Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/P_NCuis0vxqn5gjokzxMpdPqKGk.roa
File: P_NCuis0vxqn5gjokzxMpdPqKGk.roa (raw, json)
Hash identifier: 20/hmmfuRdX2IUhZ4vZJYdAmGF/hauRcz2aEWgVLOSk=
Subject key identifier: 3F:F3:42:BA:2B:34:BF:1A:A7:E6:08:E8:93:3C:4C:A5:D3:EA:28:69
Certificate issuer: /CN=0350df78fc785813724ec66648df9b494f9b8da7
Certificate serial: 01744958
Authority key identifier: 03:50:DF:78:FC:78:58:13:72:4E:C6:66:48:DF:9B:49:4F:9B:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1DfePx4WBNyTsZmSN-bSU-bjac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/P_NCuis0vxqn5gjokzxMpdPqKGk.roa
Signing time: Sat 01 Jan 2022 07:53:44 +0000
ROA not before: Sat 01 Jan 2022 07:53:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59905
IP address blocks: 185.92.125.0/24 maxlen: 24
185.92.126.0/24 maxlen: 24
185.92.127.0/24 maxlen: 24
91.220.77.0/24 maxlen: 24
185.49.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24398168 (0x1744958)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0350df78fc785813724ec66648df9b494f9b8da7
Validity
Not Before: Jan 1 07:53:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ff342ba2b34bf1aa7e608e8933c4ca5d3ea2869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1a:b0:32:d1:74:4b:6c:29:e8:a8:f0:d1:9e:
a5:e7:22:4e:0d:d2:78:6d:04:ae:83:24:4b:94:16:
73:20:c9:7b:12:e2:74:b8:1f:78:3c:cb:6e:5d:8d:
ac:56:66:95:09:ea:69:bc:6f:9c:6f:da:20:73:86:
0b:41:ae:fa:4a:c3:c6:4d:5f:aa:6f:e2:a8:2f:b8:
f1:e6:28:f9:6b:b8:32:7c:dc:91:b3:71:1f:d4:7d:
a8:6c:84:e3:33:91:9f:40:7c:3c:9c:49:bb:f3:07:
ba:eb:6a:20:19:a3:08:bc:80:6d:5e:5b:50:9d:9e:
e1:83:6f:99:36:af:4f:83:11:d7:13:b1:2d:55:9e:
29:16:96:83:6a:79:9c:c4:c0:ac:b6:90:04:c7:d2:
fb:87:72:a9:53:58:02:63:ab:64:81:f8:35:04:35:
8b:00:a1:f3:e4:0c:64:8e:bf:25:ea:42:08:36:da:
cf:c7:1f:ff:bd:8e:9b:c5:58:1e:be:99:50:d5:47:
58:9c:db:7f:80:4d:89:55:fa:35:3a:28:69:95:f4:
2e:71:34:8f:bd:1a:07:c0:cd:e0:d5:e4:28:89:07:
0f:3b:43:e5:c2:e1:82:8e:85:90:7a:00:ef:8c:0f:
78:9a:b5:54:ad:c9:df:31:c9:4e:21:8a:75:d6:90:
47:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F3:42:BA:2B:34:BF:1A:A7:E6:08:E8:93:3C:4C:A5:D3:EA:28:69
X509v3 Authority Key Identifier:
keyid:03:50:DF:78:FC:78:58:13:72:4E:C6:66:48:DF:9B:49:4F:9B:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1DfePx4WBNyTsZmSN-bSU-bjac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/P_NCuis0vxqn5gjokzxMpdPqKGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/A1DfePx4WBNyTsZmSN-bSU-bjac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.77.0/24
185.49.220.0/22
185.92.125.0-185.92.127.255
