Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/2Hi4BHuTMxUAqK-kgDASCtHOt4U.roa
File: 2Hi4BHuTMxUAqK-kgDASCtHOt4U.roa (raw, json)
Hash identifier: kOJEmt+3VzdyyEOgV9QnYhentaRsEfDXtVMRdMIW680=
Subject key identifier: D8:78:B8:04:7B:93:33:15:00:A8:AF:A4:80:30:12:0A:D1:CE:B7:85
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1D8262D2
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/2Hi4BHuTMxUAqK-kgDASCtHOt4U.roa
Signing time: Mon 30 May 2022 12:34:13 +0000
ROA not before: Mon 30 May 2022 12:34:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211306
IP address blocks: 77.36.2.0/23 maxlen: 23
77.36.4.0/24 maxlen: 24
77.36.56.0/24 maxlen: 24
77.232.216.0/23 maxlen: 23
77.36.54.0/23 maxlen: 23
77.232.218.0/24 maxlen: 24
91.237.49.0/24 maxlen: 24
93.120.44.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 495084242 (0x1d8262d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 30 12:34:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d878b8047b93331500a8afa48030120ad1ceb785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b4:60:25:a6:e6:51:7f:26:0a:3f:88:d4:2a:
0d:0c:cb:37:ab:9b:4e:45:72:20:e6:a1:d7:c5:31:
60:fa:c7:a8:84:73:46:f8:d9:0e:f0:3f:5b:f0:b9:
58:22:f0:ee:c8:61:01:e5:d9:00:fd:43:fa:ac:8b:
b6:40:e9:a7:93:5a:81:a2:3d:7a:2a:5e:03:78:1d:
23:f7:df:41:c8:e3:ab:e6:8e:89:49:7a:6a:f2:04:
42:a9:4b:9d:a8:f5:ba:dd:e8:ea:b1:22:e1:b5:83:
01:c0:59:08:20:ab:77:1a:eb:3c:b0:1f:c1:5f:2e:
13:40:bf:59:32:ee:6d:1d:30:75:e2:4a:3d:91:66:
08:e0:d5:e3:32:38:05:d7:d7:68:91:0e:d0:bf:e1:
3b:cb:46:a1:a1:8b:2c:68:61:0a:2a:2a:0d:24:c7:
95:a8:7a:5f:ee:a8:09:d0:d0:9f:e2:c1:0c:19:71:
78:5f:1b:ed:97:84:7e:7e:37:65:4a:fa:34:ac:3f:
25:e8:46:8e:74:47:32:d1:b4:79:5f:b1:ed:5e:96:
5c:e0:dd:7d:e2:c4:f7:c3:b5:f1:09:f7:9e:34:80:
b8:54:b6:c7:18:d9:0f:c2:f6:ca:3b:86:56:55:9e:
b0:3b:7a:4b:4a:e3:4b:26:36:65:16:14:3c:54:4c:
ca:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:78:B8:04:7B:93:33:15:00:A8:AF:A4:80:30:12:0A:D1:CE:B7:85
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/2Hi4BHuTMxUAqK-kgDASCtHOt4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.2.0-77.36.4.255
77.36.54.0-77.36.56.255
77.232.216.0-77.232.218.255
91.237.49.0/24
93.120.44.0/23
Signature Algorithm: sha256WithRSAEncryption
18:91:9f:9b:24:c4:fb:9b:8f:3d:b4:44:dc:92:4b:df:2c:b6:
d2:f7:ab:41:1c:60:90:a5:c6:6f:67:bd:27:d8:0a:32:4c:42:
1b:30:ae:cf:04:0c:34:38:b5:bc:a1:44:b2:ac:fd:fe:c5:2a:
e6:6c:19:a4:3a:01:e4:fb:f5:f4:a5:46:64:ff:9b:a9:e3:3f:
98:cb:42:65:3d:b4:e4:25:a0:16:99:98:ee:3d:4c:a0:b3:00:
55:8a:68:64:13:a6:be:94:da:28:4b:eb:82:31:24:70:12:1c:
53:28:e9:fc:25:5d:ae:37:14:1d:b6:55:db:ac:50:ec:ab:4f:
f6:3a:d6:d0:6d:d2:8c:33:5c:a9:f6:88:8c:04:8f:9f:db:73:
e8:07:bf:56:57:bb:33:dd:83:3c:59:0c:a5:e9:19:50:8f:ba:
95:f7:df:1a:6f:ee:f2:4d:b6:f5:07:4a:3c:32:55:32:0b:5f:
2f:ed:32:8f:80:ec:f0:6f:35:1c:97:e5:07:db:97:e0:a0:cc:
41:fa:ee:c3:e1:b8:01:3f:62:79:67:a3:e1:58:95:fe:c8:51:
b4:70:9a:e6:b9:66:71:e3:a9:00:81:10:c6:37:d5:a4:3e:9b:
aa:61:17:45:9d:aa:db:63:dc:fa:14:d3:f5:3e:da:c0:91:af:
3c:fb:d9:ba
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEHYJi0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDUz
MDEyMzQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDg3OGI4MDQ3Yjkz
MzMxNTAwYThhZmE0ODAzMDEyMGFkMWNlYjc4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKa0YCWm5lF/Jgo/iNQqDQzLN6ubTkVyIOah18UxYPrHqIRz
RvjZDvA/W/C5WCLw7shhAeXZAP1D+qyLtkDpp5NagaI9eipeA3gdI/ffQcjjq+aO
iUl6avIEQqlLnaj1ut3o6rEi4bWDAcBZCCCrdxrrPLAfwV8uE0C/WTLubR0wdeJK
PZFmCODV4zI4BdfXaJEO0L/hO8tGoaGLLGhhCioqDSTHlah6X+6oCdDQn+LBDBlx
eF8b7ZeEfn43ZUr6NKw/JehGjnRHMtG0eV+x7V6WXODdfeLE98O18Qn3njSAuFS2
xxjZD8L2yjuGVlWesDt6S0rjSyY2ZRYUPFRMyoECAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTYeLgEe5MzFQCor6SAMBIK0c63hTAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
LzJIaTRCSHVUTXhVQXFLLWtnREFTQ3RIT3Q0VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNjAMAwQBTSQCAwQATSQEMAwDBAFNJDYD
BABNJDgwDAMEA03o2AMEAE3o2gMEAFvtMQMEAV14LDANBgkqhkiG9w0BAQsFAAOC
AQEAGJGfmyTE+5uPPbRE3JJL3yy20verQRxgkKXGb2e9J9gKMkxCGzCuzwQMNDi1
vKFEsqz9/sUq5mwZpDoB5Pv19KVGZP+bqeM/mMtCZT205CWgFpmY7j1MoLMAVYpo
ZBOmvpTaKEvrgjEkcBIcUyjp/CVdrjcUHbZV26xQ7KtP9jrW0G3SjDNcqfaIjASP
n9tz6Ae/Vle7M92DPFkMpekZUI+6lfffGm/u8k229QdKPDJVMgtfL+0yj4Ds8G81
HJflB9uX4KDMQfruw+G4AT9ieWej4ViV/shRtHCa5rlmceOpAIEQxjfVpD6bqmEX
RZ2q22Pc+hTT9T7awJGvPPvZug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:56 2024 by rpki-client on console-fra.rpki-client.org