Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/4qIfNvZ7vy1GVQUyhgNKavIhGSs.roa
File: 4qIfNvZ7vy1GVQUyhgNKavIhGSs.roa (raw, json)
Hash identifier: zggEwHqsBNVDomj/b/wUeuqnuIWa0b1EmLadPHb4vpw=
Subject key identifier: E2:A2:1F:36:F6:7B:BF:2D:46:55:05:32:86:03:4A:6A:F2:21:19:2B
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0185535FC266B48AD3A8EF8EF572240A206D
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/4qIfNvZ7vy1GVQUyhgNKavIhGSs.roa
Signing time: Tue 27 Dec 2022 11:37:42 +0000
ROA not before: Tue 27 Dec 2022 11:37:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 77.36.120.0/21 maxlen: 21
185.55.4.0/22 maxlen: 23
176.112.80.0/22 maxlen: 22
176.103.240.0/21 maxlen: 22
178.159.144.0/22 maxlen: 24
176.113.184.0/21 maxlen: 24
93.120.120.0/22 maxlen: 24
81.161.0.0/22 maxlen: 22
185.55.140.0/22 maxlen: 22
185.55.140.0/23 maxlen: 23
185.55.142.0/23 maxlen: 23
64.43.112.0/22 maxlen: 22
31.131.8.0/22 maxlen: 22
176.110.216.0/22 maxlen: 22
176.110.216.0/21 maxlen: 21
64.43.124.0/22 maxlen: 22
176.110.220.0/22 maxlen: 22
176.102.120.0/21 maxlen: 21
176.102.120.0/22 maxlen: 22
176.102.124.0/22 maxlen: 22
193.36.204.0/22 maxlen: 22
176.96.88.0/22 maxlen: 22
109.207.136.0/22 maxlen: 22
176.96.48.0/21 maxlen: 24
176.116.232.0/22 maxlen: 22
91.246.176.0/21 maxlen: 21
176.111.160.0/22 maxlen: 24
93.120.12.0/22 maxlen: 22
46.173.240.0/21 maxlen: 21
93.120.16.0/21 maxlen: 21
178.212.184.0/22 maxlen: 22
178.212.184.0/21 maxlen: 21
178.212.188.0/22 maxlen: 22
91.233.0.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:53:5f:c2:66:b4:8a:d3:a8:ef:8e:f5:72:24:0a:20:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Dec 27 11:37:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2a21f36f67bbf2d4655053286034a6af221192b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:82:68:c8:04:c1:3c:26:11:43:b4:4e:3d:21:
50:78:ca:d0:bf:7f:bc:00:06:06:11:b2:88:97:f4:
fb:97:c9:44:bf:7d:c6:9f:b4:10:71:fb:7b:2b:f6:
c8:f1:18:f8:b7:4c:1f:c6:a6:f3:a9:7a:5d:90:53:
d6:49:14:0c:27:e9:d8:29:f6:57:9c:0f:d4:6b:87:
33:19:6b:44:c9:e0:71:7b:fb:a4:c9:06:3a:7a:56:
3b:9b:3d:b5:68:fd:c3:bf:25:d2:73:d3:e2:29:ca:
b3:c1:b2:81:5f:c5:c4:e7:c6:b1:6f:c0:f4:62:eb:
ac:b6:f7:c7:46:57:87:3a:ed:3e:ed:0c:65:12:20:
aa:40:06:f1:99:ca:0a:a4:63:c7:43:98:53:73:eb:
a4:4f:3a:23:8d:b9:d9:2a:58:1f:11:a4:16:38:e4:
25:55:84:61:32:15:08:24:1a:68:9e:37:59:05:9c:
49:12:ab:fb:75:2a:0c:45:a7:fc:ac:33:30:33:9d:
30:5d:61:14:ea:f7:67:95:fc:7f:10:11:cd:67:c7:
21:33:f3:e8:cb:da:25:0b:3b:7f:b1:7b:36:dd:e1:
09:05:ed:33:0f:0b:92:c0:d5:7b:ad:de:ed:9d:9e:
d7:b0:29:24:ce:2d:83:a3:50:06:a3:c2:ed:db:87:
85:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A2:1F:36:F6:7B:BF:2D:46:55:05:32:86:03:4A:6A:F2:21:19:2B
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/4qIfNvZ7vy1GVQUyhgNKavIhGSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.8.0/22