Signature Algorithm: sha256WithRSAEncryption
35:f2:18:80:9e:c9:9b:0f:3b:bf:d2:2d:56:52:11:65:db:80:
26:c1:54:ae:c3:dc:5d:56:b5:81:69:1a:cf:e7:86:77:f1:f2:
fa:e2:a4:80:d3:1c:a4:c8:60:86:84:ac:fe:ff:c0:57:e0:55:
fc:db:4e:af:73:79:ee:62:53:9e:96:58:3f:ec:47:ae:e6:e3:
ca:83:79:ac:4b:be:01:d4:d8:a1:56:1c:fd:53:8d:a2:9c:cf:
3e:5f:fd:d1:ad:8d:be:a2:f1:5d:ee:33:06:f5:58:63:22:e5:
7c:e2:fc:78:5d:cb:a8:80:6d:e1:cb:30:06:85:60:c6:ae:54:
6d:5a:e4:c9:43:d9:6f:ad:ae:2c:65:84:17:c7:ed:50:9a:8e:
a4:d2:d6:a5:1f:11:ff:28:de:71:f0:39:c4:e3:6f:73:b0:41:
7e:8e:44:34:78:a2:92:40:98:29:07:3d:de:bd:b2:89:ff:64:
f5:3a:08:ff:3f:7d:2d:34:b4:11:2a:ae:d9:2c:50:b9:20:15:
84:d9:c6:27:da:7a:40:20:17:d9:8c:8e:d0:5a:51:42:cf:9d:
9f:45:c6:94:86:d4:44:e9:af:d0:59:dd:0b:d5:a9:18:2e:7a:
7e:c3:00:a9:a3:6a:4e:2d:47:60:fa:67:39:5b:25:50:81:97:
95:7d:5d:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEAXRJWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzUwZGY3OGZjNzg1ODEzNzI0ZWM2NjY0OGRmOWI0OTRmOWI4ZGE3MB4XDTIyMDEw
MTA3NTM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZmMzQyYmEyYjM0
YmYxYWE3ZTYwOGU4OTMzYzRjYTVkM2VhMjg2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgasDLRdEtsKeio8NGepeciTg3SeG0EroMkS5QWcyDJexLi
dLgfeDzLbl2NrFZmlQnqabxvnG/aIHOGC0Gu+krDxk1fqm/iqC+48eYo+Wu4Mnzc
kbNxH9R9qGyE4zORn0B8PJxJu/MHuutqIBmjCLyAbV5bUJ2e4YNvmTavT4MR1xOx
LVWeKRaWg2p5nMTArLaQBMfS+4dyqVNYAmOrZIH4NQQ1iwCh8+QMZI6/JepCCDba
z8cf/72Om8VYHr6ZUNVHWJzbf4BNiVX6NTooaZX0LnE0j70aB8DN4NXkKIkHDztD
5cLhgo6FkHoA74wPeJq1VK3J3zHJTiGKddaQR18CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBQ/80K6KzS/GqfmCOiTPEyl0+ooaTAfBgNVHSMEGDAWgBQDUN94/HhYE3JO
xmZI35tJT5uNpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ExRGZlUHg0V0JOeVRzWm1TTi1iU1UtYmphYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvYWI1ODZlLTRiMmEtNDdmNi1hY2U4LWQyOTJhYjdjZTlmYS8x
L1BfTkN1aXMwdnhxbjVnam9renhNcGRQcUtHay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
YWI1ODZlLTRiMmEtNDdmNi1hY2U4LWQyOTJhYjdjZTlmYS8xL0ExRGZlUHg0V0JO
eVRzWm1TTi1iU1UtYmphYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAFvcTQMEArkx3DAMAwQAuVx9AwQH
uVwAMA0GCSqGSIb3DQEBCwUAA4IBAQA18hiAnsmbDzu/0i1WUhFl24AmwVSuw9xd
VrWBaRrP54Z38fL64qSA0xykyGCGhKz+/8BX4FX8206vc3nuYlOellg/7Eeu5uPK
g3msS74B1NihVhz9U42inM8+X/3RrY2+ovFd7jMG9VhjIuV84vx4XcuogG3hyzAG
hWDGrlRtWuTJQ9lvra4sZYQXx+1Qmo6k0talHxH/KN5x8DnE429zsEF+jkQ0eKKS
QJgpBz3evbKJ/2T1Ogj/P30tNLQRKq7ZLFC5IBWE2cYn2npAIBfZjI7QWlFCz52f
RcaUhtRE6a/QWd0L1akYLnp+wwCpo2pOLUdg+mc5WyVQgZeVfV3G
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:50 2024 by rpki-client on console-ams.rpki-client.org