Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rOHdzYjVH9RguUeUlNqUfsRZ5jk.roa
File: rOHdzYjVH9RguUeUlNqUfsRZ5jk.roa (raw, json)
Hash identifier: r4W4fEhjV99PvYZi71ZhS2FhIPHRblH6QYNA5rdeY/Y=
Subject key identifier: AC:E1:DD:CD:88:D5:1F:D4:60:B9:47:94:94:DA:94:7E:C4:59:E6:39
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018505791FFDFC84C8F257131E965F287CD3
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rOHdzYjVH9RguUeUlNqUfsRZ5jk.roa
Signing time: Mon 12 Dec 2022 08:35:02 +0000
ROA not before: Mon 12 Dec 2022 08:35:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6282
IP address blocks: 77.36.24.0/22 maxlen: 22
176.116.36.0/22 maxlen: 22
64.43.100.0/22 maxlen: 22
64.43.104.0/22 maxlen: 22
64.43.108.0/22 maxlen: 22
64.43.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:79:1f:fd:fc:84:c8:f2:57:13:1e:96:5f:28:7c:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Dec 12 08:35:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ace1ddcd88d51fd460b9479494da947ec459e639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:34:08:bb:94:5b:de:c2:69:4f:59:0f:0f:d6:
8a:de:54:b0:e2:b4:9d:c2:cd:60:68:dc:61:fa:0b:
a6:38:12:6d:32:0e:65:60:22:50:ac:c4:3b:e0:cf:
2c:69:38:0b:9d:3a:f0:1e:56:60:6e:53:27:3e:9b:
6b:cf:4b:f8:bb:af:d6:00:cc:74:0d:ce:66:a0:10:
a9:db:4a:f6:9e:29:ed:4f:d8:52:53:88:ed:77:20:
d6:5e:dd:1e:f8:c1:ac:19:53:e9:c4:37:57:c8:9a:
5b:48:fa:9c:46:80:4e:68:7d:ca:d3:d1:8f:93:fd:
63:a3:eb:33:61:01:7c:e5:6b:40:25:25:c8:ef:5f:
09:ce:23:3f:28:2f:63:08:13:59:cb:d3:40:a4:63:
c7:76:4a:56:42:9c:0d:36:41:e9:b9:6b:24:22:61:
7d:88:e6:9e:79:6a:0b:b1:75:f5:bb:8d:9d:e0:bf:
f2:dd:a1:3b:4e:dd:cf:6b:d2:8d:05:72:7b:5a:7b:
b1:bc:81:98:38:50:a6:52:39:1a:83:35:73:dd:65:
0a:63:fa:aa:1e:cb:ee:cc:dd:d6:85:bd:10:c3:7f:
b5:73:b2:02:a6:71:ee:f9:1f:4d:20:e6:ed:07:c3:
ef:be:81:eb:6c:d1:0c:08:6d:3e:72:f9:ef:75:3b:
4b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E1:DD:CD:88:D5:1F:D4:60:B9:47:94:94:DA:94:7E:C4:59:E6:39
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rOHdzYjVH9RguUeUlNqUfsRZ5jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.100.0-64.43.111.255
64.43.116.0/22
77.36.24.0/22
176.116.36.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:78:4f:5e:fa:ee:d3:06:c7:b4:06:81:47:73:b5:f4:cc:9e:
f1:71:a4:78:40:12:59:ea:10:50:9c:d6:81:a7:a5:cd:db:21:
e9:c0:e7:cb:88:79:4c:e7:a3:4b:2e:c8:8a:d5:46:a9:20:00:
93:5e:55:03:c4:21:36:9e:fb:b7:28:21:e7:12:12:7b:94:15:
d7:ab:91:90:4c:4b:e3:b7:71:1a:f8:44:20:53:96:1e:f8:1a:
8a:0e:9e:3a:47:d0:04:a8:78:8e:be:21:ca:8e:5d:c4:70:0d:
05:a3:b5:d2:e6:a3:f2:f3:19:09:ea:2e:4a:90:50:33:ee:77:
e1:3c:5d:dd:d5:ed:a7:70:f0:cb:cd:b1:c5:8c:12:c8:32:8c:
cd:eb:66:be:b4:25:29:0f:dd:66:c8:69:07:66:09:5f:57:ea:
98:27:99:85:c7:83:5c:d9:3e:7e:e5:2c:bb:2b:8a:f9:db:46:
c0:af:29:0d:31:b6:81:ea:a9:ac:f5:9b:72:8e:4d:1f:c7:f2:
c2:fd:21:a0:eb:02:e5:67:a0:4a:85:ea:6d:b0:60:ff:d7:9d:
f6:ec:9d:fb:92:70:05:bf:db:51:48:a9:4a:f2:f0:62:f5:bf:
5b:f7:a3:91:79:2b:06:ae:82:38:aa:6e:a7:ca:df:2e:80:d4:
f8:db:62:75
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYUFeR/9/ITI8lcTHpZfKHzTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMjEyMDgzNTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2UxZGRjZDg4ZDUxZmQ0NjBiOTQ3OTQ5NGRhOTQ3ZWM0NTllNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDQIu5Rb3sJpT1kPD9aK3lSw4rSd
ws1gaNxh+gumOBJtMg5lYCJQrMQ74M8saTgLnTrwHlZgblMnPptrz0v4u6/WAMx0
Dc5moBCp20r2nintT9hSU4jtdyDWXt0e+MGsGVPpxDdXyJpbSPqcRoBOaH3K09GP
k/1jo+szYQF85WtAJSXI718JziM/KC9jCBNZy9NApGPHdkpWQpwNNkHpuWskImF9
iOaeeWoLsXX1u42d4L/y3aE7Tt3Pa9KNBXJ7WnuxvIGYOFCmUjkagzVz3WUKY/qq
HsvuzN3Whb0Qw3+1c7ICpnHu+R9NIObtB8PvvoHrbNEMCG0+cvnvdTtLiQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKzh3c2I1R/UYLlHlJTalH7EWeY5MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvck9IZHpZalZIOVJndVVlVWxOcVVmc1JaNWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAJAK2QD
BARAK2ADBAJAK3QDBAJNJBgDBAKwdCQwDQYJKoZIhvcNAQELBQADggEBAKR4T176
7tMGx7QGgUdztfTMnvFxpHhAElnqEFCc1oGnpc3bIenA58uIeUzno0suyIrVRqkg
AJNeVQPEITae+7coIecSEnuUFderkZBMS+O3cRr4RCBTlh74GooOnjpH0ASoeI6+
IcqOXcRwDQWjtdLmo/LzGQnqLkqQUDPud+E8Xd3V7adw8MvNscWMEsgyjM3rZr60
JSkP3WbIaQdmCV9X6pgnmYXHg1zZPn7lLLsrivnbRsCvKQ0xtoHqqaz1m3KOTR/H
8sL9IaDrAuVnoEqF6m2wYP/XnfbsnfuScAW/21FIqUry8GL1v1v3o5F5Kwaugjiq
bqfK3y6A1PjbYnU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org