Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pN6pDYw65kbk0t8vrwMDZCj_JpE.roa
File: pN6pDYw65kbk0t8vrwMDZCj_JpE.roa (raw, json)
Hash identifier: 6dsBYl1+a5FeFuu0mc2uu78trkixsH4a7HiBZ3XxUiM=
Subject key identifier: A4:DE:A9:0D:8C:3A:E6:46:E4:D2:DF:2F:AF:03:03:64:28:FF:26:91
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1D7601BD
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pN6pDYw65kbk0t8vrwMDZCj_JpE.roa
Signing time: Fri 27 May 2022 19:41:13 +0000
ROA not before: Fri 27 May 2022 19:41:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34744
IP address blocks: 109.197.232.0/22 maxlen: 22
109.197.236.0/22 maxlen: 22
77.36.64.0/19 maxlen: 19
77.36.64.0/24 maxlen: 24
31.133.28.0/22 maxlen: 22
77.36.0.0/18 maxlen: 18
77.36.5.0/24 maxlen: 24
77.36.16.0/21 maxlen: 21
91.246.172.0/22 maxlen: 22
77.232.216.0/22 maxlen: 22
176.111.164.0/22 maxlen: 22
176.115.232.0/22 maxlen: 22
93.120.47.0/24 maxlen: 24
2a01:7d8::/48 maxlen: 48
2a01:7d8:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 494272957 (0x1d7601bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 27 19:41:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4dea90d8c3ae646e4d2df2faf03036428ff2691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9f:03:ad:9b:7e:c0:ea:e9:d9:7a:1e:59:53:
79:d2:6a:ee:01:0c:ee:4e:53:c7:1b:9d:e8:ec:ef:
d1:5c:5f:6d:75:8a:55:e3:b7:ea:21:a9:6c:cb:35:
9d:06:db:a1:0d:00:8a:67:99:b8:bc:dd:a6:2c:84:
be:47:69:f5:87:c8:53:87:29:fa:15:52:e7:6d:9a:
02:db:53:33:4c:34:a5:34:bc:80:e5:bb:a1:9a:99:
c8:c5:69:fd:a6:53:01:b3:c6:41:23:92:7e:de:1b:
89:6a:25:b1:30:fb:d8:d1:60:9f:57:bc:6e:fa:81:
43:d4:22:82:80:70:6d:54:38:39:71:98:9c:4b:ec:
12:ff:b8:cd:df:16:47:0b:98:b1:ae:07:ff:f9:3b:
35:ae:37:49:fa:d9:1e:91:03:92:74:bc:e6:aa:34:
1e:15:b0:7a:8b:80:ec:eb:6c:bd:61:b8:9d:8a:09:
3c:27:79:36:a3:2b:ec:bc:e4:1e:fc:88:c4:07:3f:
6a:4d:10:05:b1:8a:3f:97:17:56:94:1b:39:a8:48:
ac:fc:a6:6a:1d:2b:12:6b:ec:a6:92:73:2d:77:0c:
22:ee:58:f3:cf:67:0e:0d:79:c7:b3:3f:98:9b:b4:
73:0c:f0:74:f7:ba:0c:dd:26:46:9e:ad:80:2f:2f:
6f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DE:A9:0D:8C:3A:E6:46:E4:D2:DF:2F:AF:03:03:64:28:FF:26:91
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pN6pDYw65kbk0t8vrwMDZCj_JpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.28.0/22
77.36.0.0-77.36.95.255
77.232.216.0/22
