Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/FH2VsmkD2qb7hYK3mMClvwPnojo.roa
File: FH2VsmkD2qb7hYK3mMClvwPnojo.roa (raw, json)
Hash identifier: BLpcgN4QWUdcYPvUJLVhOtbWp1YneFx2dWdseTboIIM=
Subject key identifier: 14:7D:95:B2:69:03:DA:A6:FB:85:82:B7:98:C0:A5:BF:03:E7:A2:3A
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1BCEECA9
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/FH2VsmkD2qb7hYK3mMClvwPnojo.roa
Signing time: Mon 17 Jan 2022 13:23:14 +0000
ROA not before: Mon 17 Jan 2022 13:23:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 77.36.120.0/21 maxlen: 21
185.55.4.0/22 maxlen: 23
176.112.80.0/22 maxlen: 22
176.103.240.0/21 maxlen: 22
46.151.32.0/22 maxlen: 24
178.159.144.0/22 maxlen: 24
176.113.184.0/21 maxlen: 24
93.120.120.0/22 maxlen: 24
81.161.0.0/22 maxlen: 22
176.116.32.0/21 maxlen: 21
185.55.140.0/22 maxlen: 22
185.55.140.0/23 maxlen: 23
185.55.142.0/23 maxlen: 23
64.43.96.0/22 maxlen: 24
64.43.108.0/22 maxlen: 22
64.43.112.0/22 maxlen: 24
31.131.8.0/22 maxlen: 22
176.110.216.0/22 maxlen: 22
176.110.216.0/21 maxlen: 21
176.110.220.0/22 maxlen: 22
176.102.120.0/21 maxlen: 21
176.102.120.0/22 maxlen: 22
176.102.124.0/22 maxlen: 22
176.96.88.0/22 maxlen: 22
109.207.136.0/22 maxlen: 22
176.96.48.0/21 maxlen: 24
176.116.232.0/22 maxlen: 22
91.246.176.0/21 maxlen: 21
93.120.12.0/22 maxlen: 22
46.173.240.0/21 maxlen: 21
93.120.16.0/21 maxlen: 21
176.111.160.0/22 maxlen: 24
178.212.184.0/22 maxlen: 22
178.212.184.0/21 maxlen: 21
178.212.188.0/22 maxlen: 22
91.233.0.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 466545833 (0x1bceeca9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 17 13:23:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=147d95b26903daa6fb8582b798c0a5bf03e7a23a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:67:c1:8b:f1:94:c3:8a:ca:c0:28:e1:5d:65:
00:cc:25:ea:8e:75:c5:6c:9d:e0:e4:8a:19:d0:26:
b1:b1:1b:8b:db:c2:76:10:c2:51:98:2e:c5:ce:32:
5b:df:1f:9c:71:e6:4c:5c:dd:41:0f:97:55:69:ab:
29:2e:51:1f:c1:7a:ba:b5:b4:94:51:58:17:1e:48:
4f:35:22:c8:99:f7:4c:f6:87:69:0f:2a:f1:6b:6f:
b5:35:78:20:d6:2d:a7:8d:9c:8b:86:df:5c:62:b0:
be:1c:ff:43:44:ae:19:20:1c:dc:a9:cb:b0:e8:58:
32:90:c5:f8:2f:a6:5a:e0:8a:e0:37:91:b2:a7:fd:
56:17:59:21:6b:8f:dd:3e:40:1c:67:13:ed:37:98:
15:0c:70:b5:30:94:e3:ce:1f:28:b7:13:8e:a4:5d:
0c:8c:1e:be:fc:ca:bb:d1:56:fd:3d:66:ff:3e:8c:
ef:a5:b5:13:3d:7b:21:4c:d5:79:a7:87:e1:c6:e0:
c2:26:0c:a5:94:01:d4:58:2e:39:f5:7e:77:75:09:
63:66:98:d2:0f:2d:f8:87:20:21:98:3c:67:36:b0:
0b:39:d3:72:49:22:d2:2b:ba:e2:65:17:ac:46:7b:
93:95:7d:2b:8d:80:e4:70:a0:f8:de:76:b7:84:62:
81:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:7D:95:B2:69:03:DA:A6:FB:85:82:B7:98:C0:A5:BF:03:E7:A2:3A
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/FH2VsmkD2qb7hYK3mMClvwPnojo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.8.0/22
