Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/aLxuILm6TyJUOqAHhCd_PiNGyFA.roa
File: aLxuILm6TyJUOqAHhCd_PiNGyFA.roa (raw, json)
Hash identifier: j0Z8WboMTi5j1pR9fpaWoQJ69gY7PbInDsipC30Hf88=
Subject key identifier: 68:BC:6E:20:B9:BA:4F:22:54:3A:A0:07:84:27:7F:3E:23:46:C8:50
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018264FC8FDC47009183B6CCE3048FAADBA9
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/aLxuILm6TyJUOqAHhCd_PiNGyFA.roa
Signing time: Wed 03 Aug 2022 18:34:09 +0000
ROA not before: Wed 03 Aug 2022 18:34:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34744
IP address blocks: 109.197.232.0/22 maxlen: 22
109.197.236.0/22 maxlen: 22
77.36.64.0/19 maxlen: 19
77.36.64.0/24 maxlen: 24
31.133.28.0/22 maxlen: 22
77.36.0.0/18 maxlen: 18
77.36.16.0/21 maxlen: 21
91.246.172.0/22 maxlen: 22
77.232.216.0/22 maxlen: 22
176.111.164.0/22 maxlen: 22
176.115.232.0/22 maxlen: 22
93.120.47.0/24 maxlen: 24
2a01:7d8::/48 maxlen: 48
2a01:7d8:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:64:fc:8f:dc:47:00:91:83:b6:cc:e3:04:8f:aa:db:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 3 18:34:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68bc6e20b9ba4f22543aa00784277f3e2346c850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a9:88:5a:48:87:c9:dd:60:6c:e5:14:8c:87:
f8:72:5d:dd:c0:b6:fd:b9:ac:1b:02:a3:a2:a2:7c:
28:02:4b:4e:e2:ae:d4:2e:1b:04:46:d2:fd:cf:91:
41:23:60:b3:ad:1f:df:4d:af:e3:67:66:8f:59:1c:
d9:b7:8a:c7:34:7a:02:7f:77:1b:ae:63:81:b1:81:
d5:d9:f6:72:cf:54:a3:f8:2e:ed:bf:7f:c8:3f:b1:
53:da:33:22:58:56:52:d0:cc:43:94:98:f1:9d:cd:
21:10:0e:aa:0e:ac:aa:dc:17:c7:81:8e:cd:00:b5:
28:e4:ce:d3:31:ff:be:fd:2a:f6:3d:9d:ae:93:9f:
2e:94:0e:63:0e:5f:28:18:36:cb:12:ed:23:b8:ca:
06:df:bf:5e:e2:25:74:9f:d1:4d:50:ff:4a:3b:3a:
a4:89:20:49:eb:61:d6:66:d1:66:e6:b3:90:02:98:
52:fc:f5:4a:93:f5:ed:fa:69:48:7b:be:a2:e0:7d:
8d:07:b9:02:43:2a:00:59:8b:10:46:98:b3:b0:e3:
51:89:50:97:50:f5:4d:b4:0b:1b:d4:03:da:72:eb:
2a:dc:96:a5:c0:bc:cd:2c:af:1d:31:d5:6b:40:08:
9f:ab:25:4d:95:2c:df:72:16:0a:20:9f:ab:8e:1d:
fd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BC:6E:20:B9:BA:4F:22:54:3A:A0:07:84:27:7F:3E:23:46:C8:50
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/aLxuILm6TyJUOqAHhCd_PiNGyFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.28.0/22
77.36.0.0-77.36.95.255
