Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pUNG8HpujdCCeBOeVMTdnbiMnd8.roa
File: pUNG8HpujdCCeBOeVMTdnbiMnd8.roa (raw, json)
Hash identifier: vPk32eBM3afCSspCh7dqvCowK+5D/yNY9rm3Vcb2yLM=
Subject key identifier: A5:43:46:F0:7A:6E:8D:D0:82:78:13:9E:54:C4:DD:9D:B8:8C:9D:DF
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01847A577A2989E978DFB76FEAA873D3A19B
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pUNG8HpujdCCeBOeVMTdnbiMnd8.roa
Signing time: Tue 15 Nov 2022 08:11:04 +0000
ROA not before: Tue 15 Nov 2022 08:11:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 77.36.120.0/21 maxlen: 21
185.55.4.0/22 maxlen: 23
176.112.80.0/22 maxlen: 22
176.103.240.0/21 maxlen: 22
46.151.32.0/22 maxlen: 24
178.159.144.0/22 maxlen: 24
176.113.184.0/21 maxlen: 24
93.120.120.0/22 maxlen: 24
81.161.0.0/22 maxlen: 22
176.116.32.0/21 maxlen: 21
185.55.140.0/22 maxlen: 22
185.55.140.0/23 maxlen: 23
185.55.142.0/23 maxlen: 23
64.43.112.0/22 maxlen: 22
31.131.8.0/22 maxlen: 22
176.110.216.0/22 maxlen: 22
176.110.216.0/21 maxlen: 21
64.43.124.0/22 maxlen: 22
176.110.220.0/22 maxlen: 22
176.102.120.0/21 maxlen: 21
176.102.120.0/22 maxlen: 22
176.102.124.0/22 maxlen: 22
193.36.204.0/22 maxlen: 22
176.96.88.0/22 maxlen: 22
109.207.136.0/22 maxlen: 22
176.96.48.0/21 maxlen: 24
176.116.232.0/22 maxlen: 22
91.246.176.0/21 maxlen: 21
176.111.160.0/22 maxlen: 24
93.120.12.0/22 maxlen: 22
46.173.240.0/21 maxlen: 21
93.120.16.0/21 maxlen: 21
178.212.184.0/22 maxlen: 22
178.212.184.0/21 maxlen: 21
178.212.188.0/22 maxlen: 22
91.233.0.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:57:7a:29:89:e9:78:df:b7:6f:ea:a8:73:d3:a1:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 15 08:11:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a54346f07a6e8dd08278139e54c4dd9db88c9ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:48:36:5e:b4:3b:2a:54:d9:87:68:a8:22:e8:
59:cc:40:ed:f0:ff:a9:0e:b7:c0:23:74:a0:47:12:
fe:40:7d:54:b8:68:99:34:8f:ed:02:79:1e:2e:83:
c0:2c:86:7e:52:a5:ca:00:5e:3c:3d:11:38:ce:9d:
39:a7:5c:7f:ad:71:6f:1a:ae:fc:b9:40:9a:fb:e3:
02:14:59:32:ad:af:1c:cc:2b:6a:38:7f:76:fe:53:
40:f7:ed:1e:91:48:06:83:1d:d4:7a:14:7f:ad:20:
2b:90:ec:1e:61:f7:2b:ad:b9:03:53:f1:58:ba:c0:
96:a1:b7:6e:e2:a4:90:84:eb:d3:16:5f:40:d6:1a:
a9:15:ab:9b:97:2c:73:eb:73:15:88:d5:7c:07:85:
e4:76:a5:0c:6a:c2:d8:03:e7:2c:0e:09:2c:bf:9d:
56:79:d1:0b:1c:3f:3a:d6:8e:f4:56:7b:9a:56:a6:
f7:12:fa:f5:e6:41:ed:15:0e:c4:38:b6:81:77:09:
b7:4c:cf:96:d0:18:28:73:04:b0:87:69:fc:46:5a:
20:5a:f9:d6:80:97:8e:10:76:2a:a9:3a:32:a6:a0:
b8:e2:65:49:ea:61:f3:54:ba:a3:85:f7:9e:4f:de:
d8:67:09:5c:8a:9d:2b:42:9d:7e:9e:2b:77:f3:d1:
0e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:43:46:F0:7A:6E:8D:D0:82:78:13:9E:54:C4:DD:9D:B8:8C:9D:DF
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pUNG8HpujdCCeBOeVMTdnbiMnd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.8.0/22
