Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/l_TOzX-Hp--hwMLfpREt9SORXgM.roa
File: l_TOzX-Hp--hwMLfpREt9SORXgM.roa (raw, json)
Hash identifier: ZRd7gsGhUZtSEBY68oum7V+64U5iDWjFtcKG+WonXo0=
Subject key identifier: 97:F4:CE:CD:7F:87:A7:EF:A1:C0:C2:DF:A5:11:2D:F5:23:91:5E:03
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1D9F679F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/l_TOzX-Hp--hwMLfpREt9SORXgM.roa
Signing time: Tue 07 Jun 2022 19:32:02 +0000
ROA not before: Tue 07 Jun 2022 19:32:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209767
IP address blocks: 91.245.92.0/22 maxlen: 24
109.207.133.0/24 maxlen: 24
109.207.143.0/24 maxlen: 24
109.207.142.0/24 maxlen: 24
176.113.176.0/22 maxlen: 24
176.124.172.0/22 maxlen: 22
91.229.30.0/24 maxlen: 24
91.246.204.0/22 maxlen: 22
91.246.216.0/24 maxlen: 24
178.213.176.0/22 maxlen: 24
176.116.229.0/24 maxlen: 24
91.239.224.0/24 maxlen: 24
176.116.237.0/24 maxlen: 24
91.224.213.0/24 maxlen: 24
46.174.204.0/22 maxlen: 22
91.239.179.0/24 maxlen: 24
91.226.52.0/23 maxlen: 23
91.226.54.0/23 maxlen: 23
31.132.192.0/22 maxlen: 22
31.132.196.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 496986015 (0x1d9f679f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 7 19:32:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97f4cecd7f87a7efa1c0c2dfa5112df523915e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6f:d8:6e:2a:06:61:4b:a5:43:9c:dd:83:59:
72:aa:4c:59:45:fa:76:5d:01:64:c7:33:6b:ce:19:
d4:55:7a:b1:8b:b2:17:f7:7f:63:90:54:70:b5:ac:
a6:bc:e7:10:45:92:c5:70:e2:e8:56:b5:33:d0:80:
3d:da:c2:cc:1f:f2:4b:f0:d4:43:ac:a2:3b:29:4f:
74:61:f0:4a:89:88:33:b1:71:08:eb:2f:f0:83:4a:
a2:56:08:2c:5a:a7:b1:79:0d:2f:52:55:94:32:44:
49:ae:a1:ae:00:2b:ab:56:92:cf:fd:0c:18:02:32:
0a:81:b7:73:26:aa:93:9a:ac:72:e0:9e:0a:e1:2f:
2c:09:4b:81:f3:32:79:43:73:d4:62:5e:69:4f:c4:
a2:73:c7:93:0c:a8:b7:ce:78:5c:69:a3:d3:f9:2a:
66:83:d0:e5:41:e2:25:83:17:66:3c:e2:c6:3e:8a:
92:0e:20:db:c6:92:ef:4b:62:ba:51:dd:a0:9c:f8:
e8:65:3c:01:60:89:6a:2e:95:92:9e:f7:98:cd:aa:
0e:d0:41:de:0b:c4:39:5d:bc:7d:c2:d1:d9:f6:36:
00:f2:00:56:eb:07:35:6d:9e:3d:40:02:68:83:82:
49:1f:84:52:00:38:ee:58:62:93:79:d9:aa:cb:d4:
34:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F4:CE:CD:7F:87:A7:EF:A1:C0:C2:DF:A5:11:2D:F5:23:91:5E:03
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/l_TOzX-Hp--hwMLfpREt9SORXgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.192.0/21
46.174.204.0/22
91.224.213.0/24