77.232.216.0/22
91.246.172.0/22
93.120.47.0/24
109.197.232.0/21
176.111.164.0/22
176.115.232.0/22
IPv6:
2a01:7d8::/47
Signature Algorithm: sha256WithRSAEncryption
16:b2:ca:56:e8:7e:7c:02:9e:68:9f:4c:fe:d7:f7:7e:94:07:
a3:c1:0a:8b:53:e9:0e:49:26:07:bf:65:5b:ed:04:75:a9:33:
a8:08:3b:8e:5c:99:e7:c1:43:bd:ee:8f:af:5f:2d:5b:3e:e6:
bb:77:e1:5f:4d:86:7e:e1:69:8b:81:1e:f4:1d:18:d3:c1:c1:
69:cc:63:99:6f:5a:47:d4:33:fd:5e:65:3a:8a:96:77:e1:4f:
47:3f:05:05:21:34:4e:10:b0:e2:7a:b6:1b:6a:64:98:9f:93:
53:dc:d7:52:86:d6:19:c6:97:d1:bb:d9:79:ab:5b:1e:39:1a:
4c:b6:63:d6:b7:6d:2d:18:11:df:00:31:a2:f3:29:06:cc:13:
b4:b8:27:c6:7f:47:64:50:51:3b:ec:bd:9d:59:61:ca:9d:0f:
c7:87:f7:3c:5f:52:f7:d4:4e:ab:ff:f2:c7:69:d1:7e:79:8e:
25:66:29:94:f6:0f:3a:52:5a:63:48:33:66:2c:2c:0d:22:91:
1b:c0:ad:c1:4d:f4:2c:6a:e4:8e:26:02:17:27:d6:a9:1a:ee:
d9:0d:7a:72:48:cf:25:ea:b2:83:85:df:55:d0:20:bd:c3:80:
9f:8e:93:ac:c2:4c:00:fc:11:55:33:13:4c:ac:b5:3d:2e:eb:
e7:48:4e:0a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYJk/I/cRwCRg7bM4wSPqtupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwODAzMTgzNDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJjNmUyMGI5YmE0ZjIyNTQzYWEwMDc4NDI3N2YzZTIzNDZjODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKmIWkiHyd1gbOUUjIf4cl3dwLb9
uawbAqOionwoAktO4q7ULhsERtL9z5FBI2CzrR/fTa/jZ2aPWRzZt4rHNHoCf3cb
rmOBsYHV2fZyz1Sj+C7tv3/IP7FT2jMiWFZS0MxDlJjxnc0hEA6qDqyq3BfHgY7N
ALUo5M7TMf++/Sr2PZ2uk58ulA5jDl8oGDbLEu0juMoG379e4iV0n9FNUP9KOzqk
iSBJ62HWZtFm5rOQAphS/PVKk/Xt+mlIe76i4H2NB7kCQyoAWYsQRpizsONRiVCX
UPVNtAsb1APacusq3JalwLzNLK8dMdVrQAifqyVNlSzfchYKIJ+rjh39qQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGi8biC5uk8iVDqgB4Qnfz4jRshQMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvYUx4dUlMbTZUeUpVT3FBSGhDZF9QaU5HeUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA9BAIAATA3AwQCH4UcMAsD
AwJNJAMEBU0kQAMEAk3o2AMEAlv2rAMEAF14LwMEA23F6AMEArBvpAMEArBz6DAP
BAIAAjAJAwcBKgEH2AAAMA0GCSqGSIb3DQEBCwUAA4IBAQAWsspW6H58Ap5on0z+
1/d+lAejwQqLU+kOSSYHv2Vb7QR1qTOoCDuOXJnnwUO97o+vXy1bPua7d+FfTYZ+
4WmLgR70HRjTwcFpzGOZb1pH1DP9XmU6ipZ34U9HPwUFITROELDierYbamSYn5NT
3NdShtYZxpfRu9l5q1seORpMtmPWt20tGBHfADGi8ykGzBO0uCfGf0dkUFE77L2d
WWHKnQ/Hh/c8X1L31E6r//LHadF+eY4lZimU9g86UlpjSDNmLCwNIpEbwK3BTfQs
auSOJgIXJ9apGu7ZDXpySM8l6rKDhd9V0CC9w4CfjpOswkwA/BFVMxNMrLU9Luvn
SE4K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org