Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8xD5cKVjNpWeV7j2HCOikj1Oe1Y.roa
File: 8xD5cKVjNpWeV7j2HCOikj1Oe1Y.roa (raw, json)
Hash identifier: mCHdBKedGerxXfcg0C2phQdGAZ8ijLVKx8SoTZz5R+o=
Subject key identifier: F3:10:F9:70:A5:63:36:95:9E:57:B8:F6:1C:23:A2:92:3D:4E:7B:56
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018264FDAECA8786631E327CBA99B2C7310C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8xD5cKVjNpWeV7j2HCOikj1Oe1Y.roa
Signing time: Wed 03 Aug 2022 18:35:23 +0000
ROA not before: Wed 03 Aug 2022 18:35:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211306
IP address blocks: 77.36.2.0/23 maxlen: 23
77.36.4.0/24 maxlen: 24
77.36.6.0/24 maxlen: 24
77.36.7.0/24 maxlen: 24
77.36.5.0/24 maxlen: 24
77.36.56.0/24 maxlen: 24
77.232.216.0/23 maxlen: 23
77.36.54.0/23 maxlen: 23
77.232.218.0/24 maxlen: 24
77.36.88.0/24 maxlen: 24
91.237.49.0/24 maxlen: 24
93.120.44.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:64:fd:ae:ca:87:86:63:1e:32:7c:ba:99:b2:c7:31:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 3 18:35:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f310f970a56336959e57b8f61c23a2923d4e7b56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8d:d6:fd:b4:aa:39:af:a2:7a:75:b3:34:bd:
59:dc:d0:0e:7e:2f:d3:bc:7f:23:4a:a3:95:77:b3:
a2:01:80:d5:59:2a:24:22:4a:eb:19:45:de:10:b3:
02:9f:a0:24:84:62:7b:c1:22:e1:e6:bf:b5:e1:69:
45:e5:4a:eb:7c:2b:32:5f:8f:09:50:99:b9:12:85:
67:00:5a:6e:33:f6:07:d2:56:87:85:73:ce:c7:a4:
e6:ec:d2:da:d4:61:ba:72:76:4e:c0:61:07:d3:80:
26:10:14:f9:d7:37:07:4e:a9:cf:18:eb:f4:82:00:
f2:41:73:5f:b5:44:70:bc:ca:d8:4a:e8:e2:ca:af:
cb:ab:28:0b:3d:c8:fc:be:68:36:7c:b4:ec:df:82:
8c:97:39:f8:e0:f2:a5:ba:17:41:5a:80:24:f2:a7:
e6:2c:3b:2b:03:56:cc:f8:bc:8b:6b:be:e2:69:04:
da:24:41:f5:9b:57:09:f9:fb:40:9d:df:55:fb:82:
64:29:15:91:ab:6f:97:85:24:f2:0d:ab:ac:b5:9b:
f2:dd:c7:3d:19:e8:94:b5:7a:e9:1e:2a:d8:a4:46:
cc:16:4c:ed:b7:7c:13:51:08:da:67:9e:27:5b:3c:
9c:e3:c6:10:50:57:e0:a3:0a:97:cc:56:ce:59:da:
b7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:10:F9:70:A5:63:36:95:9E:57:B8:F6:1C:23:A2:92:3D:4E:7B:56
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8xD5cKVjNpWeV7j2HCOikj1Oe1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.2.0-77.36.7.255
77.36.54.0-77.36.56.255
77.36.88.0/24
77.232.216.0-77.232.218.255
91.237.49.0/24
93.120.44.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:ff:d9:3b:26:25:83:18:47:1a:bf:7e:0c:02:b7:2e:c9:be:
96:7f:f2:44:8e:3b:cb:94:07:28:25:59:a5:ef:b7:8a:f4:9c:
70:8e:81:bd:99:fc:9b:2d:7e:e7:03:2a:a0:63:dc:e9:7a:55:
06:03:32:b7:b5:dc:a7:46:68:c8:10:44:54:b4:35:0b:f0:60:
0b:87:27:70:ed:1d:e6:fb:ce:ea:35:fc:ac:22:6b:d8:5b:8a:
c2:70:d7:af:ac:23:a2:c5:b1:64:30:d7:6e:1f:ab:64:77:4a:
a5:38:49:75:65:26:5c:1f:1a:4f:57:f5:fc:17:a0:f4:c9:67:
10:f5:f5:f9:93:85:fb:00:18:f8:19:07:e3:38:84:6d:06:fb:
78:72:ae:ee:45:93:84:8d:e5:8b:0a:e0:55:f4:5f:21:3a:e6:
f9:64:98:fe:1c:96:cc:9b:7e:f3:31:5c:a9:48:9f:e7:c6:c1:
cb:5c:48:79:02:56:bc:da:9b:50:9d:47:c6:1c:02:0b:1a:c0:
55:0a:d9:12:5f:7a:5a:22:b5:e0:b4:3a:75:5a:bb:b3:22:e8:
36:f9:88:dc:ce:9c:33:a6:c7:6e:d4:2f:22:27:37:a4:b0:b2:
a2:81:c8:52:08:b0:6b:18:a3:6e:a6:57:b8:d5:e4:e8:43:56:
a2:f3:f1:15
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYJk/a7Kh4ZjHjJ8upmyxzEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwODAzMTgzNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzEwZjk3MGE1NjMzNjk1OWU1N2I4ZjYxYzIzYTI5MjNkNGU3YjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwI3W/bSqOa+ienWzNL1Z3NAOfi/T
vH8jSqOVd7OiAYDVWSokIkrrGUXeELMCn6AkhGJ7wSLh5r+14WlF5UrrfCsyX48J
UJm5EoVnAFpuM/YH0laHhXPOx6Tm7NLa1GG6cnZOwGEH04AmEBT51zcHTqnPGOv0
ggDyQXNftURwvMrYSujiyq/LqygLPcj8vmg2fLTs34KMlzn44PKluhdBWoAk8qfm
LDsrA1bM+LyLa77iaQTaJEH1m1cJ+ftAnd9V+4JkKRWRq2+XhSTyDaustZvy3cc9
GeiUtXrpHirYpEbMFkztt3wTUQjaZ54nWzyc48YQUFfgowqXzFbOWdq3wQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPMQ+XClYzaVnle49hwjopI9TntWMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvOHhENWNLVmpOcFdlVjdqMkhDT2lrajFPZTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAFNJAID
BANNJAAwDAMEAU0kNgMEAE0kOAMEAE0kWDAMAwQDTejYAwQATejaAwQAW+0xAwQB
XXgsMA0GCSqGSIb3DQEBCwUAA4IBAQAt/9k7JiWDGEcav34MArcuyb6Wf/JEjjvL
lAcoJVml77eK9JxwjoG9mfybLX7nAyqgY9zpelUGAzK3tdynRmjIEERUtDUL8GAL
hydw7R3m+87qNfysImvYW4rCcNevrCOixbFkMNduH6tkd0qlOEl1ZSZcHxpPV/X8
F6D0yWcQ9fX5k4X7ABj4GQfjOIRtBvt4cq7uRZOEjeWLCuBV9F8hOub5ZJj+HJbM
m37zMVypSJ/nxsHLXEh5Ala82ptQnUfGHAILGsBVCtkSX3paIrXgtDp1WruzIug2
+Yjczpwzpsdu1C8iJzeksLKigchSCLBrGKNuple41eToQ1ai8/EV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org