Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/msmC6ytHWW-CrD0j98QBL5oH67k.roa
File: msmC6ytHWW-CrD0j98QBL5oH67k.roa (raw, json)
Hash identifier: H9B4Bsm5OeSeJZJbii/Opdi88+7KLM9DhOtKt0mTTxk=
Subject key identifier: 9A:C9:82:EB:2B:47:59:6F:82:AC:3D:23:F7:C4:01:2F:9A:07:EB:B9
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01827E4D2CD1ACAC37176F25465834B2CE54
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/msmC6ytHWW-CrD0j98QBL5oH67k.roa
Signing time: Mon 08 Aug 2022 16:32:43 +0000
ROA not before: Mon 08 Aug 2022 16:32:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50835
IP address blocks: 91.193.30.0/23 maxlen: 23
81.161.48.0/22 maxlen: 22
91.246.192.0/22 maxlen: 24
77.36.57.0/24 maxlen: 24
176.113.180.0/22 maxlen: 22
77.36.60.0/24 maxlen: 24
77.36.65.0/24 maxlen: 24
91.246.203.0/24 maxlen: 24
176.110.112.0/23 maxlen: 23
91.246.217.0/24 maxlen: 24
81.161.8.0/22 maxlen: 22
192.162.184.0/23 maxlen: 23
37.97.120.0/24 maxlen: 24
37.97.121.0/24 maxlen: 24
91.232.56.0/23 maxlen: 23
193.36.220.0/22 maxlen: 22
194.33.66.0/23 maxlen: 23
64.43.120.0/22 maxlen: 24
91.233.200.0/24 maxlen: 24
176.115.236.0/22 maxlen: 24
193.36.203.0/24 maxlen: 24
109.207.129.0/24 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
91.229.18.0/23 maxlen: 23
91.200.132.0/24 maxlen: 24
91.200.134.0/23 maxlen: 23
176.121.108.0/23 maxlen: 24
176.121.110.0/23 maxlen: 24
176.116.228.0/24 maxlen: 24
91.238.39.0/24 maxlen: 24
91.239.222.0/23 maxlen: 23
176.116.236.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.224.212.0/24 maxlen: 24
91.232.226.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
91.236.76.0/24 maxlen: 24
46.173.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7e:4d:2c:d1:ac:ac:37:17:6f:25:46:58:34:b2:ce:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 8 16:32:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ac982eb2b47596f82ac3d23f7c4012f9a07ebb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cd:23:37:54:e6:b3:9c:10:ab:37:ec:eb:72:
ab:27:86:0b:2c:fa:54:67:3d:41:96:06:20:1c:bb:
63:fe:08:e4:34:9d:ac:49:f8:70:82:1a:01:4f:c6:
15:b3:7c:5a:fd:7b:75:75:fa:0b:e8:c3:75:93:51:
00:b5:b9:39:ae:c6:06:3b:98:8f:bc:ff:84:45:a7:
df:56:40:4f:8b:15:42:52:ac:08:fd:f8:ce:8f:ca:
8b:37:7c:69:3a:ce:96:ba:8c:c9:23:fa:a8:65:6b:
66:0e:8d:5e:89:20:30:01:7e:b4:86:e6:99:94:5c:
71:1c:a7:56:87:dd:a9:4e:0a:cd:d3:59:f7:2c:7b:
8f:7c:0b:ad:ac:61:0d:e5:44:2e:e6:c9:24:c5:c4:
08:da:11:65:f5:f0:73:b6:e8:6f:1e:8c:6a:aa:98:
dc:56:2d:6a:19:6d:24:26:d0:86:f5:36:2b:3e:e8:
25:70:25:d8:36:95:8d:8f:cf:7e:54:d1:25:7a:0e:
ef:ec:6a:fb:1b:81:3f:91:6e:d1:bc:c9:60:11:55:
d9:71:50:d1:8b:f8:d0:7f:32:34:68:b8:05:51:dd:
3c:7f:a1:f8:6e:64:4e:98:a0:82:46:76:18:c3:2c:
c1:73:65:10:0c:46:b5:4b:e1:6f:ee:bc:03:f9:79:
d8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C9:82:EB:2B:47:59:6F:82:AC:3D:23:F7:C4:01:2F:9A:07:EB:B9
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/msmC6ytHWW-CrD0j98QBL5oH67k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.120.0/23
46.173.248.0/22
