Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/RnaNsmW99lOnoKfKXioGumj_hL4.roa
File: RnaNsmW99lOnoKfKXioGumj_hL4.roa (raw, json)
Hash identifier: dU2N7iL+RWeSxX4WmiLPfG3W5I4QsgteXwDdzyBh5V4=
Subject key identifier: 46:76:8D:B2:65:BD:F6:53:A7:A0:A7:CA:5E:2A:06:BA:68:FF:84:BE
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1C7635E3
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/RnaNsmW99lOnoKfKXioGumj_hL4.roa
Signing time: Fri 11 Mar 2022 16:00:12 +0000
ROA not before: Fri 11 Mar 2022 16:00:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50835
IP address blocks: 91.193.30.0/23 maxlen: 23
81.161.48.0/22 maxlen: 22
194.33.64.0/23 maxlen: 23
91.246.192.0/22 maxlen: 24
77.36.57.0/24 maxlen: 24
176.113.180.0/22 maxlen: 22
77.36.60.0/24 maxlen: 24
77.36.65.0/24 maxlen: 24
91.246.203.0/24 maxlen: 24
176.118.204.0/23 maxlen: 24
176.110.112.0/23 maxlen: 23
91.246.217.0/24 maxlen: 24
81.161.8.0/22 maxlen: 22
192.162.184.0/23 maxlen: 23
37.97.120.0/24 maxlen: 24
37.97.121.0/24 maxlen: 24
91.232.56.0/23 maxlen: 23
91.237.92.0/24 maxlen: 24
194.33.66.0/23 maxlen: 23
64.43.120.0/22 maxlen: 24
91.233.200.0/24 maxlen: 24
176.115.236.0/22 maxlen: 24
193.36.203.0/24 maxlen: 24
109.207.129.0/24 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
91.229.18.0/23 maxlen: 23
91.200.132.0/24 maxlen: 24
91.200.134.0/23 maxlen: 23
176.121.108.0/23 maxlen: 24
176.121.110.0/23 maxlen: 24
91.238.39.0/24 maxlen: 24
91.239.220.0/22 maxlen: 22
176.116.236.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.224.212.0/24 maxlen: 24
93.120.8.0/23 maxlen: 23
91.232.226.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
91.236.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 477509091 (0x1c7635e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 11 16:00:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46768db265bdf653a7a0a7ca5e2a06ba68ff84be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e0:a2:4e:ff:ff:66:bd:91:4b:8c:24:c4:17:
14:e1:09:16:6f:25:73:c7:ad:7f:fa:65:1b:7d:9d:
8d:6f:7c:48:da:e2:a7:a3:6f:4b:6e:19:24:7a:8f:
05:f7:69:54:d9:ba:aa:4d:45:8a:5e:f1:7d:81:e2:
b1:b2:59:fe:28:ee:14:0f:97:18:3f:49:cc:b6:44:
b3:87:41:18:a9:4d:5f:d5:5a:bc:b4:ed:31:a0:06:
9c:09:c8:5e:66:85:d8:af:6a:e9:15:2f:80:65:e9:
c1:4d:5a:02:82:b0:64:0d:10:e5:25:43:75:c5:46:
5b:bf:54:85:c4:2a:37:a8:41:8a:ce:f0:93:e0:3a:
b2:5d:7a:e8:76:34:af:4a:d9:43:88:45:09:0d:8c:
b7:93:c6:a9:29:c8:9e:b7:e8:72:92:fd:47:3c:ea:
96:e7:81:44:ed:ba:e2:c3:75:61:87:28:1f:0d:34:
15:1f:74:e7:b7:bc:11:94:b6:4e:91:a0:c4:39:4d:
b8:4d:9e:c4:01:53:10:ca:2b:82:1e:f3:4b:52:40:
2f:71:45:41:35:17:f7:dd:c7:4e:00:00:86:a9:81:
e8:20:e2:79:4f:09:1f:39:89:fa:96:a5:dd:b0:15:
f9:33:0a:49:de:7a:90:a6:c0:74:e8:08:76:95:e3:
d4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:76:8D:B2:65:BD:F6:53:A7:A0:A7:CA:5E:2A:06:BA:68:FF:84:BE
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/RnaNsmW99lOnoKfKXioGumj_hL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.120.0/23
46.173.248.0/22
64.43.120.0/22
