Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5gIks2iucGMubscM-K1z3Gm5tOY.roa
File: 5gIks2iucGMubscM-K1z3Gm5tOY.roa (raw, json)
Hash identifier: /eSPqkZJY7/+bsqr+NkVmYDvP5aUw1br7L6K6AvKDBI=
Subject key identifier: E6:02:24:B3:68:AE:70:63:2E:6E:C7:0C:F8:AD:73:DC:69:B9:B4:E6
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1C353C87
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5gIks2iucGMubscM-K1z3Gm5tOY.roa
Signing time: Fri 25 Feb 2022 08:54:43 +0000
ROA not before: Fri 25 Feb 2022 08:54:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 77.36.120.0/21 maxlen: 21
185.55.4.0/22 maxlen: 23
176.112.80.0/22 maxlen: 22
176.103.240.0/21 maxlen: 22
46.151.32.0/22 maxlen: 24
178.159.144.0/22 maxlen: 24
176.113.184.0/21 maxlen: 24
93.120.120.0/22 maxlen: 24
81.161.0.0/22 maxlen: 22
176.116.32.0/21 maxlen: 21
185.55.140.0/22 maxlen: 22
185.55.140.0/23 maxlen: 23
185.55.142.0/23 maxlen: 23
31.131.8.0/22 maxlen: 22
176.110.216.0/22 maxlen: 22
176.110.216.0/21 maxlen: 21
176.110.220.0/22 maxlen: 22
176.102.120.0/21 maxlen: 21
176.102.120.0/22 maxlen: 22
176.102.124.0/22 maxlen: 22
176.96.88.0/22 maxlen: 22
109.207.136.0/22 maxlen: 22
176.96.48.0/21 maxlen: 24
176.116.232.0/22 maxlen: 22
91.246.176.0/21 maxlen: 21
93.120.12.0/22 maxlen: 22
46.173.240.0/21 maxlen: 21
93.120.16.0/21 maxlen: 21
176.111.160.0/22 maxlen: 24
178.212.184.0/22 maxlen: 22
178.212.184.0/21 maxlen: 21
178.212.188.0/22 maxlen: 22
91.233.0.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 473250951 (0x1c353c87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Feb 25 08:54:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e60224b368ae70632e6ec70cf8ad73dc69b9b4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:53:58:bd:95:13:d2:2d:48:5b:41:04:21:23:
52:97:ca:14:d5:43:a7:7a:09:cc:76:52:70:af:2b:
9f:91:19:a6:85:75:52:ff:31:20:46:a8:b8:04:99:
5c:b3:8e:f4:7e:d0:5b:5e:22:0a:32:1c:eb:54:ca:
e9:3d:e6:c6:12:84:c1:15:32:07:68:d9:2e:c5:8b:
37:1a:5e:56:8e:e4:ee:ad:62:b9:2e:3c:54:05:07:
51:cd:3b:17:c5:61:6e:f1:9f:43:3d:02:6e:06:b9:
bb:f9:5a:40:cb:03:59:da:9a:2a:a9:cb:9f:9c:9e:
5f:1c:72:cd:ef:d6:02:32:13:77:e9:ad:f4:6f:e6:
4e:62:b6:53:44:4f:2c:a8:72:bc:8e:a9:96:63:b4:
9b:f6:2d:7b:a5:98:11:0a:52:46:f7:33:fc:22:b3:
33:bc:55:40:32:fe:00:02:68:d3:af:fe:a8:50:0b:
7f:1f:e1:3c:ab:dd:ab:53:bf:8d:b3:10:e5:ee:d5:
a0:ba:ce:ff:d6:b2:f5:3e:65:10:2a:ce:70:d9:f6:
ae:a9:92:63:83:57:66:2b:c8:f0:19:40:11:84:e0:
7c:df:5f:f4:25:29:5e:ec:99:3a:d6:86:b9:52:30:
3e:73:57:2a:5e:c1:78:c5:6a:e9:57:62:5d:d5:5a:
0f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:02:24:B3:68:AE:70:63:2E:6E:C7:0C:F8:AD:73:DC:69:B9:B4:E6
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5gIks2iucGMubscM-K1z3Gm5tOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.8.0/22
