Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7NN3qvWk-dX6c23sJbRHkVBVjLg.roa
File: 7NN3qvWk-dX6c23sJbRHkVBVjLg.roa (raw, json)
Hash identifier: e9PYPWJoLX0942OYW6+6PFlXeBxaP3SawqeZD8+VXxI=
Subject key identifier: EC:D3:77:AA:F5:A4:F9:D5:FA:73:6D:EC:25:B4:47:91:50:55:8C:B8
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 15486BA9
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7NN3qvWk-dX6c23sJbRHkVBVjLg.roa
Signing time: Sat 04 Jun 2022 10:42:20 +0000
ROA not before: Sat 04 Jun 2022 10:42:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35346
IP address blocks: 91.242.108.0/22 maxlen: 22
193.37.200.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
91.242.112.0/21 maxlen: 24
194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
45.67.116.0/24 maxlen: 24
91.242.64.0/18 maxlen: 24
2a07:5540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 357067689 (0x15486ba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 4 10:42:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ecd377aaf5a4f9d5fa736dec25b4479150558cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ff:56:75:1a:3f:8e:b1:fc:8f:83:a0:7e:66:
b9:cb:55:95:6f:f7:4b:34:62:fc:b9:e1:cb:3b:03:
a5:2c:ae:d3:5c:b1:78:11:d3:3c:d0:2c:02:9f:2f:
0f:59:a5:59:41:49:69:68:e8:56:e8:26:11:9f:c3:
18:40:45:fc:b7:f7:cd:7c:72:fd:52:46:75:10:c7:
19:d6:71:83:8c:8e:2c:40:57:19:34:45:17:74:32:
d5:77:4b:8a:f3:78:fb:bb:df:a5:5c:9d:db:01:76:
59:87:13:36:82:f6:dd:aa:52:a2:eb:cc:a2:c5:b9:
74:e2:ac:b5:03:53:74:f6:87:0e:ec:b2:6d:d8:b7:
65:84:97:81:d0:4f:b3:05:d6:a5:70:1a:4f:99:f1:
f7:e0:58:81:7a:a0:e5:d3:eb:63:bb:55:fa:a1:9c:
46:3a:fb:1c:9b:ea:82:83:6f:75:e8:bf:03:07:d7:
72:7b:c1:9d:17:7a:a2:67:e3:62:c3:0f:59:d4:cb:
7b:dd:f3:48:5d:e2:3e:76:32:91:b1:9b:09:f3:2f:
92:c1:94:37:31:a0:0c:d4:93:7e:24:f2:5a:90:59:
ac:89:71:f1:cb:1c:93:fa:7f:8e:38:03:48:b7:0e:
9f:de:0b:91:36:da:7e:9e:4a:84:2d:b0:6f:95:f0:
9b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D3:77:AA:F5:A4:F9:D5:FA:73:6D:EC:25:B4:47:91:50:55:8C:B8
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7NN3qvWk-dX6c23sJbRHkVBVjLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
193.37.200.0/22
194.114.144.0/24
IPv6:
2a07:5540::/29
Signature Algorithm: sha256WithRSAEncryption
05:f5:41:ee:af:c9:e3:fd:43:81:2b:96:31:2a:16:e2:76:d6:
0b:dd:df:b7:52:6d:2d:ca:4f:6d:20:03:b0:f3:5b:2a:2a:be:
b9:f3:e0:52:19:cd:d3:09:4c:89:79:1b:c4:80:51:28:96:a6:
a3:f5:be:fb:9e:ae:44:eb:bb:9c:2e:79:6e:99:59:6c:27:1d:
57:50:72:ff:10:43:d3:d6:c9:e7:1d:67:dd:fd:e3:f1:ed:1b:
ec:f8:84:e0:fa:91:6e:97:95:83:d0:61:17:de:df:89:fc:38:
ed:57:cd:64:df:b7:8e:d2:e2:b4:79:a4:24:4f:76:89:bd:37:
36:7e:5e:8a:69:75:3d:0e:a4:8f:9c:31:4c:25:4c:10:d5:d0:
8e:8e:86:60:8c:8e:a0:37:38:d5:dc:6e:ad:62:6a:18:52:e1:
01:2b:02:6e:e0:8d:82:9e:64:6d:0c:2a:c4:9a:68:55:7e:ca:
8f:6b:78:ea:8e:a7:a6:4c:a9:2a:39:f2:fa:de:74:62:1e:18:
94:3a:18:08:82:4c:00:e3:51:36:f0:82:c6:49:80:d4:11:9a:
90:af:45:1c:a2:7e:81:46:37:f8:30:ef:33:4a:94:62:6d:a4:
1f:32:a7:7b:08:32:25:24:a2:cf:b2:74:ce:b2:4c:68:a1:f6:
9a:d8:cf:93
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEFUhrqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDYw
NDEwNDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNkMzc3YWFmNWE0
ZjlkNWZhNzM2ZGVjMjViNDQ3OTE1MDU1OGNiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALH/VnUaP46x/I+DoH5muctVlW/3SzRi/LnhyzsDpSyu01yx
eBHTPNAsAp8vD1mlWUFJaWjoVugmEZ/DGEBF/Lf3zXxy/VJGdRDHGdZxg4yOLEBX
GTRFF3Qy1XdLivN4+7vfpVyd2wF2WYcTNoL23apSouvMosW5dOKstQNTdPaHDuyy
bdi3ZYSXgdBPswXWpXAaT5nx9+BYgXqg5dPrY7tV+qGcRjr7HJvqgoNvdei/AwfX
cnvBnRd6omfjYsMPWdTLe93zSF3iPnYykbGbCfMvksGUNzGgDNSTfiTyWpBZrIlx
8csck/p/jjgDSLcOn94LkTbafp5KhC2wb5XwmykCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTs03eq9aT51fpzbewltEeRUFWMuDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
LzdOTjNxdldrLWRYNmMyM3NKYlJIa1ZCVmpMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAC1DdAMEBlvyQAMEAsElyAMEAMJy
kDANBAIAAjAHAwUDKgdVQDANBgkqhkiG9w0BAQsFAAOCAQEABfVB7q/J4/1DgSuW
MSoW4nbWC93ft1JtLcpPbSADsPNbKiq+ufPgUhnN0wlMiXkbxIBRKJamo/W++56u
ROu7nC55bplZbCcdV1By/xBD09bJ5x1n3f3j8e0b7PiE4PqRbpeVg9BhF97fifw4
7VfNZN+3jtLitHmkJE92ib03Nn5eiml1PQ6kj5wxTCVMENXQjo6GYIyOoDc41dxu
rWJqGFLhASsCbuCNgp5kbQwqxJpoVX7Kj2t46o6npkypKjny+t50Yh4YlDoYCIJM
AONRNvCCxkmA1BGakK9FHKJ+gUY3+DDvM0qUYm2kHzKnewgyJSSiz7J0zrJMaKH2
mtjPkw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-fra.rpki-client.org