Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/aw8EPrJVnmsMXP186bGCkyQQCUY.roa
File: aw8EPrJVnmsMXP186bGCkyQQCUY.roa (raw, json)
Hash identifier: ZpzPFl1YmCmaYyl4wADAsTqivyBwUsDyxK1kTpQXRlE=
Subject key identifier: 6B:0F:04:3E:B2:55:9E:6B:0C:5C:FD:7C:E9:B1:82:93:24:10:09:46
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1C716868
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/aw8EPrJVnmsMXP186bGCkyQQCUY.roa
Signing time: Fri 11 Mar 2022 11:14:41 +0000
ROA not before: Fri 11 Mar 2022 11:14:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207743
IP address blocks: 91.239.225.0/24 maxlen: 24
64.43.77.0/24 maxlen: 24
64.43.78.0/23 maxlen: 23
109.207.134.0/23 maxlen: 23
176.96.92.0/23 maxlen: 23
64.43.96.0/23 maxlen: 23
64.43.98.0/23 maxlen: 23
176.118.206.0/23 maxlen: 23
93.120.26.0/24 maxlen: 24
93.120.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 477194344 (0x1c716868)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 11 11:14:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b0f043eb2559e6b0c5cfd7ce9b1829324100946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c0:7a:93:55:e4:b1:54:10:b0:94:6b:ff:a7:
2c:81:69:7f:f0:99:14:d2:7b:2f:0b:f8:d8:b6:eb:
0a:c3:bd:20:6c:53:3a:42:c5:a4:f6:9d:9c:28:66:
41:7a:fb:b2:65:dc:6a:3e:4f:e3:43:05:60:47:25:
95:04:c2:0c:6c:bd:21:f6:06:f9:8b:db:50:9e:6c:
88:81:08:6f:1c:da:2a:05:0e:d4:dd:c0:57:5e:a4:
54:9e:00:13:84:ef:e1:50:cd:e1:72:55:e7:8b:83:
29:d9:54:a7:39:4e:6e:0e:8c:58:ce:5d:d4:d2:1a:
8f:f2:7a:c7:14:b2:3c:dd:8b:12:b7:d3:22:cd:7c:
a7:54:34:f9:5a:3d:63:3b:76:43:8a:bf:04:d0:cc:
40:f0:93:1f:36:52:93:e2:29:76:bd:1e:02:35:66:
23:fb:70:87:d9:82:9b:67:56:01:f9:23:bb:e1:a7:
82:99:77:18:92:88:9e:cd:df:8d:9c:84:b3:a6:07:
22:6e:e1:94:2b:2d:d1:e7:57:55:61:61:3a:70:73:
47:54:5c:a4:61:c1:29:cc:1b:37:ea:d9:54:ab:43:
5c:d7:8c:81:c9:35:58:55:4f:d7:9e:9b:6a:50:0b:
ae:c2:40:11:23:5c:3b:b9:33:ec:1f:64:1c:f0:1d:
a6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:0F:04:3E:B2:55:9E:6B:0C:5C:FD:7C:E9:B1:82:93:24:10:09:46
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/aw8EPrJVnmsMXP186bGCkyQQCUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.77.0-64.43.79.255
64.43.96.0/22
91.239.225.0/24
93.120.26.0/24
93.120.32.0/24
109.207.134.0/23
176.96.92.0/23
176.118.206.0/23
Signature Algorithm: sha256WithRSAEncryption
48:91:96:a4:54:8a:4b:57:df:5f:ba:c4:7d:99:1b:73:51:97:
62:88:55:68:6b:f6:65:ed:16:75:aa:ef:9f:06:08:d5:bf:65:
30:db:d4:c5:d2:3f:62:fa:91:08:7a:28:7d:bf:ba:76:65:cd:
fc:87:61:0f:89:4c:91:ec:f5:98:cb:2e:e0:46:85:2f:6d:74:
5c:69:4b:78:c7:b9:62:24:2d:21:dc:17:fe:46:56:14:99:df:
78:f8:72:f3:d9:65:a8:48:8b:2b:2b:67:4b:ba:4c:63:ee:0f:
ba:2a:59:8a:a2:32:a1:a1:03:91:6c:47:e8:dc:eb:e3:9a:11:
51:3b:aa:8c:0d:5c:27:7b:cf:fb:e5:dc:98:2b:1c:9b:3a:69:
e6:db:d6:59:97:2f:aa:20:59:b7:79:85:4b:3d:f3:d6:9c:51:
4b:24:cb:82:ea:04:b8:17:d6:3b:c9:df:83:83:23:31:99:1f:
b2:58:77:58:ff:cf:c5:fb:b5:f5:e2:07:db:a2:41:0e:5d:36:
d2:a4:24:d2:7a:14:86:83:e0:55:e2:be:39:11:cd:81:39:47:
57:ee:0b:78:db:26:44:a5:72:dd:4c:ee:f7:2f:ea:ed:0b:5a:
21:5c:db:2e:2c:e1:34:33:57:a2:d7:8f:61:44:aa:be:c8:33:
dd:b3:24:e0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEHHFoaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDMx
MTExMTQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmIwZjA0M2ViMjU1
OWU2YjBjNWNmZDdjZTliMTgyOTMyNDEwMDk0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfAepNV5LFUELCUa/+nLIFpf/CZFNJ7Lwv42LbrCsO9IGxT
OkLFpPadnChmQXr7smXcaj5P40MFYEcllQTCDGy9IfYG+YvbUJ5siIEIbxzaKgUO
1N3AV16kVJ4AE4Tv4VDN4XJV54uDKdlUpzlObg6MWM5d1NIaj/J6xxSyPN2LErfT
Is18p1Q0+Vo9Yzt2Q4q/BNDMQPCTHzZSk+Ipdr0eAjVmI/twh9mCm2dWAfkju+Gn
gpl3GJKIns3fjZyEs6YHIm7hlCst0edXVWFhOnBzR1RcpGHBKcwbN+rZVKtDXNeM
gck1WFVP156balALrsJAESNcO7kz7B9kHPAdpvUCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBRrDwQ+slWeawxc/XzpsYKTJBAJRjAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L2F3OEVQckpWbm1zTVhQMTg2YkdDa3lRUUNVWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwODAMAwQAQCtNAwQEQCtAAwQCQCtgAwQA
W+/hAwQAXXgaAwQAXXggAwQBbc+GAwQBsGBcAwQBsHbOMA0GCSqGSIb3DQEBCwUA
A4IBAQBIkZakVIpLV99fusR9mRtzUZdiiFVoa/Zl7RZ1qu+fBgjVv2Uw29TF0j9i
+pEIeih9v7p2Zc38h2EPiUyR7PWYyy7gRoUvbXRcaUt4x7liJC0h3Bf+RlYUmd94
+HLz2WWoSIsrK2dLukxj7g+6KlmKojKhoQORbEfo3OvjmhFRO6qMDVwne8/75dyY
KxybOmnm29ZZly+qIFm3eYVLPfPWnFFLJMuC6gS4F9Y7yd+DgyMxmR+yWHdY/8/F
+7X14gfbokEOXTbSpCTSehSGg+BV4r45Ec2BOUdX7gt42yZEpXLdTO73L+rtC1oh
XNsuLOE0M1ei149hRKq+yDPdsyTg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org