Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/GdYfkzed1jMbeEkMxcPofcCYzr4.roa
File: GdYfkzed1jMbeEkMxcPofcCYzr4.roa (raw, json)
Hash identifier: zAlA1oLZGK+9g+QGzAWil8Ea7+MMnpko7YzfEKrOm8o=
Subject key identifier: 19:D6:1F:93:37:9D:D6:33:1B:78:49:0C:C5:C3:E8:7D:C0:98:CE:BE
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1CDA57AE
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/GdYfkzed1jMbeEkMxcPofcCYzr4.roa
Signing time: Tue 12 Apr 2022 13:22:05 +0000
ROA not before: Tue 12 Apr 2022 13:22:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50835
IP address blocks: 91.193.30.0/23 maxlen: 23
81.161.48.0/22 maxlen: 22
194.33.64.0/23 maxlen: 23
91.246.192.0/22 maxlen: 24
77.36.57.0/24 maxlen: 24
176.113.180.0/22 maxlen: 22
77.36.60.0/24 maxlen: 24
77.36.65.0/24 maxlen: 24
91.246.203.0/24 maxlen: 24
176.118.204.0/23 maxlen: 24
176.110.112.0/23 maxlen: 23
91.246.217.0/24 maxlen: 24
81.161.8.0/22 maxlen: 22
192.162.184.0/23 maxlen: 23
37.97.120.0/24 maxlen: 24
37.97.121.0/24 maxlen: 24
91.232.56.0/23 maxlen: 23
194.33.66.0/23 maxlen: 23
64.43.120.0/22 maxlen: 24
91.233.200.0/24 maxlen: 24
176.115.236.0/22 maxlen: 24
193.36.203.0/24 maxlen: 24
109.207.129.0/24 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
91.229.18.0/23 maxlen: 23
91.200.132.0/24 maxlen: 24
91.200.134.0/23 maxlen: 23
176.121.108.0/23 maxlen: 24
176.121.110.0/23 maxlen: 24
91.238.39.0/24 maxlen: 24
91.239.222.0/23 maxlen: 23
176.116.236.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.224.212.0/24 maxlen: 24
91.232.226.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
91.236.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 484071342 (0x1cda57ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Apr 12 13:22:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19d61f93379dd6331b78490cc5c3e87dc098cebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:70:b3:11:17:97:ab:72:84:d6:d0:f3:6a:5d:
c7:2f:df:fb:47:07:48:88:23:54:14:52:04:9f:6b:
c4:d0:8b:2e:de:8b:91:40:0e:97:1b:83:6a:04:77:
0c:8c:3d:8c:e8:ab:70:6d:b4:93:0f:0b:f2:cd:c9:
d1:43:6c:9a:cd:2c:49:cd:ec:97:56:5d:3f:c4:90:
fa:c4:c3:bd:df:ff:26:22:54:46:44:26:51:6d:34:
8c:cd:a3:9d:20:5b:e5:56:93:cc:e3:e7:63:c3:fe:
7c:45:c2:70:61:32:23:33:69:ca:88:bf:c1:a8:56:
a8:dd:2f:ec:86:db:68:bf:0e:f9:0e:88:16:da:1a:
2d:e1:ce:e8:ab:45:e1:f2:0c:40:3f:0c:10:01:fe:
09:06:38:f9:cf:bc:bd:69:e9:85:90:fe:ac:33:77:
0a:59:5b:30:a9:39:b4:a4:6e:c6:51:c1:b6:05:30:
01:31:de:1e:0f:f8:1b:11:37:4e:eb:2c:fd:d3:ed:
ec:f4:ee:69:2f:87:b8:7e:d7:48:1b:f9:a8:73:b6:
80:3f:f5:e0:7c:12:f8:05:54:aa:ec:b5:f9:f8:fd:
34:9e:f1:0c:ac:b4:4c:8c:da:b1:b5:fb:af:a4:9d:
76:38:c4:38:26:31:67:b8:70:02:4b:38:33:11:d4:
37:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D6:1F:93:37:9D:D6:33:1B:78:49:0C:C5:C3:E8:7D:C0:98:CE:BE
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/GdYfkzed1jMbeEkMxcPofcCYzr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.120.0/23
46.173.248.0/22
64.43.120.0/22
