Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/CooEVC3zf22OLg80BltPkzDqDos.roa
File: CooEVC3zf22OLg80BltPkzDqDos.roa (raw, json)
Hash identifier: lbColBehwB4kruJm03fwDXVE16InXI2aCc3lf2qC1Gg=
Subject key identifier: 0A:8A:04:54:2D:F3:7F:6D:8E:2E:0F:34:06:5B:4F:93:30:EA:0E:8B
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1BA035E8
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/CooEVC3zf22OLg80BltPkzDqDos.roa
Signing time: Sat 01 Jan 2022 05:03:41 +0000
ROA not before: Sat 01 Jan 2022 05:03:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3561
IP address blocks: 77.36.112.0/21 maxlen: 24
46.151.36.0/22 maxlen: 24
188.191.252.0/22 maxlen: 24
77.36.68.0/22 maxlen: 24
93.120.24.0/23 maxlen: 24
91.237.44.0/22 maxlen: 24
194.33.102.0/23 maxlen: 24
194.33.100.0/23 maxlen: 24
194.33.100.0/22 maxlen: 24
81.161.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 463484392 (0x1ba035e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:03:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a8a04542df37f6d8e2e0f34065b4f9330ea0e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:43:92:d6:de:50:e0:bc:a9:ee:7f:17:6c:8d:
29:bf:6b:85:94:7c:89:fc:91:7c:37:a3:12:5d:85:
01:54:31:2d:58:34:c2:89:f0:dc:5d:8e:7b:4c:55:
34:35:8e:e0:a8:88:62:1a:23:67:5d:17:93:d7:03:
08:55:26:16:b6:3c:84:14:5d:9b:39:c7:f0:25:5b:
59:13:12:80:d8:52:4f:65:bd:05:42:54:eb:85:bf:
cd:69:54:bc:ed:98:ff:3f:90:55:6d:a4:b7:06:ba:
55:61:5e:30:66:81:b8:a1:7d:a8:e5:0e:ac:b7:09:
4c:0a:32:fe:ad:02:2e:8a:03:1b:20:98:fa:22:4a:
af:05:e5:1c:e4:e8:16:ea:e5:2f:37:e8:cb:25:49:
d1:1e:e1:40:e3:27:2e:eb:dd:1f:7c:95:8b:e8:fb:
42:d5:2e:02:a2:b5:af:78:f3:f4:db:35:e9:ca:8b:
84:2a:e7:17:a0:1e:1e:74:c4:34:9d:f5:5b:0b:16:
4f:07:e1:3e:a2:85:0f:07:78:79:c5:5e:46:06:c2:
51:b3:62:33:9b:ed:eb:f5:de:df:0e:63:b3:7a:e6:
5a:de:da:8e:63:b4:2e:f1:25:cd:f7:e6:70:10:15:
cb:bf:2d:b8:f4:f2:19:89:eb:1c:18:e6:8e:48:bd:
41:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:8A:04:54:2D:F3:7F:6D:8E:2E:0F:34:06:5B:4F:93:30:EA:0E:8B
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/CooEVC3zf22OLg80BltPkzDqDos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.36.0/22
77.36.68.0/22
77.36.112.0/21
81.161.4.0/22
91.237.44.0/22
93.120.24.0/23
188.191.252.0/22
194.33.100.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:22:3a:07:fd:43:20:57:47:60:51:2a:b9:a7:18:7b:f3:99:
96:60:7b:8b:0c:47:40:31:e5:79:6a:d4:0b:e4:4b:11:60:34:
6e:ad:20:d4:bc:36:72:85:0a:ed:4c:18:6a:08:70:97:83:d8:
2b:db:c0:3d:b0:d4:9a:4d:6c:af:89:16:dd:f1:bd:3d:c0:5d:
c3:67:65:e6:5d:93:3b:c6:51:6d:a3:20:35:f0:0d:c3:f3:89:
f8:c8:9f:db:cc:c9:c1:5d:02:c5:e7:82:1a:78:70:a0:1c:97:
08:52:60:6b:58:66:c5:d0:52:80:70:8e:25:d2:3f:d8:60:55:
4d:22:c3:26:bf:68:fc:24:82:1e:1a:bd:d9:79:db:fd:ff:49:
8c:c1:ca:bf:6c:f5:df:ba:3e:6c:11:80:06:2a:0a:22:4b:73:
89:04:df:54:ae:d1:9c:75:91:2a:28:16:d2:95:e7:66:f9:2f:
94:55:9b:d0:a5:56:6e:0c:2d:f4:34:ca:7e:1d:9a:16:ea:53:
8e:02:8e:6b:af:eb:a6:3f:d9:4d:8c:3c:b2:e0:3d:4c:50:7d:
6d:05:7a:43:a2:c0:9f:26:18:32:b4:4b:45:96:4f:4f:11:ae:
55:e7:f9:8d:ad:21:6f:2f:6a:d2:8e:8d:fa:8d:d9:92:a7:b3:
a9:c9:ed:2a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEG6A16DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDEw
MTA1MDM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGE4YTA0NTQyZGYz
N2Y2ZDhlMmUwZjM0MDY1YjRmOTMzMGVhMGU4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVDktbeUOC8qe5/F2yNKb9rhZR8ifyRfDejEl2FAVQxLVg0
wonw3F2Oe0xVNDWO4KiIYhojZ10Xk9cDCFUmFrY8hBRdmznH8CVbWRMSgNhST2W9
BUJU64W/zWlUvO2Y/z+QVW2ktwa6VWFeMGaBuKF9qOUOrLcJTAoy/q0CLooDGyCY
+iJKrwXlHOToFurlLzfoyyVJ0R7hQOMnLuvdH3yVi+j7QtUuAqK1r3jz9Ns16cqL
hCrnF6AeHnTENJ31WwsWTwfhPqKFDwd4ecVeRgbCUbNiM5vt6/Xe3w5js3rmWt7a
jmO0LvElzffmcBAVy78tuPTyGYnrHBjmjki9QY8CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQKigRULfN/bY4uDzQGW0+TMOoOizAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L0Nvb0VWQzN6ZjIyT0xnODBCbHRQa3pEcURvcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAi6XJAMEAk0kRAMEA00kcAMEAlGh
BAMEAlvtLAMEAV14GAMEAry//AMEAsIhZDANBgkqhkiG9w0BAQsFAAOCAQEACiI6
B/1DIFdHYFEquacYe/OZlmB7iwxHQDHleWrUC+RLEWA0bq0g1Lw2coUK7UwYaghw
l4PYK9vAPbDUmk1sr4kW3fG9PcBdw2dl5l2TO8ZRbaMgNfANw/OJ+Mif28zJwV0C
xeeCGnhwoByXCFJga1hmxdBSgHCOJdI/2GBVTSLDJr9o/CSCHhq92Xnb/f9JjMHK
v2z137o+bBGABioKIktziQTfVK7RnHWRKigW0pXnZvkvlFWb0KVWbgwt9DTKfh2a
FupTjgKOa6/rpj/ZTYw8suA9TFB9bQV6Q6LAnyYYMrRLRZZPTxGuVef5ja0hby9q
0o6N+o3ZkqezqcntKg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-fra.rpki-client.org