46.173.240.0/21
64.43.112.0/22
64.43.124.0/22
77.36.120.0/21
81.161.0.0/22
91.233.0.0/23
91.246.176.0/21
93.120.12.0-93.120.23.255
93.120.120.0/22
109.207.136.0/22
176.96.48.0/21
176.96.88.0/22
176.102.120.0/21
176.103.240.0/21
176.110.216.0/21
176.111.160.0/22
176.112.80.0/22
176.113.184.0/21
176.116.232.0/22
178.159.144.0/22
178.212.184.0/21
185.55.4.0/22
185.55.140.0/22
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
75:a8:55:db:96:c9:50:4d:84:ca:e5:27:8c:94:ca:84:91:6b:
bc:27:f8:43:c3:87:14:f6:33:84:e5:0d:11:d6:88:38:3f:a6:
0b:86:63:b6:a3:eb:74:a0:b9:4e:45:bb:c4:97:74:9f:ac:a4:
f0:d4:a5:29:a8:3c:b4:1f:1b:fa:ac:95:39:f7:bb:95:9b:7a:
e1:7e:37:33:f7:bf:41:85:4d:76:4a:25:9e:3d:fa:47:e7:f1:
e3:f8:86:e7:ea:cd:f4:7a:34:0d:d7:b4:2f:98:b6:98:33:c8:
53:b9:1d:12:95:48:77:ff:98:24:62:63:a8:3e:49:5d:54:25:
bc:7d:20:29:47:b0:f2:a2:80:e2:d4:06:51:de:15:2e:ff:44:
e5:c9:af:19:30:f7:3f:e7:68:d9:2c:87:c9:f1:e1:51:82:79:
14:53:8b:3f:c0:e5:d5:4f:44:e4:b7:a4:22:88:18:05:20:fc:
8c:95:83:ee:66:26:c8:57:91:21:32:1f:60:c7:0f:25:1a:82:
5c:3e:0c:46:a7:87:52:b6:23:a4:2c:24:f9:e1:cc:9e:c1:3c:
bb:1e:51:d1:8e:df:1b:8f:a8:db:af:44:83:21:ab:bf:cd:07:
3f:c9:4f:ba:d8:a7:cd:2a:52:ee:cd:bb:ef:4b:37:43:cf:62:
c0:0d:1b:c4
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYVTX8JmtIrTqO+O9XIkCiBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMjI3MTEzNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmEyMWYzNmY2N2JiZjJkNDY1NTA1MzI4NjAzNGE2YWYyMjExOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoJoyATBPCYRQ7ROPSFQeMrQv3+8
AAYGEbKIl/T7l8lEv33Gn7QQcft7K/bI8Rj4t0wfxqbzqXpdkFPWSRQMJ+nYKfZX
nA/Ua4czGWtEyeBxe/ukyQY6elY7mz21aP3DvyXSc9PiKcqzwbKBX8XE58axb8D0
YuustvfHRleHOu0+7QxlEiCqQAbxmcoKpGPHQ5hTc+ukTzojjbnZKlgfEaQWOOQl
VYRhMhUIJBponjdZBZxJEqv7dSoMRaf8rDMwM50wXWEU6vdnlfx/EBHNZ8chM/Po
y9olCzt/sXs23eEJBe0zDwuSwNV7rd7tnZ7XsCkkzi2Do1AGo8Lt24eF6QIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFOKiHzb2e78tRlUFMoYDSmryIRkrMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvNHFJZk52Wjd2eTFHVlFVeWhnTkthdkloR1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAIf
gwgDBAMurfADBAJAK3ADBAJAK3wDBANNJHgDBAJRoQADBAFb6QADBANb9rAwDAME
Al14DAMEA114EAMEAl14eAMEAm3PiAMEA7BgMAMEArBgWAMEA7BmeAMEA7Bn8AME
A7Bu2AMEArBvoAMEArBwUAMEA7BxuAMEArB06AMEArKfkAMEA7LUuAMEArk3BAME
Ark3jAMEAsEkzDANBgkqhkiG9w0BAQsFAAOCAQEAdahV25bJUE2EyuUnjJTKhJFr
vCf4Q8OHFPYzhOUNEdaIOD+mC4ZjtqPrdKC5TkW7xJd0n6yk8NSlKag8tB8b+qyV
Ofe7lZt64X43M/e/QYVNdkolnj36R+fx4/iG5+rN9Ho0Dde0L5i2mDPIU7kdEpVI
d/+YJGJjqD5JXVQlvH0gKUew8qKA4tQGUd4VLv9E5cmvGTD3P+do2SyHyfHhUYJ5
FFOLP8Dl1U9E5LekIogYBSD8jJWD7mYmyFeRITIfYMcPJRqCXD4MRqeHUrYjpCwk
+eHMnsE8ux5R0Y7fG4+o269EgyGrv80HP8lPutinzSpS7s2770s3Q89iwA0bxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:47 2024 by rpki-client on console-ams.rpki-client.org