77.36.57.0/24
77.36.60.0/24
77.36.65.0/24
81.161.8.0/22
81.161.48.0/22
91.193.30.0/23
91.200.132.0/24
91.200.134.0/23
91.224.212.0/24
91.229.18.0/23
91.232.56.0/23
91.232.226.0/24
91.233.200.0/24
91.236.76.0/24
91.237.92.0/24
91.238.39.0/24
91.239.220.0/22
91.239.226.0/24
91.246.192.0/22
91.246.203.0/24
91.246.217.0/24
93.120.8.0/23
109.207.129.0-109.207.130.255
109.207.132.0/24
176.96.94.0/24
176.110.112.0/23
176.113.180.0/22
176.115.236.0/22
176.116.236.0/24
176.118.204.0/23
176.121.108.0/22
192.162.184.0/23
193.36.203.0/24
194.33.64.0/22
Signature Algorithm: sha256WithRSAEncryption
83:2d:09:f7:31:d6:ce:7d:c4:ef:8f:a3:e0:57:4e:41:21:1c:
61:fa:3e:bf:d9:3e:94:bd:c5:d3:10:2f:b5:9d:3d:3a:06:2a:
3c:52:f9:9a:98:43:e3:1e:a7:fb:46:8d:1b:52:56:9d:79:de:
b2:36:f6:80:da:6d:1c:37:74:56:5a:f8:c0:40:3a:82:93:1a:
5e:f1:2d:4a:b3:ec:92:63:a1:2e:5b:d8:f6:d6:04:d8:fa:b8:
8a:12:8f:46:af:3b:40:0e:80:01:92:33:39:5b:4e:8c:f5:d4:
f9:36:94:c0:bd:72:ec:f9:68:81:74:e9:cd:81:73:e7:56:06:
89:85:36:98:f1:83:c2:b2:80:49:52:1e:89:e1:f5:a1:64:97:
9c:fb:61:10:b4:04:f8:a7:f3:22:31:8f:ae:a4:2b:bb:67:d4:
6c:e5:fc:7f:0b:7b:cd:4c:f6:49:9b:72:b3:a0:5e:e7:7c:11:
7b:57:e5:d5:1b:fe:a1:bf:6c:c1:04:fb:05:d2:7c:cd:fc:13:
82:be:38:8d:b8:7e:0a:17:72:c5:b7:9b:32:b7:bd:b1:99:6b:
cc:6f:2c:2c:40:61:f4:13:5b:29:f6:18:c8:76:f3:bc:4a:b8:
6a:05:0d:65:a0:c8:55:b3:53:67:12:9f:19:8d:53:b4:94:b6:
88:34:0c:92
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgIEHHY14zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDMx
MTE2MDAxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDY3NjhkYjI2NWJk
ZjY1M2E3YTBhN2NhNWUyYTA2YmE2OGZmODRiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIzgok7//2a9kUuMJMQXFOEJFm8lc8etf/plG32djW98SNri
p6NvS24ZJHqPBfdpVNm6qk1Fil7xfYHisbJZ/ijuFA+XGD9JzLZEs4dBGKlNX9Va
vLTtMaAGnAnIXmaF2K9q6RUvgGXpwU1aAoKwZA0Q5SVDdcVGW79UhcQqN6hBis7w
k+A6sl166HY0r0rZQ4hFCQ2Mt5PGqSnInrfocpL9RzzqlueBRO264sN1YYcoHw00
FR9057e8EZS2TpGgxDlNuE2exAFTEMorgh7zS1JAL3FFQTUX993HTgAAhqmB6CDi
eU8JHzmJ+pal3bAV+TMKSd56kKbAdOgIdpXj1BMCAwEAAaOCAu8wggLrMB0GA1Ud
DgQWBBRGdo2yZb32U6egp8peKga6aP+EvjAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L1JuYU5zbVc5OWxPbm9LZktYaW9HdW1qX2hMNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AQMGCCsGAQUFBwEHAQH/BIHzMIHwMIHtBAIAATCB5gMEASVheAMEAi6t+AMEAkAr
eAMEAE0kOQMEAE0kPAMEAE0kQQMEAlGhCAMEAlGhMAMEAVvBHgMEAFvIhAMEAVvI
hgMEAFvg1AMEAVvlEgMEAVvoOAMEAFvo4gMEAFvpyAMEAFvsTAMEAFvtXAMEAFvu
JwMEAlvv3AMEAFvv4gMEAlv2wAMEAFv2ywMEAFv22QMEAV14CDAMAwQAbc+BAwQA
bc+CAwQAbc+EAwQAsGBeAwQBsG5wAwQCsHG0AwQCsHPsAwQAsHTsAwQBsHbMAwQC
sHlsAwQBwKK4AwQAwSTLAwQCwiFAMA0GCSqGSIb3DQEBCwUAA4IBAQCDLQn3MdbO
fcTvj6PgV05BIRxh+j6/2T6UvcXTEC+1nT06Bio8UvmamEPjHqf7Ro0bUladed6y
NvaA2m0cN3RWWvjAQDqCkxpe8S1Ks+ySY6EuW9j21gTY+riKEo9GrztADoABkjM5
W06M9dT5NpTAvXLs+WiBdOnNgXPnVgaJhTaY8YPCsoBJUh6J4fWhZJec+2EQtAT4
p/MiMY+upCu7Z9Rs5fx/C3vNTPZJm3KzoF7nfBF7V+XVG/6hv2zBBPsF0nzN/BOC
vjiNuH4KF3LFt5syt72xmWvMbywsQGH0E1sp9hjIdvO8SrhqBQ1loMhVs1NnEp8Z
jVO0lLaINAyS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org