Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/opT7WvA0PWqN2KWoRqzBz-xrmAw.roa
File: opT7WvA0PWqN2KWoRqzBz-xrmAw.roa (raw, json)
Hash identifier: RUH3UmbEKTplAyGEoUda1S1chWDI8OWyyE0j6ueGfTw=
Subject key identifier: A2:94:FB:5A:F0:34:3D:6A:8D:D8:A5:A8:46:AC:C1:CF:EC:6B:98:0C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1BA6052A
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/opT7WvA0PWqN2KWoRqzBz-xrmAw.roa
Signing time: Sat 01 Jan 2022 05:03:46 +0000
ROA not before: Sat 01 Jan 2022 05:03:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206150
IP address blocks: 91.245.90.0/23 maxlen: 23
176.103.121.0/24 maxlen: 24
176.103.120.0/24 maxlen: 24
64.43.75.0/24 maxlen: 24
64.43.74.0/24 maxlen: 24
91.234.120.0/24 maxlen: 24
91.234.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 463865130 (0x1ba6052a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:03:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a294fb5af0343d6a8dd8a5a846acc1cfec6b980c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7b:a5:86:a9:d3:8f:60:a8:7e:83:85:98:e3:
4f:3a:90:3f:38:0c:f9:c9:f6:fe:f8:3a:a9:a4:7e:
5f:18:21:97:bc:f3:ce:5c:77:5e:11:87:e3:5d:93:
da:be:ff:8c:13:ef:ed:76:ee:a9:c2:95:57:22:56:
3c:ec:34:0d:24:55:1d:03:70:d7:52:6a:71:53:90:
ea:b1:93:79:ea:5e:23:6c:bc:99:1c:52:d0:d3:e0:
8b:3d:1c:f5:d9:9d:82:45:f8:49:6f:5d:d3:09:6b:
e5:95:01:7f:4d:38:99:f8:46:b1:ef:e4:d5:ed:3d:
59:70:4d:ef:e8:61:d5:64:a8:57:21:c1:eb:80:07:
f9:2e:5a:cb:03:ca:0a:01:fb:04:a4:5d:0b:bb:f9:
d0:63:6b:89:06:25:85:06:b4:59:93:4b:8f:4e:ce:
f6:e8:29:d2:da:df:35:19:c8:ef:cf:79:ad:34:46:
b4:06:4c:13:09:5e:a6:29:00:cf:56:ed:58:ac:c4:
63:83:3c:ce:65:3b:e7:54:08:ee:1b:a1:14:3e:2f:
ae:c6:8c:5c:51:d8:fa:f0:53:5a:d4:22:89:d5:93:
38:bd:eb:5c:35:bb:32:41:5c:0b:e3:a6:9b:c0:72:
95:e7:97:d7:89:23:7f:a1:af:40:47:90:da:4c:c3:
27:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:94:FB:5A:F0:34:3D:6A:8D:D8:A5:A8:46:AC:C1:CF:EC:6B:98:0C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/opT7WvA0PWqN2KWoRqzBz-xrmAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.74.0/23
91.234.120.0/23
91.245.90.0/23
176.103.120.0/23
Signature Algorithm: sha256WithRSAEncryption
78:2e:c5:66:0c:f1:62:54:6a:af:d5:38:d6:0d:b6:27:e0:8f:
93:3d:45:6b:01:37:7a:e9:6b:a7:91:39:0b:bf:90:23:92:a9:
f9:02:ab:9a:be:18:d9:d6:6d:cb:3e:f4:ba:b9:0a:b6:8e:cb:
48:67:56:68:80:82:20:0f:df:60:c6:bd:8d:3f:b0:10:f4:2a:
00:ad:d6:73:20:e3:e5:df:fa:52:5d:c4:95:48:e7:56:4f:aa:
95:61:e6:98:7d:ba:1b:ef:e0:6a:c6:8b:e5:7d:79:28:d1:ee:
dd:f3:29:4c:82:8a:a1:a9:e1:f4:5b:84:5b:22:61:83:9b:31:
1d:21:b5:7e:a7:58:d4:b5:9f:96:b4:56:5f:5e:6a:84:d5:ad:
c4:be:70:91:25:86:a3:cc:0a:d5:4b:1f:7c:2e:b4:f7:ab:d0:
a6:cd:d8:50:19:8c:95:5d:e6:e9:09:03:6b:85:e2:8a:fe:de:
71:79:32:c4:ea:f6:88:81:d1:91:4e:3b:43:e5:90:7a:57:4d:
1d:1e:bf:51:fe:5e:4e:32:b3:7c:56:33:24:80:7e:fb:09:9c:
b8:f5:b8:16:95:1a:b5:03:a5:59:de:c4:01:0e:a0:7a:4f:03:
55:8a:05:48:61:3e:43:bd:4d:70:32:b1:93:b0:60:0a:01:bb:
17:a7:04:ad
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEG6YFKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDEw
MTA1MDM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI5NGZiNWFmMDM0
M2Q2YThkZDhhNWE4NDZhY2MxY2ZlYzZiOTgwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALh7pYap049gqH6DhZjjTzqQPzgM+cn2/vg6qaR+Xxghl7zz
zlx3XhGH412T2r7/jBPv7XbuqcKVVyJWPOw0DSRVHQNw11JqcVOQ6rGTeepeI2y8
mRxS0NPgiz0c9dmdgkX4SW9d0wlr5ZUBf004mfhGse/k1e09WXBN7+hh1WSoVyHB
64AH+S5aywPKCgH7BKRdC7v50GNriQYlhQa0WZNLj07O9ugp0trfNRnI7895rTRG
tAZMEwlepikAz1btWKzEY4M8zmU751QI7huhFD4vrsaMXFHY+vBTWtQiidWTOL3r
XDW7MkFcC+Omm8ByleeX14kjf6GvQEeQ2kzDJ1sCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSilPta8DQ9ao3YpahGrMHP7GuYDDAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L29wVDdXdkEwUFdxTjJLV29ScXpCei14cm1Bdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAUArSgMEAVvqeAMEAVv1WgMEAbBn
eDANBgkqhkiG9w0BAQsFAAOCAQEAeC7FZgzxYlRqr9U41g22J+CPkz1FawE3eulr
p5E5C7+QI5Kp+QKrmr4Y2dZtyz70urkKto7LSGdWaICCIA/fYMa9jT+wEPQqAK3W
cyDj5d/6Ul3ElUjnVk+qlWHmmH26G+/gasaL5X15KNHu3fMpTIKKoanh9FuEWyJh
g5sxHSG1fqdY1LWflrRWX15qhNWtxL5wkSWGo8wK1UsffC6096vQps3YUBmMlV3m
6QkDa4Xiiv7ecXkyxOr2iIHRkU47Q+WQeldNHR6/Uf5eTjKzfFYzJIB++wmcuPW4
FpUatQOlWd7EAQ6gek8DVYoFSGE+Q71NcDKxk7BgCgG7F6cErQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org