:f3:73:7a:8d:5a:
3c:e6:60:17:a3:67:72:40:d0:0c:2b:1a:f8:bc:a5:f5:c5:27:
63:49:07:1a:40:77:a3:12:21:c9:61:9a:43:b4:24:28:5d:a8:
1a:9a:c4:55:4b:fe:6a:be:a6:b7:d3:19:5d:3e:3f:f9:d3:6d:
e4:6a:1a:a0:9e:3c:79:9c:2a:2c:68:80:e0:aa:17:70:cf:58:
03:ec:c1:a3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIECVbxwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUy
ODE5Mjc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY5MzllZDE3MGM4
NzQ0NWYyYTQyN2I3Mjk2OWFiODBmODRhNDlmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANe3gyv+Xph5hdWCsatxiU8RRYn6CZxThjsr93Ds6g3nGdNl
PJKXPcHKCXMpt0HNfdeRPy6RWQc5zQG6UhY8JbXRXADg/8WxTejNSLz/jZjtNy6V
k5LKGKCaJ55rRzhUWyYAv3X8xFH9Fo1Qn38S/mCWOUUjMHkvh5COG4z0DZD74jkg
u0zCmIh89htbFmfhJ/P3aER4DKO75FlNmaZHp9b4vfT9Okg8IYSHiTurfmzOA8Ev
O3KBcoFwYVUGD6blErMhV7VsKmrT2LC1ZiejXn2aPG/kTYOSMjV8U0bMLuLnSlRw
0n52Foo06vBiv+k1ahaxVpyQJUYl6IjGSwVHeaECAwEAAaOCAp4wggKaMB0GA1Ud
DgQWBBTGk57RcMh0RfKkJ7cpaauA+EpJ/zAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3hwT2UwWERJZEVYeXBDZTNLV21yZ1BoS1NmOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
swYIKwYBBQUHAQcBAf8EgaMwgaAwgYcEAgABMIGAMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqdAwQATVqkAwQATVqy
AwQATVq1AwQATVq/AwQAueYNAwQA1dGCMAwDBADV0YUDBADV0YYDBADV0YgDBADV
0YoDBADV0ZADBADV0ZwwFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEB
CwUAA4IBAQCKqXzp5XMtlRjDng5g62IcjO4xiraWRvoLiqh4OMCRztU2byN1A461
ZgK74r8rmEBbqvyBVwl5PP9e+SeSepg5xER255y1Vma2Nt2vu7TQkRdK/gXRoFGh
fQsiBJDaoY56zgpll00dbW52mrTdM5YDLOGbUL8+k9WmQsm3mQfqhn8jG7K7+3jD
OCvV/Nx8ZFB2VrP6zhlR38QW3n3zTs8XcUmwRJIXJMWyeJtj/TBA83N6jVo85mAX
o2dyQNAMKxr4vKX1xSdjSQcaQHejEiHJYZpDtCQoXagamsRVS/5qvqa30xldPj/5
023kahqgnjx5nCosaIDgqhdwz1gD7MGj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:06 2024 by rpki-client on console-fra.rpki-client.org