46.151.32.0/22
46.173.240.0/21
77.36.120.0/21
81.161.0.0/22
91.233.0.0/23
91.246.176.0/21
93.120.12.0-93.120.23.255
93.120.120.0/22
109.207.136.0/22
176.96.48.0/21
176.96.88.0/22
176.102.120.0/21
176.103.240.0/21
176.110.216.0/21
176.111.160.0/22
176.112.80.0/22
176.113.184.0/21
176.116.32.0/21
176.116.232.0/22
178.159.144.0/22
178.212.184.0/21
185.55.4.0/22
185.55.140.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:bc:07:df:34:13:d4:df:1b:72:86:62:25:71:96:a1:a5:8b:
00:be:41:0d:6b:0b:61:64:03:36:8f:61:32:39:5c:33:1f:e9:
f6:89:af:ab:45:d6:a5:1a:bf:10:ff:9d:ab:b0:db:59:7c:29:
e0:fe:29:72:38:d8:42:95:d4:68:0a:fb:67:13:e8:71:91:b6:
59:b7:7c:a9:2e:ee:3b:0e:ee:de:0e:27:a6:7a:70:99:82:6b:
73:44:a0:11:56:11:42:b1:47:22:8d:4c:6d:dd:15:72:67:9c:
40:ff:df:cb:f4:08:bd:f1:28:78:f1:2c:86:49:fb:5b:5d:52:
6f:ca:a2:40:71:e9:2e:f3:b2:c3:38:9e:77:7f:7b:8c:78:97:
1a:ab:f7:1e:57:14:b8:e6:68:e7:c9:b2:a3:66:0f:83:97:f0:
db:cc:c5:93:ed:03:54:88:e9:e2:3a:c9:d8:94:ca:8a:86:10:
93:79:87:e4:4d:e3:36:bb:97:9f:58:55:ee:1b:c1:54:a9:02:
8d:7d:fe:bf:3d:a8:5b:27:14:41:13:c1:d2:70:95:0e:b0:25:
ac:40:88:52:2e:9f:53:fa:92:0f:cb:61:0b:1e:9d:34:fb:79:
4b:72:7b:eb:89:4a:f1:17:7e:6e:0f:cf:a9:b2:11:b5:ff:49:
25:89:8d:1d
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIEHDU8hzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDIy
NTA4NTQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTYwMjI0YjM2OGFl
NzA2MzJlNmVjNzBjZjhhZDczZGM2OWI5YjRlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhTWL2VE9ItSFtBBCEjUpfKFNVDp3oJzHZScK8rn5EZpoV1
Uv8xIEaouASZXLOO9H7QW14iCjIc61TK6T3mxhKEwRUyB2jZLsWLNxpeVo7k7q1i
uS48VAUHUc07F8VhbvGfQz0Cbga5u/laQMsDWdqaKqnLn5yeXxxyze/WAjITd+mt
9G/mTmK2U0RPLKhyvI6plmO0m/Yte6WYEQpSRvcz/CKzM7xVQDL+AAJo06/+qFAL
fx/hPKvdq1O/jbMQ5e7VoLrO/9ay9T5lECrOcNn2rqmSY4NXZivI8BlAEYTgfN9f
9CUpXuyZOtaGuVIwPnNXKl7BeMVq6VdiXdVaD48CAwEAAaOCAqAwggKcMB0GA1Ud
DgQWBBTmAiSzaK5wYy5uxwz4rXPcabm05jAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
LzVnSWtzMml1Y0dNdWJzY00tSzF6M0dtNXRPWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tQYIKwYBBQUHAQcBAf8EgaUwgaIwgZ8EAgABMIGYAwQCH4MIAwQCLpcgAwQDLq3w
AwQDTSR4AwQCUaEAAwQBW+kAAwQDW/awMAwDBAJdeAwDBANdeBADBAJdeHgDBAJt
z4gDBAOwYDADBAKwYFgDBAOwZngDBAOwZ/ADBAOwbtgDBAKwb6ADBAKwcFADBAOw
cbgDBAOwdCADBAKwdOgDBAKyn5ADBAOy1LgDBAK5NwQDBAK5N4wwDQYJKoZIhvcN
AQELBQADggEBAE28B980E9TfG3KGYiVxlqGliwC+QQ1rC2FkAzaPYTI5XDMf6faJ
r6tF1qUavxD/nauw21l8KeD+KXI42EKV1GgK+2cT6HGRtlm3fKku7jsO7t4OJ6Z6
cJmCa3NEoBFWEUKxRyKNTG3dFXJnnED/38v0CL3xKHjxLIZJ+1tdUm/KokBx6S7z
ssM4nnd/e4x4lxqr9x5XFLjmaOfJsqNmD4OX8NvMxZPtA1SI6eI6ydiUyoqGEJN5
h+RN4za7l59YVe4bwVSpAo19/r89qFsnFEETwdJwlQ6wJaxAiFIun1P6kg/LYQse
nTT7eUtye+uJSvEXfm4Pz6myEbX/SSWJjR0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org