Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ipVgxixYz7yvt2E84p2segkxOBo.roa
File: ipVgxixYz7yvt2E84p2segkxOBo.roa (raw, json)
Hash identifier: b984tV99iHYbLkI7+uNTsp/uaMrLeTqOe9+xMXkOTo8=
Subject key identifier: 8A:95:60:C6:2C:58:CF:BC:AF:B7:61:3C:E2:9D:AC:7A:09:31:38:1A
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1D2EA73D
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ipVgxixYz7yvt2E84p2segkxOBo.roa
Signing time: Fri 06 May 2022 13:41:42 +0000
ROA not before: Fri 06 May 2022 13:41:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6282
IP address blocks: 77.36.24.0/22 maxlen: 22
93.120.0.0/21 maxlen: 21
64.43.100.0/22 maxlen: 22
64.43.108.0/22 maxlen: 22
64.43.112.0/22 maxlen: 22
64.43.124.0/22 maxlen: 22
193.36.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 489596733 (0x1d2ea73d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 6 13:41:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a9560c62c58cfbcafb7613ce29dac7a0931381a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f5:65:42:0e:7c:13:a2:43:f6:bc:cd:3d:fc:
90:ba:16:51:43:fa:a6:dd:55:f9:f7:8a:da:9a:75:
b5:07:ae:21:ef:cf:6e:0a:cc:30:cf:6d:51:36:8d:
86:45:a5:c0:91:af:97:8e:6b:ed:bb:16:46:ff:49:
8c:b6:fd:d5:0a:ee:f9:7f:f1:a8:5f:88:5a:ae:41:
02:c3:1b:33:44:97:31:fe:e9:e1:2b:96:7b:c3:5c:
e3:a1:a4:49:23:89:04:0b:a5:6e:b7:3b:48:7a:a7:
e8:44:62:04:c5:d3:5a:0c:f5:2d:1e:bd:6a:b5:05:
f0:2d:9c:88:0f:c7:06:c8:8f:ca:90:32:1d:22:90:
e2:1b:b6:f9:fc:38:08:31:bb:e7:5b:a9:07:84:74:
05:bb:2c:81:77:cf:28:8c:83:26:10:8c:77:56:f5:
0b:d7:84:92:ab:f3:11:92:2e:ee:bd:79:42:f0:ad:
b6:e3:06:6d:46:e2:59:f6:bb:5e:84:d5:be:48:b0:
60:19:cd:aa:12:c2:b9:9a:68:8b:5b:f6:7f:b5:b9:
19:cf:05:22:23:42:92:51:20:cd:88:b8:a0:8f:33:
51:69:07:46:b4:a1:5a:75:0d:62:e3:39:e6:58:7f:
a4:c6:56:04:b7:93:5b:c8:a8:dd:50:bb:f9:c4:26:
f5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:95:60:C6:2C:58:CF:BC:AF:B7:61:3C:E2:9D:AC:7A:09:31:38:1A
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ipVgxixYz7yvt2E84p2segkxOBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.100.0/22
64.43.108.0-64.43.115.255
64.43.124.0/22
77.36.24.0/22
93.120.0.0/21
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:38:bb:6d:fc:e5:bc:ab:5d:07:b4:ee:fc:f8:0a:16:32:ee:
3e:88:29:16:f3:a0:7f:e4:85:37:fc:d3:96:72:23:4c:63:68:
bb:37:2e:c9:d6:65:53:50:a8:b5:6b:b9:fd:0c:d4:cf:99:20:
95:04:e2:a6:81:12:c5:7a:03:3f:b1:ea:0f:43:01:ce:38:74:
7d:de:41:53:65:b5:08:47:7b:13:5c:a6:3f:ca:b5:01:cd:13:
8f:cc:1e:77:76:86:70:3e:11:83:20:f9:52:c3:39:f7:38:b2:
f7:ce:9b:d7:b6:91:6f:92:bc:76:d8:00:0a:29:5e:41:ae:67:
2b:38:7d:d8:81:90:07:7e:a2:f9:83:04:7a:ca:ab:4e:43:74:
d7:ce:49:a7:13:be:f0:49:63:d7:72:b6:31:98:64:9e:7e:13:
b7:0a:eb:5a:00:3b:2e:83:c1:ab:c3:9c:a8:63:5c:98:68:d3:
75:de:8f:a1:19:75:c9:44:33:b2:be:38:83:56:80:47:60:ba:
42:b0:4e:12:f7:48:7c:8c:0d:f1:5f:36:c7:79:60:de:2a:64:
1f:53:1d:67:a8:9d:b4:cd:6c:1a:7a:11:28:18:82:86:99:ec:
8b:b8:db:39:90:d2:5b:6a:34:ae:ba:0e:fc:28:fc:9a:a5:49:
2c:a4:2f:41
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEHS6nPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDUw
NjEzNDE0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE5NTYwYzYyYzU4
Y2ZiY2FmYjc2MTNjZTI5ZGFjN2EwOTMxMzgxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALH1ZUIOfBOiQ/a8zT38kLoWUUP6pt1V+feK2pp1tQeuIe/P
bgrMMM9tUTaNhkWlwJGvl45r7bsWRv9JjLb91Qru+X/xqF+IWq5BAsMbM0SXMf7p
4SuWe8Nc46GkSSOJBAulbrc7SHqn6ERiBMXTWgz1LR69arUF8C2ciA/HBsiPypAy
HSKQ4hu2+fw4CDG751upB4R0BbssgXfPKIyDJhCMd1b1C9eEkqvzEZIu7r15QvCt
tuMGbUbiWfa7XoTVvkiwYBnNqhLCuZpoi1v2f7W5Gc8FIiNCklEgzYi4oI8zUWkH
RrShWnUNYuM55lh/pMZWBLeTW8io3VC7+cQm9b0CAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBSKlWDGLFjPvK+3YTzinax6CTE4GjAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L2lwVmd4aXhZejd5dnQyRTg0cDJzZWdreE9Cby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAkArZDAMAwQCQCtsAwQCQCtwAwQC
QCt8AwQCTSQYAwQDXXgAAwQCwSTMMA0GCSqGSIb3DQEBCwUAA4IBAQAOOLtt/OW8
q10HtO78+AoWMu4+iCkW86B/5IU3/NOWciNMY2i7Ny7J1mVTUKi1a7n9DNTPmSCV
BOKmgRLFegM/seoPQwHOOHR93kFTZbUIR3sTXKY/yrUBzROPzB53doZwPhGDIPlS
wzn3OLL3zpvXtpFvkrx22AAKKV5BrmcrOH3YgZAHfqL5gwR6yqtOQ3TXzkmnE77w
SWPXcrYxmGSefhO3CutaADsug8Grw5yoY1yYaNN13o+hGXXJRDOyvjiDVoBHYLpC
sE4S90h8jA3xXzbHeWDeKmQfUx1nqJ20zWwaehEoGIKGmeyLuNs5kNJbajSuug78
KPyapUkspC9B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org