91.246.172.0/22
93.120.47.0/24
109.197.232.0/21
176.111.164.0/22
176.115.232.0/22
IPv6:
2a01:7d8::/47
Signature Algorithm: sha256WithRSAEncryption
4b:d1:1f:3d:b1:16:a2:ab:ef:57:06:e3:e7:e0:7e:3e:6e:d0:
04:24:c4:70:31:ff:6c:77:b1:0a:5f:fa:8f:15:1f:71:e6:66:
99:a3:27:b8:3f:ec:37:d5:05:57:c7:7b:99:52:7b:76:d8:73:
4a:92:f8:41:30:b1:ad:a5:d5:17:28:6b:8f:87:a6:7f:75:bf:
d6:1c:2d:e8:ea:64:f7:ac:3c:56:f6:41:46:47:21:ae:fa:30:
cf:d4:13:bc:39:21:cb:bf:44:a6:f8:58:a7:5a:18:a9:3a:0b:
58:86:93:b1:ed:fa:f5:2e:cb:b1:21:4b:e2:28:9c:29:48:0f:
d6:30:09:8f:86:0a:e6:2a:eb:ba:5d:e1:6e:d5:8e:77:01:50:
55:1b:ce:b1:45:b5:ed:d9:a2:9f:46:1b:ca:a7:e3:66:2b:7b:
26:1a:72:7f:77:04:28:a4:d6:d3:70:d4:82:9d:c7:0f:92:25:
39:61:37:52:20:5a:0c:a9:53:51:fa:9c:c5:24:2c:ee:10:1d:
b4:e3:74:5e:a2:2c:ca:a1:b8:c7:69:25:05:6b:b9:f8:5e:52:
3f:66:07:07:57:f7:ad:23:9f:14:e7:f6:85:5e:47:a7:90:26:
a4:9a:6a:40:f0:88:ae:0d:1a:a4:0a:3d:1a:18:a1:ce:60:85:
b1:fe:16:d1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEHXYBvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDUy
NzE5NDExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTRkZWE5MGQ4YzNh
ZTY0NmU0ZDJkZjJmYWYwMzAzNjQyOGZmMjY5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKafA62bfsDq6dl6HllTedJq7gEM7k5Txxud6Ozv0VxfbXWK
VeO36iGpbMs1nQbboQ0AimeZuLzdpiyEvkdp9YfIU4cp+hVS522aAttTM0w0pTS8
gOW7oZqZyMVp/aZTAbPGQSOSft4biWolsTD72NFgn1e8bvqBQ9QigoBwbVQ4OXGY
nEvsEv+4zd8WRwuYsa4H//k7Na43SfrZHpEDknS85qo0HhWweouA7OtsvWG4nYoJ
PCd5NqMr7LzkHvyIxAc/ak0QBbGKP5cXVpQbOahIrPymah0rEmvsppJzLXcMIu5Y
889nDg15x7M/mJu0cwzwdPe6DN0mRp6tgC8vbwcCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBSk3qkNjDrmRuTS3y+vAwNkKP8mkTAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L3BONnBEWXc2NWtiazB0OHZyd01EWkNqX0pwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwPQQCAAEwNwMEAh+FHDALAwMCTSQDBAVNJEADBAJN
6NgDBAJb9qwDBABdeC8DBANtxegDBAKwb6QDBAKwc+gwDwQCAAIwCQMHASoBB9gA
ADANBgkqhkiG9w0BAQsFAAOCAQEAS9EfPbEWoqvvVwbj5+B+Pm7QBCTEcDH/bHex
Cl/6jxUfceZmmaMnuD/sN9UFV8d7mVJ7dthzSpL4QTCxraXVFyhrj4emf3W/1hwt
6Opk96w8VvZBRkchrvowz9QTvDkhy79EpvhYp1oYqToLWIaTse369S7LsSFL4iic
KUgP1jAJj4YK5irrul3hbtWOdwFQVRvOsUW17dmin0YbyqfjZit7Jhpyf3cEKKTW
03DUgp3HD5IlOWE3UiBaDKlTUfqcxSQs7hAdtON0XqIsyqG4x2klBWu5+F5SP2YH
B1f3rSOfFOf2hV5Hp5AmpJpqQPCIrg0apAo9GhihzmCFsf4W0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org