46.173.254.0/23
64.43.120.0/22
77.36.57.0/24
77.36.60.0/24
77.36.65.0/24
81.161.8.0/22
81.161.48.0/22
91.193.30.0/23
91.200.132.0/24
91.200.134.0/23
91.224.212.0/24
91.229.18.0/23
91.232.56.0/23
91.232.226.0/24
91.233.200.0/24
91.236.76.0/24
91.238.39.0/24
91.239.222.0/23
91.239.226.0/24
91.246.192.0/22
91.246.203.0/24
91.246.217.0/24
109.207.129.0-109.207.130.255
109.207.132.0/24
176.96.94.0/24
176.110.112.0/23
176.113.180.0/22
176.115.236.0/22
176.116.228.0/24
176.116.236.0/24
176.121.108.0/22
192.162.184.0/23
193.36.203.0/24
193.36.220.0/22
194.33.66.0/23
Signature Algorithm: sha256WithRSAEncryption
57:5e:7a:37:a6:15:24:9d:3f:fc:65:7e:8d:40:76:28:2e:d2:
71:05:ac:72:9e:91:f7:89:a7:00:d7:d0:b0:8a:08:11:e6:96:
23:d3:00:90:4f:2e:b3:8b:be:a8:5e:e5:58:15:c9:c7:11:dc:
c3:a9:89:64:2c:d7:6b:ba:7e:cd:8d:81:e5:43:2f:ab:12:5b:
32:a2:4f:96:ed:f1:8b:f1:ae:9a:35:8a:44:39:b5:dd:3e:81:
3d:33:38:76:da:11:98:5f:fc:e1:3c:51:40:64:1c:d5:c8:1d:
5b:d5:ff:ff:eb:1c:ff:98:17:a6:cb:28:ab:9e:9f:aa:c4:ec:
86:c5:49:d3:39:e0:bb:d0:aa:81:0a:7d:07:99:f9:d9:12:52:
84:ec:ba:89:86:19:be:09:c9:52:ad:ba:d8:ad:19:36:7c:f4:
3f:09:17:db:b8:98:99:46:fa:6f:63:a5:d7:51:dc:c9:d5:b0:
74:30:34:7d:52:e2:fc:3c:50:aa:83:87:6f:3b:ff:22:34:c8:
f5:ed:fd:2a:56:f0:d7:1a:64:a4:7c:d9:78:4a:14:e4:bd:8a:
fc:d4:ef:95:1e:0a:4b:e4:0d:18:a4:be:92:14:01:03:d5:22:
d2:86:d2:c1:21:56:27:00:fe:ef:46:e1:b3:ea:e1:b5:97:28:
05:24:2d:94
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAYJ+TSzRrKw3F28lRlg0ss5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwODA4MTYzMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWM5ODJlYjJiNDc1OTZmODJhYzNkMjNmN2M0MDEyZjlhMDdlYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic0jN1Tms5wQqzfs63KrJ4YLLPpU
Zz1BlgYgHLtj/gjkNJ2sSfhwghoBT8YVs3xa/Xt1dfoL6MN1k1EAtbk5rsYGO5iP
vP+ERaffVkBPixVCUqwI/fjOj8qLN3xpOs6WuozJI/qoZWtmDo1eiSAwAX60huaZ
lFxxHKdWh92pTgrN01n3LHuPfAutrGEN5UQu5skkxcQI2hFl9fBztuhvHoxqqpjc
Vi1qGW0kJtCG9TYrPuglcCXYNpWNj89+VNEleg7v7Gr7G4E/kW7RvMlgEVXZcVDR
i/jQfzI0aLgFUd08f6H4bmROmKCCRnYYwyzBc2UQDEa1S+Fv7rwD+XnYywIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFJrJgusrR1lvgqw9I/fEAS+aB+u5MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvbXNtQzZ5dEhXVy1DckQwajk4UUJMNW9INjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQB
JWF4AwQCLq34AwQBLq3+AwQCQCt4AwQATSQ5AwQATSQ8AwQATSRBAwQCUaEIAwQC
UaEwAwQBW8EeAwQAW8iEAwQBW8iGAwQAW+DUAwQBW+USAwQBW+g4AwQAW+jiAwQA
W+nIAwQAW+xMAwQAW+4nAwQBW+/eAwQAW+/iAwQCW/bAAwQAW/bLAwQAW/bZMAwD
BABtz4EDBABtz4IDBABtz4QDBACwYF4DBAGwbnADBAKwcbQDBAKwc+wDBACwdOQD
BACwdOwDBAKweWwDBAHAorgDBADBJMsDBALBJNwDBAHCIUIwDQYJKoZIhvcNAQEL
BQADggEBAFdeejemFSSdP/xlfo1Adigu0nEFrHKekfeJpwDX0LCKCBHmliPTAJBP
LrOLvqhe5VgVyccR3MOpiWQs12u6fs2NgeVDL6sSWzKiT5bt8Yvxrpo1ikQ5td0+
gT0zOHbaEZhf/OE8UUBkHNXIHVvV///rHP+YF6bLKKuen6rE7IbFSdM54LvQqoEK
fQeZ+dkSUoTsuomGGb4JyVKtutitGTZ89D8JF9u4mJlG+m9jpddR3MnVsHQwNH1S
4vw8UKqDh287/yI0yPXt/SpW8NcaZKR82XhKFOS9ivzU75UeCkvkDRikvpIUAQPV
ItKG0sEhVicA/u9G4bPq4bWXKAUkLZQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org