46.151.32.0/22
46.173.240.0/21
64.43.96.0/22
64.43.108.0-64.43.115.255
77.36.120.0/21
81.161.0.0/22
91.233.0.0/23
91.246.176.0/21
93.120.12.0-93.120.23.255
93.120.120.0/22
109.207.136.0/22
176.96.48.0/21
176.96.88.0/22
176.102.120.0/21
176.103.240.0/21
176.110.216.0/21
176.111.160.0/22
176.112.80.0/22
176.113.184.0/21
176.116.32.0/21
176.116.232.0/22
178.159.144.0/22
178.212.184.0/21
185.55.4.0/22
185.55.140.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:84:67:0c:fb:10:ff:fc:d3:61:c0:6a:78:e2:fc:3b:ca:47:
a0:01:5c:74:0d:34:8a:58:01:20:ef:7d:5d:5c:64:5a:e7:bf:
f3:af:0a:94:2d:45:2c:eb:39:ab:7b:78:4f:ad:61:56:77:96:
26:b6:f6:d3:0b:c3:ca:34:1d:f9:57:ec:8e:d0:88:fc:61:68:
1b:a2:88:d6:7f:9b:ab:12:b5:07:89:0c:45:60:6e:57:4b:9c:
a9:b4:bd:8e:f1:64:80:78:b9:da:ea:b3:57:7c:ed:c8:5b:84:
11:b7:10:e8:4f:3d:5d:81:c5:57:f8:73:43:8f:1f:dc:50:05:
0e:fe:d2:37:b9:9e:3f:2e:c0:64:43:73:6a:b3:d9:0a:e9:ce:
d9:bb:bb:07:cf:5e:e3:50:ff:8c:4f:1d:d8:48:10:8f:bd:46:
a6:99:4a:8e:7a:d7:74:bf:cc:9e:35:b3:90:b2:92:94:b5:72:
c8:bf:a3:c2:32:e6:92:76:39:c2:53:69:36:4d:0a:f3:01:64:
4d:ea:35:a1:0a:84:e3:04:d6:91:e8:34:05:6f:42:a1:fa:a5:
5f:a2:dc:f3:8e:9d:f4:8c:e8:11:d0:cb:49:0d:cf:98:4f:40:
86:0d:d7:e4:70:80:81:af:00:a9:b6:c6:d7:63:df:51:a6:2c:
7e:b5:bd:07
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIEG87sqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDEx
NzEzMjMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQ3ZDk1YjI2OTAz
ZGFhNmZiODU4MmI3OThjMGE1YmYwM2U3YTIzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFnwYvxlMOKysAo4V1lAMwl6o51xWyd4OSKGdAmsbEbi9vC
dhDCUZguxc4yW98fnHHmTFzdQQ+XVWmrKS5RH8F6urW0lFFYFx5ITzUiyJn3TPaH
aQ8q8WtvtTV4INYtp42ci4bfXGKwvhz/Q0SuGSAc3KnLsOhYMpDF+C+mWuCK4DeR
sqf9VhdZIWuP3T5AHGcT7TeYFQxwtTCU484fKLcTjqRdDIwevvzKu9FW/T1m/z6M
76W1Ez17IUzVeaeH4cbgwiYMpZQB1FguOfV+d3UJY2aY0g8t+IcgIZg8ZzawCznT
ckki0iu64mUXrEZ7k5V9K42A5HCg+N52t4RigdcCAwEAAaOCArQwggKwMB0GA1Ud
DgQWBBQUfZWyaQPapvuFgreYwKW/A+eiOjAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L0ZIMlZzbWtEMnFiN2hZSzNtTUNsdndQbm9qby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
yQYIKwYBBQUHAQcBAf8EgbkwgbYwgbMEAgABMIGsAwQCH4MIAwQCLpcgAwQDLq3w
AwQCQCtgMAwDBAJAK2wDBAJAK3ADBANNJHgDBAJRoQADBAFb6QADBANb9rAwDAME
Al14DAMEA114EAMEAl14eAMEAm3PiAMEA7BgMAMEArBgWAMEA7BmeAMEA7Bn8AME
A7Bu2AMEArBvoAMEArBwUAMEA7BxuAMEA7B0IAMEArB06AMEArKfkAMEA7LUuAME
Ark3BAMEArk3jDANBgkqhkiG9w0BAQsFAAOCAQEASoRnDPsQ//zTYcBqeOL8O8pH
oAFcdA00ilgBIO99XVxkWue/868KlC1FLOs5q3t4T61hVneWJrb20wvDyjQd+Vfs
jtCI/GFoG6KI1n+bqxK1B4kMRWBuV0ucqbS9jvFkgHi52uqzV3ztyFuEEbcQ6E89
XYHFV/hzQ48f3FAFDv7SN7mePy7AZENzarPZCunO2bu7B89e41D/jE8d2EgQj71G
pplKjnrXdL/MnjWzkLKSlLVyyL+jwjLmknY5wlNpNk0K8wFkTeo1oQqE4wTWkeg0
BW9CofqlX6Lc846d9IzoEdDLSQ3PmE9Ahg3X5HCAga8AqbbG12PfUaYsfrW9Bw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-fra.rpki-client.org