Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/d1GOSifz5nMRnoTA7-iHY5timlg.roa
File: d1GOSifz5nMRnoTA7-iHY5timlg.roa (raw, json)
Hash identifier: ITESyzCQTGXc63VJFBlHu6PnzM6QDLDI23gY1mB4LEo=
Subject key identifier: 77:51:8E:4A:27:F3:E6:73:11:9E:84:C0:EF:E8:87:63:9B:62:9A:58
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1C839A8C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/d1GOSifz5nMRnoTA7-iHY5timlg.roa
Signing time: Tue 15 Mar 2022 15:45:25 +0000
ROA not before: Tue 15 Mar 2022 15:45:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3561
IP address blocks: 77.36.112.0/21 maxlen: 24
93.120.96.0/22 maxlen: 22
46.151.36.0/22 maxlen: 24
188.191.252.0/22 maxlen: 24
77.36.68.0/22 maxlen: 24
93.120.24.0/23 maxlen: 24
91.237.44.0/22 maxlen: 24
194.33.102.0/23 maxlen: 24
194.33.100.0/22 maxlen: 24
194.33.100.0/23 maxlen: 24
81.161.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 478386828 (0x1c839a8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 15 15:45:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77518e4a27f3e673119e84c0efe887639b629a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:57:ee:99:3d:41:1e:91:cd:e9:1e:21:31:bf:
4a:65:ab:9a:16:7c:c6:fc:31:6b:2a:be:f4:1e:f2:
a8:64:33:2f:49:6e:d7:81:38:ca:05:73:66:63:e3:
fc:b0:d7:e8:79:cd:0d:47:2e:6b:5e:4c:6d:ab:d2:
9b:35:13:36:25:48:74:a2:ca:8c:ff:f6:d1:03:aa:
fa:32:cc:b0:0d:0a:5f:24:8b:32:94:62:df:b6:27:
49:6b:32:0e:6f:49:82:05:eb:86:9a:2a:0e:3a:6d:
69:33:c4:7c:1e:35:56:c8:a4:6d:bd:a1:46:ef:25:
64:36:6e:d4:6d:eb:26:ea:c1:c1:f7:8e:7d:57:39:
7c:54:78:e5:d9:36:f4:33:ce:fe:79:d5:43:4f:67:
64:27:59:eb:2e:77:f1:aa:fa:62:6f:49:59:c2:1b:
ec:41:89:4a:ba:de:50:09:42:ec:b8:15:6f:b0:a0:
ab:07:ad:25:5c:47:86:55:78:7e:6b:29:0b:ad:38:
d6:0c:f3:d0:88:4a:91:75:9d:6f:b4:2b:a2:a1:39:
06:83:2d:88:c5:ed:13:9f:03:df:4d:ab:10:5c:e2:
c0:c7:32:d2:33:7e:f7:bc:4a:5c:c0:78:17:1b:f4:
e3:82:b6:c2:e6:33:f2:b4:be:7f:c5:4d:32:ee:0d:
e6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:51:8E:4A:27:F3:E6:73:11:9E:84:C0:EF:E8:87:63:9B:62:9A:58
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/d1GOSifz5nMRnoTA7-iHY5timlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.36.0/22
77.36.68.0/22
77.36.112.0/21
81.161.4.0/22
91.237.44.0/22
93.120.24.0/23
93.120.96.0/22
188.191.252.0/22
194.33.100.0/22
Signature Algorithm: sha256WithRSAEncryption
67:35:16:b0:b8:b8:9c:19:e9:09:0d:2f:f3:fc:ab:6a:4a:a9:
96:08:df:3c:13:ab:c0:a2:c5:d9:05:08:f8:1d:35:85:e3:35:
89:a2:82:82:46:87:b4:32:08:21:98:7c:df:4d:50:0b:ab:11:
80:24:2b:f4:6e:17:a0:56:2c:c5:cb:e5:60:7f:2f:1a:1f:d7:
03:7b:38:71:c2:2e:d6:95:c7:9b:87:12:d2:97:82:3c:57:09:
80:07:c6:6b:25:da:8b:4d:7b:3f:3b:1d:3f:aa:47:57:c9:b7:
13:b6:c7:33:fc:e7:7a:29:53:b5:80:3c:af:1b:ec:eb:18:0d:
c3:36:14:9e:9e:b1:09:1e:18:40:99:b7:26:72:9a:ea:1f:50:
47:62:73:a1:7e:16:97:8e:b1:9d:df:ca:de:38:21:fe:a4:63:
3e:75:48:f5:0f:ee:f8:80:a9:35:3c:7a:cc:d6:6b:57:d5:8f:
31:fc:b3:01:16:28:b0:af:57:b6:d0:e5:56:c3:1c:94:1c:80:
21:0c:2e:9d:93:00:42:59:07:76:41:9d:e0:ee:9f:8b:a5:23:
7d:17:2d:54:5b:fa:ac:9e:70:ed:2f:f7:36:bd:d9:a2:59:8e:
2b:8b:65:fe:dd:a7:60:68:d7:7e:78:69:b1:d8:e8:90:86:28:
c9:52:b2:c0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEHIOajDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDMx
NTE1NDUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc1MThlNGEyN2Yz
ZTY3MzExOWU4NGMwZWZlODg3NjM5YjYyOWE1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBX7pk9QR6RzekeITG/SmWrmhZ8xvwxayq+9B7yqGQzL0lu
14E4ygVzZmPj/LDX6HnNDUcua15MbavSmzUTNiVIdKLKjP/20QOq+jLMsA0KXySL
MpRi37YnSWsyDm9JggXrhpoqDjptaTPEfB41Vsikbb2hRu8lZDZu1G3rJurBwfeO
fVc5fFR45dk29DPO/nnVQ09nZCdZ6y538ar6Ym9JWcIb7EGJSrreUAlC7LgVb7Cg
qwetJVxHhlV4fmspC6041gzz0IhKkXWdb7QroqE5BoMtiMXtE58D302rEFziwMcy
0jN+97xKXMB4Fxv044K2wuYz8rS+f8VNMu4N5sECAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBR3UY5KJ/PmcxGehMDv6Idjm2KaWDAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L2QxR09TaWZ6NW5NUm5vVEE3LWlIWTV0aW1sZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAi6XJAMEAk0kRAMEA00kcAMEAlGh
BAMEAlvtLAMEAV14GAMEAl14YAMEAry//AMEAsIhZDANBgkqhkiG9w0BAQsFAAOC
AQEAZzUWsLi4nBnpCQ0v8/yrakqplgjfPBOrwKLF2QUI+B01heM1iaKCgkaHtDII
IZh8301QC6sRgCQr9G4XoFYsxcvlYH8vGh/XA3s4ccIu1pXHm4cS0peCPFcJgAfG
ayXai017PzsdP6pHV8m3E7bHM/zneilTtYA8rxvs6xgNwzYUnp6xCR4YQJm3JnKa
6h9QR2JzoX4Wl46xnd/K3jgh/qRjPnVI9Q/u+ICpNTx6zNZrV9WPMfyzARYosK9X
ttDlVsMclByAIQwunZMAQlkHdkGd4O6fi6UjfRctVFv6rJ5w7S/3Nr3ZolmOK4tl
/t2nYGjXfnhpsdjokIYoyVKywA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org