Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KNYcDjDZza_Q6V48VJNDeXzc4oI.roa
File: KNYcDjDZza_Q6V48VJNDeXzc4oI.roa (raw, json)
Hash identifier: 4OG28sJUctuf3GprLUQyOM2PoFYw+r/gYx3U+8c5yBQ=
Subject key identifier: 28:D6:1C:0E:30:D9:CD:AF:D0:E9:5E:3C:54:93:43:79:7C:DC:E2:82
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01831881CF0FFD82A4E1FFCC1F3DA01A35AD
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KNYcDjDZza_Q6V48VJNDeXzc4oI.roa
Signing time: Wed 07 Sep 2022 15:11:43 +0000
ROA not before: Wed 07 Sep 2022 15:11:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207023
IP address blocks: 91.245.88.0/23 maxlen: 23
91.234.122.0/23 maxlen: 24
194.33.64.0/23 maxlen: 23
176.118.200.0/22 maxlen: 22
176.118.204.0/22 maxlen: 22
77.36.72.0/21 maxlen: 21
91.200.133.0/24 maxlen: 24
192.162.186.0/23 maxlen: 24
176.116.238.0/23 maxlen: 24
91.232.18.0/24 maxlen: 24
46.173.252.0/23 maxlen: 23
91.229.147.0/24 maxlen: 24
37.97.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:18:81:cf:0f:fd:82:a4:e1:ff:cc:1f:3d:a0:1a:35:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 7 15:11:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28d61c0e30d9cdafd0e95e3c549343797cdce282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:28:a0:76:ee:e6:82:d6:d8:ec:e9:c3:3d:3a:
41:11:b3:57:52:d5:21:85:10:a8:1a:9c:99:23:62:
7f:a3:9d:a3:ef:6f:17:e2:aa:fc:a4:aa:cf:90:54:
dd:2e:7c:26:9c:69:98:5e:6f:2b:6d:b6:46:ae:bd:
07:df:e5:79:d9:bf:af:18:26:e2:97:02:ff:1d:6a:
33:5a:1d:c3:dc:3e:a9:69:de:61:58:af:29:60:04:
5a:c8:82:91:39:93:ca:6b:2e:04:41:08:95:3d:98:
2f:7f:11:e4:9f:1f:43:4d:e8:04:85:43:81:f8:b2:
73:5a:8a:37:b3:35:08:ae:e0:ae:2e:07:41:2c:9e:
79:19:7e:a8:23:16:d4:d4:12:7f:b4:e3:61:75:4b:
2b:d8:87:27:bc:38:d1:d8:7e:07:91:c4:02:d0:61:
e9:85:c1:fb:22:7e:eb:5c:0a:6d:66:39:da:6c:c0:
5a:d0:48:39:55:c2:33:3c:62:03:d5:49:f1:4a:b5:
5c:4c:5b:59:ac:86:69:ad:66:4b:5b:db:6b:47:34:
b4:50:17:ad:82:09:9a:c0:c9:a6:14:4a:45:4f:6c:
f8:e0:e8:1b:0c:cb:44:f6:43:be:55:dc:5f:f4:36:
ec:ae:f2:4d:57:82:a0:6d:30:49:29:09:dc:53:c5:
f8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D6:1C:0E:30:D9:CD:AF:D0:E9:5E:3C:54:93:43:79:7C:DC:E2:82
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KNYcDjDZza_Q6V48VJNDeXzc4oI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.116.0/22
46.173.252.0/23
77.36.72.0/21
91.200.133.0/24
91.229.147.0/24
91.232.18.0/24
91.234.122.0/23
91.245.88.0/23
176.116.238.0/23
176.118.200.0/21
192.162.186.0/23
194.33.64.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:67:45:2b:93:39:dd:7d:da:7c:89:2a:0e:f5:b7:13:9a:ae:
e2:cf:0a:05:ab:11:0e:de:d7:16:94:c8:f8:ae:ea:6a:09:8f:
9d:47:07:9d:81:35:41:e9:0b:52:29:5e:95:5f:5d:81:0b:78:
c5:11:18:a9:39:95:ff:dd:c0:4d:fb:89:8f:cb:de:4a:09:4d:
15:78:a7:09:d3:c7:f9:29:98:46:30:be:16:8c:5a:af:1f:75:
4b:83:46:25:4a:ca:62:50:83:bf:20:a8:02:19:bf:de:aa:d7:
7b:67:82:f0:d4:69:86:18:e8:d9:ee:ff:14:f5:2a:f1:a9:85:
dd:cf:56:b7:2a:eb:34:84:a8:74:6b:ef:bd:f2:c3:72:40:68:
52:d3:11:4e:a6:51:ef:a1:62:05:51:48:04:42:d5:96:0e:90:
5d:5c:a1:32:6d:50:5e:57:d4:5b:bc:7b:6c:e7:97:17:f3:35:
f1:d3:5c:f0:70:bf:9a:7a:d7:2a:79:f1:b1:bf:9d:08:3d:fc:
b8:d5:fe:69:93:2e:cc:43:6a:32:b8:b9:d5:76:e3:1a:86:ce:
9d:dc:f2:6f:d7:cc:06:d0:57:20:6a:9c:53:77:42:c0:82:db:
11:1f:e4:41:db:a4:3d:8e:5f:ca:7d:19:58:9a:73:28:ad:da:
02:47:86:0c
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYMYgc8P/YKk4f/MHz2gGjWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwOTA3MTUxMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQ2MWMwZTMwZDljZGFmZDBlOTVlM2M1NDkzNDM3OTdjZGNlMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyigdu7mgtbY7OnDPTpBEbNXUtUh
hRCoGpyZI2J/o52j728X4qr8pKrPkFTdLnwmnGmYXm8rbbZGrr0H3+V52b+vGCbi
lwL/HWozWh3D3D6pad5hWK8pYARayIKROZPKay4EQQiVPZgvfxHknx9DTegEhUOB
+LJzWoo3szUIruCuLgdBLJ55GX6oIxbU1BJ/tONhdUsr2IcnvDjR2H4HkcQC0GHp
hcH7In7rXAptZjnabMBa0Eg5VcIzPGID1UnxSrVcTFtZrIZprWZLW9trRzS0UBet
ggmawMmmFEpFT2z44OgbDMtE9kO+Vdxf9DbsrvJNV4KgbTBJKQncU8X4OQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCjWHA4w2c2v0OlePFSTQ3l83OKCMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvS05ZY0RqRFp6YV9RNlY0OFZKTkRlWHpjNG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCJWF0AwQB
Lq38AwQDTSRIAwQAW8iFAwQAW+WTAwQAW+gSAwQBW+p6AwQBW/VYAwQBsHTuAwQD
sHbIAwQBwKK6AwQBwiFAMA0GCSqGSIb3DQEBCwUAA4IBAQBqZ0Urkzndfdp8iSoO
9bcTmq7izwoFqxEO3tcWlMj4rupqCY+dRwedgTVB6QtSKV6VX12BC3jFERipOZX/
3cBN+4mPy95KCU0VeKcJ08f5KZhGML4WjFqvH3VLg0YlSspiUIO/IKgCGb/eqtd7
Z4Lw1GmGGOjZ7v8U9SrxqYXdz1a3Kus0hKh0a++98sNyQGhS0xFOplHvoWIFUUgE
QtWWDpBdXKEybVBeV9RbvHts55cX8zXx01zwcL+aetcqefGxv50IPfy41f5pky7M
Q2oyuLnVduMahs6d3PJv18wG0FcgapxTd0LAgtsRH+RB26Q9jl/KfRlYmnMordoC
R4YM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org