46.151.32.0/22
46.173.240.0/21
64.43.112.0/22
64.43.124.0/22
77.36.120.0/21
81.161.0.0/22
91.233.0.0/23
91.246.176.0/21
93.120.12.0-93.120.23.255
93.120.120.0/22
109.207.136.0/22
176.96.48.0/21
176.96.88.0/22
176.102.120.0/21
176.103.240.0/21
176.110.216.0/21
176.111.160.0/22
176.112.80.0/22
176.113.184.0/21
176.116.32.0/21
176.116.232.0/22
178.159.144.0/22
178.212.184.0/21
185.55.4.0/22
185.55.140.0/22
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
57:f5:11:d3:80:6c:24:03:e4:bc:03:d9:af:54:5f:b7:e0:4a:
2c:1f:4b:1c:7d:17:47:bf:57:14:4e:92:6e:c4:ba:ff:ae:dd:
8c:e4:90:b4:32:2e:03:ac:0f:ff:52:d5:87:b8:b5:30:a9:7b:
98:6e:43:ab:7f:39:53:9d:e3:fd:0d:38:8a:4d:34:31:6d:3b:
3d:92:55:36:24:3b:f4:8e:06:47:76:1f:96:d1:62:f7:02:69:
58:16:f7:dd:d8:2d:ed:15:11:63:78:f8:c4:58:7d:24:e8:f9:
46:f9:84:dc:37:16:88:ec:35:ea:59:34:3f:42:31:f3:e4:24:
7e:1b:d2:e7:3a:e4:a4:d4:bf:9e:df:50:ff:dd:98:62:10:43:
5d:c9:c6:ae:90:22:62:d5:83:5e:58:d4:f3:30:e9:da:f8:90:
75:62:14:30:a5:7b:e9:eb:30:ef:1b:01:39:59:c0:ac:0b:2f:
96:60:1b:70:70:8b:ad:d0:93:8e:fa:4e:a0:68:cb:e7:40:55:
93:b8:8d:57:12:8c:ee:a4:c7:6f:67:d4:87:bb:f1:06:77:07:
97:94:bb:1e:8e:a8:22:78:2a:d6:cb:96:6b:59:39:e1:9e:68:
44:a2:ca:f2:2d:33:28:d2:68:7f:73:4f:d5:eb:2c:91:9e:ff:
69:ab:bd:e3
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYR6V3opiel437dv6qhz06GbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMTE1MDgxMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQzNDZmMDdhNmU4ZGQwODI3ODEzOWU1NGM0ZGQ5ZGI4OGM5ZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUg2XrQ7KlTZh2ioIuhZzEDt8P+p
DrfAI3SgRxL+QH1UuGiZNI/tAnkeLoPALIZ+UqXKAF48PRE4zp05p1x/rXFvGq78
uUCa++MCFFkyra8czCtqOH92/lNA9+0ekUgGgx3UehR/rSArkOweYfcrrbkDU/FY
usCWobdu4qSQhOvTFl9A1hqpFaublyxz63MViNV8B4XkdqUMasLYA+csDgksv51W
edELHD861o70VnuaVqb3Evr15kHtFQ7EOLaBdwm3TM+W0BgocwSwh2n8RlogWvnW
gJeOEHYqqToypqC44mVJ6mHzVLqjhfeeT97YZwlcip0rQp1+nit389EODQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFKVDRvB6bo3QgngTnlTE3Z24jJ3fMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcFVORzhIcHVqZENDZUJPZVZNVGRuYmlNbmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAIf
gwgDBAIulyADBAMurfADBAJAK3ADBAJAK3wDBANNJHgDBAJRoQADBAFb6QADBANb
9rAwDAMEAl14DAMEA114EAMEAl14eAMEAm3PiAMEA7BgMAMEArBgWAMEA7BmeAME
A7Bn8AMEA7Bu2AMEArBvoAMEArBwUAMEA7BxuAMEA7B0IAMEArB06AMEArKfkAME
A7LUuAMEArk3BAMEArk3jAMEAsEkzDANBgkqhkiG9w0BAQsFAAOCAQEAV/UR04Bs
JAPkvAPZr1Rft+BKLB9LHH0XR79XFE6SbsS6/67djOSQtDIuA6wP/1LVh7i1MKl7
mG5Dq385U53j/Q04ik00MW07PZJVNiQ79I4GR3YfltFi9wJpWBb33dgt7RURY3j4
xFh9JOj5RvmE3DcWiOw16lk0P0Ix8+QkfhvS5zrkpNS/nt9Q/92YYhBDXcnGrpAi
YtWDXljU8zDp2viQdWIUMKV76esw7xsBOVnArAsvlmAbcHCLrdCTjvpOoGjL50BV
k7iNVxKM7qTHb2fUh7vxBncHl5S7Ho6oIngq1suWa1k54Z5oRKLK8i0zKNJof3NP
1esskZ7/aau94w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org