Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/kiR3wcWllArsXibtjmfXn_mkYxU.roa
File: kiR3wcWllArsXibtjmfXn_mkYxU.roa (raw, json)
Hash identifier: dENp213vc9Mqrup+1ngOcmV50u1Vxpu9dYQD0AJN+TM=
Subject key identifier: 92:24:77:C1:C5:A5:94:0A:EC:5E:26:ED:8E:67:D7:9F:F9:A4:63:15
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1C2C3698
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/kiR3wcWllArsXibtjmfXn_mkYxU.roa
Signing time: Mon 21 Feb 2022 14:06:51 +0000
ROA not before: Mon 21 Feb 2022 14:06:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57217
IP address blocks: 193.36.216.0/22 maxlen: 22
176.116.224.0/22 maxlen: 22
176.107.64.0/21 maxlen: 21
91.237.91.0/24 maxlen: 24
176.121.32.0/21 maxlen: 21
176.121.40.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 472659608 (0x1c2c3698)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Feb 21 14:06:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=922477c1c5a5940aec5e26ed8e67d79ff9a46315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:97:fa:1a:f4:c2:b0:1e:45:fb:0c:07:f1:d3:
4c:07:cf:eb:39:60:37:e8:d1:c7:9f:4d:63:22:85:
6c:48:62:c0:78:aa:ae:76:8d:8e:5c:7a:0a:e7:85:
34:1e:a7:75:5a:67:80:a1:8f:0d:cd:0e:5c:a4:aa:
24:87:1f:12:41:7b:98:12:8d:62:98:1b:64:15:fc:
4b:e7:31:59:d8:9b:24:dd:38:81:0e:4a:9b:14:0b:
06:e6:cd:8f:7c:bf:98:bf:95:7b:58:17:5d:d7:49:
5b:40:90:5a:7c:be:0e:35:68:ca:73:14:5a:7a:b5:
02:cd:59:bd:43:e0:31:52:f8:56:0f:b1:66:21:e5:
71:2e:16:5e:5c:57:b8:4e:c8:1d:8f:19:b6:71:de:
b5:73:1e:b6:0f:70:a3:79:48:cf:ed:66:5e:3b:7c:
a6:01:8e:1f:c2:2e:17:51:e9:08:42:fb:4e:3f:2b:
df:3e:30:fe:e2:97:88:ed:cf:48:99:ec:68:7e:d1:
ff:db:d4:39:37:76:f0:ab:7a:6a:74:bc:cd:93:0d:
c5:84:0d:83:bd:50:f7:dd:cb:91:52:cb:04:3d:f4:
1e:e7:94:1b:f9:b3:58:cc:45:26:83:3f:22:46:e0:
ca:d2:09:ea:12:fd:81:d4:ed:83:83:4e:c2:10:b0:
d8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:24:77:C1:C5:A5:94:0A:EC:5E:26:ED:8E:67:D7:9F:F9:A4:63:15
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/kiR3wcWllArsXibtjmfXn_mkYxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.91.0/24
176.107.64.0/21
176.116.224.0/22
176.121.32.0/20
193.36.216.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:8d:9b:0d:11:5a:82:8c:e7:6e:63:4b:99:7e:9d:c2:95:ce:
85:d5:d2:c9:61:30:6a:7d:5f:9b:b6:05:2b:3d:59:45:af:53:
63:08:c9:bb:3e:14:3c:02:2e:e9:f7:79:fb:cf:66:d1:d4:48:
98:4c:b7:33:35:76:df:ce:5a:a8:50:09:d7:f2:a5:43:d5:40:
bc:a9:71:65:9c:d9:69:ae:d2:74:a5:8e:44:c3:15:c3:d1:89:
d5:9b:42:21:e0:32:a3:05:1b:36:79:fb:5f:5f:3b:b1:bd:c9:
e1:57:83:ce:79:7c:7a:4a:20:25:17:cd:16:69:2a:a1:c1:4d:
ea:45:c8:7d:7f:3b:f6:80:0c:04:9c:f0:a6:22:11:ce:5b:94:
64:32:4c:05:49:7a:0f:be:27:de:2d:76:c3:64:c1:62:00:36:
b7:37:c9:e1:bd:59:b5:9b:81:7a:da:aa:d9:b4:b8:86:9e:71:
ee:62:11:d8:d4:f5:e5:32:25:1c:c1:19:39:a4:a8:f0:95:d2:
79:50:54:ed:1c:4e:75:b8:f3:5c:04:2d:94:20:8c:e4:4d:0e:
70:39:36:d1:23:2f:e8:e2:ed:bb:ac:a1:0a:d2:2c:4a:7a:06:
d5:7b:ef:da:ee:ea:9b:94:3c:0d:89:6c:a9:ed:8f:15:97:3e:
d9:d8:70:08
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEHCw2mDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDIy
MTE0MDY1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIyNDc3YzFjNWE1
OTQwYWVjNWUyNmVkOGU2N2Q3OWZmOWE0NjMxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqX+hr0wrAeRfsMB/HTTAfP6zlgN+jRx59NYyKFbEhiwHiq
rnaNjlx6CueFNB6ndVpngKGPDc0OXKSqJIcfEkF7mBKNYpgbZBX8S+cxWdibJN04
gQ5KmxQLBubNj3y/mL+Ve1gXXddJW0CQWny+DjVoynMUWnq1As1ZvUPgMVL4Vg+x
ZiHlcS4WXlxXuE7IHY8ZtnHetXMetg9wo3lIz+1mXjt8pgGOH8IuF1HpCEL7Tj8r
3z4w/uKXiO3PSJnsaH7R/9vUOTd28Kt6anS8zZMNxYQNg71Q993LkVLLBD30HueU
G/mzWMxFJoM/IkbgytIJ6hL9gdTtg4NOwhCw2PECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSSJHfBxaWUCuxeJu2OZ9ef+aRjFTAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L2tpUjN3Y1dsbEFyc1hpYnRqbWZYbl9ta1l4VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFvtWwMEA7BrQAMEArB04AMEBLB5
IAMEAsEk2DANBgkqhkiG9w0BAQsFAAOCAQEAnI2bDRFagoznbmNLmX6dwpXOhdXS
yWEwan1fm7YFKz1ZRa9TYwjJuz4UPAIu6fd5+89m0dRImEy3MzV2385aqFAJ1/Kl
Q9VAvKlxZZzZaa7SdKWORMMVw9GJ1ZtCIeAyowUbNnn7X187sb3J4VeDznl8ekog
JRfNFmkqocFN6kXIfX879oAMBJzwpiIRzluUZDJMBUl6D74n3i12w2TBYgA2tzfJ
4b1ZtZuBetqq2bS4hp5x7mIR2NT15TIlHMEZOaSo8JXSeVBU7RxOdbjzXAQtlCCM
5E0OcDk20SMv6OLtu6yhCtIsSnoG1Xvv2u7qm5Q8DYlsqe2PFZc+2dhwCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org