Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PZ0aEAsSXM8Y3lsrdY-lVRsYCnU.roa
File: PZ0aEAsSXM8Y3lsrdY-lVRsYCnU.roa (raw, json)
Hash identifier: 5d+isnPfwwNmChTQ4VIexNq7BY5izTiUPG+nYzl2wrQ=
Subject key identifier: 3D:9D:1A:10:0B:12:5C:CF:18:DE:5B:2B:75:8F:A5:55:1B:18:0A:75
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1D76B278
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PZ0aEAsSXM8Y3lsrdY-lVRsYCnU.roa
Signing time: Fri 27 May 2022 19:42:13 +0000
ROA not before: Fri 27 May 2022 19:42:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211306
IP address blocks: 77.36.56.0/24 maxlen: 24
77.36.54.0/23 maxlen: 23
77.232.218.0/24 maxlen: 24
91.237.49.0/24 maxlen: 24
93.120.44.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 494318200 (0x1d76b278)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 27 19:42:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d9d1a100b125ccf18de5b2b758fa5551b180a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:38:69:47:33:dd:c2:cd:28:14:e4:f6:3a:14:
5e:b5:76:e2:c0:38:fa:71:68:9b:b7:a6:ce:0c:74:
23:35:f2:16:94:7c:ea:7b:c7:9d:b6:da:26:db:74:
68:de:53:a7:3e:c9:49:1e:6f:e5:9b:c8:d9:60:66:
96:b4:cf:ba:ea:c8:3c:40:2b:24:b6:15:2c:f4:93:
f5:60:0e:ae:12:c1:07:09:83:3f:e3:1a:07:2a:5a:
a4:09:33:dd:11:68:19:d4:3d:c3:51:60:37:12:87:
e1:d0:9b:73:5d:92:89:3a:88:36:ee:9e:ed:c0:12:
15:5e:9b:c4:8b:57:d9:06:d1:52:d3:13:82:f9:d3:
cb:5a:72:f9:8a:e7:2c:42:ab:4c:ac:d7:05:25:4b:
d3:24:ba:f4:24:90:38:8f:bb:e6:ac:08:79:20:20:
b8:1f:5f:77:83:fa:f6:7f:ca:2c:35:19:62:c7:9b:
54:b3:2a:3a:07:5b:0b:c8:3e:6d:fd:0f:d7:21:d8:
3d:0c:bf:58:f4:0e:7b:35:37:b7:d7:37:8d:09:1e:
45:ea:55:bc:fe:28:df:ff:11:69:2d:1b:02:1b:0e:
22:f1:14:cb:0b:1f:ce:b7:a1:9e:ba:39:f8:93:fb:
ef:88:5e:5b:1a:a9:16:5c:58:dd:4b:fb:9f:3b:31:
e6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9D:1A:10:0B:12:5C:CF:18:DE:5B:2B:75:8F:A5:55:1B:18:0A:75
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PZ0aEAsSXM8Y3lsrdY-lVRsYCnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.54.0-77.36.56.255
77.232.218.0/24
91.237.49.0/24
93.120.44.0/23
Signature Algorithm: sha256WithRSAEncryption
82:56:bc:71:a1:72:7b:b8:f8:87:fb:06:bf:d8:07:80:aa:c8:
43:1f:c7:02:63:90:1b:d6:83:41:9a:a1:d3:51:49:17:8c:32:
aa:4b:d3:e3:dc:d4:72:a8:03:c1:6d:a7:de:be:ff:63:e9:e0:
57:30:05:63:a0:bb:66:a4:58:17:cc:f1:fe:32:b5:b5:cd:15:
14:fc:93:c4:a5:a0:0b:0b:b5:be:90:c3:62:86:33:64:34:49:
30:32:25:7d:e3:34:8f:a4:fd:2d:36:c3:ce:bf:fa:c2:fa:7e:
22:de:eb:13:d1:39:fc:e9:02:c7:77:7b:35:0d:68:86:d0:1e:
00:5b:99:f5:c7:0d:07:90:c1:c2:21:3c:f9:dc:36:02:d6:5a:
7e:84:75:1f:e9:41:29:32:77:2f:48:aa:8c:0f:de:3a:1f:30:
1f:c0:20:84:0a:9d:e7:64:26:ef:c4:35:ab:71:ea:94:6c:e4:
0a:58:7a:f7:17:48:f0:91:f7:4a:f8:48:ca:41:11:c4:0c:d3:
5a:47:6b:d0:0f:80:7b:01:3a:87:eb:2f:e2:af:59:47:41:e5:
5f:59:6f:df:47:ed:d8:78:65:9c:2f:0c:c4:ea:21:b8:a3:d1:
49:b2:95:20:c6:96:1d:9f:21:f6:d2:10:40:82:59:71:6e:7f:
36:2f:3b:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEHXayeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDUy
NzE5NDIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Q5ZDFhMTAwYjEy
NWNjZjE4ZGU1YjJiNzU4ZmE1NTUxYjE4MGE3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMc4aUcz3cLNKBTk9joUXrV24sA4+nFom7emzgx0IzXyFpR8
6nvHnbbaJtt0aN5Tpz7JSR5v5ZvI2WBmlrTPuurIPEArJLYVLPST9WAOrhLBBwmD
P+MaBypapAkz3RFoGdQ9w1FgNxKH4dCbc12SiTqINu6e7cASFV6bxItX2QbRUtMT
gvnTy1py+YrnLEKrTKzXBSVL0yS69CSQOI+75qwIeSAguB9fd4P69n/KLDUZYseb
VLMqOgdbC8g+bf0P1yHYPQy/WPQOezU3t9c3jQkeRepVvP4o3/8RaS0bAhsOIvEU
ywsfzrehnro5+JP774heWxqpFlxY3Uv7nzsx5v0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQ9nRoQCxJczxjeWyt1j6VVGxgKdTAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L1BaMGFFQXNTWE04WTNsc3JkWS1sVlJzWUNuVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQBTSQ2AwQATSQ4AwQATejaAwQA
W+0xAwQBXXgsMA0GCSqGSIb3DQEBCwUAA4IBAQCCVrxxoXJ7uPiH+wa/2AeAqshD
H8cCY5Ab1oNBmqHTUUkXjDKqS9Pj3NRyqAPBbafevv9j6eBXMAVjoLtmpFgXzPH+
MrW1zRUU/JPEpaALC7W+kMNihjNkNEkwMiV94zSPpP0tNsPOv/rC+n4i3usT0Tn8
6QLHd3s1DWiG0B4AW5n1xw0HkMHCITz53DYC1lp+hHUf6UEpMncvSKqMD946HzAf
wCCECp3nZCbvxDWrceqUbOQKWHr3F0jwkfdK+EjKQRHEDNNaR2vQD4B7ATqH6y/i
r1lHQeVfWW/fR+3YeGWcLwzE6iG4o9FJspUgxpYdnyH20hBAgllxbn82Lzv4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org