77.36.57.0/24
77.36.60.0/24
77.36.65.0/24
81.161.8.0/22
81.161.48.0/22
91.193.30.0/23
91.200.132.0/24
91.200.134.0/23
91.224.212.0/24
91.229.18.0/23
91.232.56.0/23
91.232.226.0/24
91.233.200.0/24
91.236.76.0/24
91.238.39.0/24
91.239.222.0/23
91.239.226.0/24
91.246.192.0/22
91.246.203.0/24
91.246.217.0/24
109.207.129.0-109.207.130.255
109.207.132.0/24
176.96.94.0/24
176.110.112.0/23
176.113.180.0/22
176.115.236.0/22
176.116.236.0/24
176.118.204.0/23
176.121.108.0/22
192.162.184.0/23
193.36.203.0/24
194.33.64.0/22
Signature Algorithm: sha256WithRSAEncryption
47:33:cc:87:35:05:31:ae:70:67:f4:d0:b8:a2:55:26:a5:b9:
70:70:38:b1:85:62:bd:3d:39:f5:8d:f3:19:da:41:53:48:36:
4d:26:8e:98:5b:4f:ed:3a:0f:09:ed:f7:d7:41:d8:cc:fe:19:
12:84:db:fe:97:c5:66:fb:bd:91:68:9d:c9:23:4c:ab:a0:28:
e1:eb:97:41:43:57:75:c2:d8:4c:79:b3:d2:b3:b5:78:11:92:
0c:08:19:3c:f4:37:d0:34:91:ed:8d:33:01:1b:22:3d:7b:3a:
f0:29:01:d6:a1:28:38:3b:66:f6:26:be:83:b0:f9:47:53:79:
9a:1a:7a:ec:86:af:64:55:12:0e:a2:8c:02:d7:bd:fa:a1:c2:
b7:bc:1f:c7:3a:82:95:af:e8:51:61:6d:74:dd:dc:c5:8c:f6:
c8:95:7f:44:81:99:66:ce:d1:48:fe:1b:a0:63:39:93:e2:49:
8b:1f:f9:b1:6a:4a:74:7e:b4:08:14:3a:39:66:03:3c:a6:b7:
1f:68:57:f8:7a:19:04:e3:bb:bf:b8:90:ab:db:cd:85:5f:53:
0d:64:b8:af:ac:6e:a4:53:4c:c3:e2:88:42:1f:0e:2b:65:07:
8e:84:5f:24:2e:14:3e:52:dc:e9:9e:2f:7e:a0:6b:1b:af:67:
55:f7:ae:d9
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIEHNpXrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDQx
MjEzMjIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTlkNjFmOTMzNzlk
ZDYzMzFiNzg0OTBjYzVjM2U4N2RjMDk4Y2ViZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9wsxEXl6tyhNbQ82pdxy/f+0cHSIgjVBRSBJ9rxNCLLt6L
kUAOlxuDagR3DIw9jOircG20kw8L8s3J0UNsms0sSc3sl1ZdP8SQ+sTDvd//JiJU
RkQmUW00jM2jnSBb5VaTzOPnY8P+fEXCcGEyIzNpyoi/wahWqN0v7IbbaL8O+Q6I
FtoaLeHO6KtF4fIMQD8MEAH+CQY4+c+8vWnphZD+rDN3CllbMKk5tKRuxlHBtgUw
ATHeHg/4GxE3Tuss/dPt7PTuaS+HuH7XSBv5qHO2gD/14HwS+AVUquy1+fj9NJ7x
DKy0TIzasbX7r6SddjjEOCYxZ7hwAks4MxHUN5cCAwEAAaOCAuIwggLeMB0GA1Ud
DgQWBBQZ1h+TN53WMxt4SQzFw+h9wJjOvjAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L0dkWWZremVkMWpNYmVFa014Y1BvZmNDWXpyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
9wYIKwYBBQUHAQcBAf8EgecwgeQwgeEEAgABMIHaAwQBJWF4AwQCLq34AwQCQCt4
AwQATSQ5AwQATSQ8AwQATSRBAwQCUaEIAwQCUaEwAwQBW8EeAwQAW8iEAwQBW8iG
AwQAW+DUAwQBW+USAwQBW+g4AwQAW+jiAwQAW+nIAwQAW+xMAwQAW+4nAwQBW+/e
AwQAW+/iAwQCW/bAAwQAW/bLAwQAW/bZMAwDBABtz4EDBABtz4IDBABtz4QDBACw
YF4DBAGwbnADBAKwcbQDBAKwc+wDBACwdOwDBAGwdswDBAKweWwDBAHAorgDBADB
JMsDBALCIUAwDQYJKoZIhvcNAQELBQADggEBAEczzIc1BTGucGf00LiiVSaluXBw
OLGFYr09OfWN8xnaQVNINk0mjphbT+06Dwnt99dB2Mz+GRKE2/6XxWb7vZFonckj
TKugKOHrl0FDV3XC2Ex5s9KztXgRkgwIGTz0N9A0ke2NMwEbIj17OvApAdahKDg7
ZvYmvoOw+UdTeZoaeuyGr2RVEg6ijALXvfqhwre8H8c6gpWv6FFhbXTd3MWM9siV
f0SBmWbO0Uj+G6BjOZPiSYsf+bFqSnR+tAgUOjlmAzymtx9oV/h6GQTju7+4kKvb
zYVfUw1kuK+sbqRTTMPiiEIfDitlB46EXyQuFD5S3OmeL36gaxuvZ1X3rtk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org