91.226.52.0/22
91.229.30.0/24
91.239.179.0/24
91.239.224.0/24
91.245.92.0/22
91.246.204.0/22
91.246.216.0/24
109.207.133.0/24
109.207.142.0/23
176.113.176.0/22
176.116.229.0/24
176.116.237.0/24
176.124.172.0/22
178.213.176.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:44:1a:ae:e3:51:d7:7a:0c:e0:92:5d:09:d8:98:94:49:c0:
6b:1e:21:4c:26:e7:19:b2:f6:a3:c2:44:76:59:ce:5f:7b:82:
ed:a1:86:f0:dc:8c:59:bd:9f:6a:97:80:8e:01:a6:57:a2:6f:
1d:f1:14:9c:fd:ae:d9:d8:f9:38:df:c1:fb:02:25:88:f7:3f:
05:e2:04:7c:35:30:00:78:d3:29:ce:ed:f5:8b:37:e7:b4:54:
50:ed:7c:91:9e:40:4b:18:76:ca:82:a1:0c:af:fb:9b:e3:a8:
7c:66:4b:c1:2a:d9:8d:b9:9b:3d:dd:43:58:43:80:21:b7:f2:
e5:35:39:44:9d:91:02:6f:62:f6:00:2d:3c:13:63:32:ee:8e:
ab:62:5e:7b:11:9a:08:c3:48:36:e8:6a:6f:bf:06:80:fa:07:
02:dd:05:31:29:eb:a8:05:19:a7:b6:e9:67:ad:a9:a0:bf:48:
ee:9f:63:6c:ed:99:8e:45:5b:0a:71:fa:07:38:7a:de:d7:fb:
1b:c2:f9:28:a1:be:86:dd:fc:96:99:a3:0a:18:a0:9b:5b:99:
61:c5:3b:09:aa:b1:90:d8:ef:a1:ec:41:e4:22:28:76:df:e2:
69:0e:8c:26:3e:57:ae:eb:74:81:df:c8:fb:c0:15:89:67:5a:
02:1d:14:ca
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEHZ9nnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDYw
NzE5MzIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTdmNGNlY2Q3Zjg3
YTdlZmExYzBjMmRmYTUxMTJkZjUyMzkxNWUwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxv2G4qBmFLpUOc3YNZcqpMWUX6dl0BZMcza84Z1FV6sYuy
F/d/Y5BUcLWsprznEEWSxXDi6Fa1M9CAPdrCzB/yS/DUQ6yiOylPdGHwSomIM7Fx
COsv8INKolYILFqnsXkNL1JVlDJESa6hrgArq1aSz/0MGAIyCoG3cyaqk5qscuCe
CuEvLAlLgfMyeUNz1GJeaU/EonPHkwyot854XGmj0/kqZoPQ5UHiJYMXZjzixj6K
kg4g28aS70tiulHdoJz46GU8AWCJai6Vkp73mM2qDtBB3gvEOV28fcLR2fY2APIA
VusHNW2ePUACaIOCSR+EUgA47lhik3nZqsvUNJsCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBSX9M7Nf4en76HAwt+lES31I5FeAzAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L2xfVE96WC1IcC0taHdNTGZwUkV0OVNPUlhnTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAx+EwAMEAi6uzAMEAFvg1QMEAlvi
NAMEAFvlHgMEAFvvswMEAFvv4AMEAlv1XAMEAlv2zAMEAFv22AMEAG3PhQMEAW3P
jgMEArBxsAMEALB05QMEALB07QMEArB8rAMEArLVsDANBgkqhkiG9w0BAQsFAAOC
AQEApEQaruNR13oM4JJdCdiYlEnAax4hTCbnGbL2o8JEdlnOX3uC7aGG8NyMWb2f
apeAjgGmV6JvHfEUnP2u2dj5ON/B+wIliPc/BeIEfDUwAHjTKc7t9Ys357RUUO18
kZ5ASxh2yoKhDK/7m+OofGZLwSrZjbmbPd1DWEOAIbfy5TU5RJ2RAm9i9gAtPBNj
Mu6Oq2JeexGaCMNINuhqb78GgPoHAt0FMSnrqAUZp7bpZ62poL9I7p9jbO2ZjkVb
CnH6Bzh63tf7G8L5KKG+ht38lpmjChigm1uZYcU7CaqxkNjvoexB5CIodt/iaQ6M
Jj5Xrut0gd/I+8AViWdaAh0Uyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org