Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/tMDRbyDjij68Talh7-1gAfW2ZNQ.roa
File: tMDRbyDjij68Talh7-1gAfW2ZNQ.roa (raw, json)
Hash identifier: CYCU4KmZTLHvb1jtrA72lkmiPNqwqpqrmLIiYSsjdg0=
Subject key identifier: B4:C0:D1:6F:20:E3:8A:3E:BC:4D:A9:61:EF:ED:60:01:F5:B6:64:D4
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1C1F4EC8
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/tMDRbyDjij68Talh7-1gAfW2ZNQ.roa
Signing time: Thu 17 Feb 2022 08:47:07 +0000
ROA not before: Thu 17 Feb 2022 08:47:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209767
IP address blocks: 91.245.92.0/22 maxlen: 24
109.207.133.0/24 maxlen: 24
109.207.143.0/24 maxlen: 24
176.113.176.0/22 maxlen: 24
176.124.172.0/22 maxlen: 22
91.229.30.0/24 maxlen: 24
91.246.216.0/24 maxlen: 24
178.213.176.0/22 maxlen: 24
91.239.224.0/24 maxlen: 24
91.224.213.0/24 maxlen: 24
91.239.179.0/24 maxlen: 24
91.226.52.0/23 maxlen: 23
91.226.54.0/23 maxlen: 23
31.132.192.0/22 maxlen: 22
31.132.196.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 471813832 (0x1c1f4ec8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Feb 17 08:47:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4c0d16f20e38a3ebc4da961efed6001f5b664d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:36:67:ae:49:6c:d3:02:70:11:bb:e1:6b:6e:
cc:7a:4b:86:13:1d:4c:7a:2d:ae:1c:18:75:c5:cf:
43:72:f3:ee:c3:f0:5e:f7:1c:9d:05:36:a1:34:cb:
8f:7e:03:08:df:ed:3a:d2:a3:05:8f:ae:56:70:19:
7d:88:6f:78:e5:e1:6f:57:3b:0c:fc:89:50:9d:4d:
72:46:9c:70:af:dc:71:4e:27:2c:8b:40:26:93:1c:
62:ee:96:a0:a9:57:e5:c7:1f:ec:6a:d1:7c:cb:38:
4d:81:c2:ba:00:1d:80:01:05:a1:df:b3:b9:75:14:
e2:f8:ae:a3:7f:30:d3:dd:b9:53:f9:cb:be:d1:18:
37:a8:01:53:95:a8:41:be:18:fb:da:68:be:7d:01:
49:ea:4c:de:5a:1c:aa:1d:b7:32:9e:3b:51:c3:e0:
ed:12:ac:86:30:af:76:55:d0:21:9c:1c:69:f4:ee:
87:5c:da:ad:89:c9:1b:31:cc:fc:60:90:c9:86:29:
10:a7:6d:d6:6f:bd:07:81:12:7d:c6:f8:ff:10:56:
d9:fb:bb:46:6f:ea:1e:ec:dd:17:38:fd:88:11:1c:
5a:ba:ff:18:35:01:d3:98:a3:9c:82:3e:07:1c:6e:
83:54:a1:6f:b2:44:09:95:27:8b:f4:f0:31:df:83:
de:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C0:D1:6F:20:E3:8A:3E:BC:4D:A9:61:EF:ED:60:01:F5:B6:64:D4
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/tMDRbyDjij68Talh7-1gAfW2ZNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.192.0/21
91.224.213.0/24
91.226.52.0/22
91.229.30.0/24
91.239.179.0/24
91.239.224.0/24
91.245.92.0/22
91.246.216.0/24
109.207.133.0/24
109.207.143.0/24
176.113.176.0/22
176.124.172.0/22
178.213.176.0/22
Signature Algorithm: sha256WithRSAEncryption
68:7b:16:16:fa:f5:9f:fa:84:e5:36:12:f6:e9:f4:b3:df:88:
95:5c:e6:1f:33:48:21:69:7f:32:6a:eb:41:27:e2:17:ee:68:
98:9e:81:b8:2e:51:43:ca:37:e5:9d:03:43:e8:6c:5e:ac:ae:
f6:5f:c1:e4:a7:45:05:5b:07:11:6c:b9:3f:0b:75:44:76:e1:
a0:f6:9c:78:69:d6:10:b5:92:58:aa:12:a0:c7:9c:4b:2e:b6:
78:8f:03:c3:d6:0e:5c:a2:27:b1:18:b3:7c:c6:46:9e:4d:20:
5c:0b:75:4c:3a:3b:a9:75:ef:a7:13:9c:0d:0b:c1:0c:2f:d7:
87:3c:94:9f:39:3f:bc:1c:a0:56:ea:e0:25:15:a4:9c:6b:38:
f6:71:cb:1e:20:46:cc:69:85:ff:6c:8a:4d:c9:54:b8:11:38:
8b:c1:bb:30:78:2b:27:c1:f9:8e:78:44:91:91:80:c0:14:3d:
b4:97:f4:fd:1c:5c:4c:fb:53:fb:3a:df:63:d2:04:72:10:99:
a9:82:70:53:eb:19:31:03:ac:68:b2:27:42:df:88:5f:dd:13:
a8:41:51:fe:6d:7a:be:70:06:28:4f:d2:81:a5:82:d1:7b:f9:
71:a9:52:5c:9b:ee:5d:82:db:b8:2d:46:48:8b:af:34:45:00:
9a:6f:e3:0b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEHB9OyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDIx
NzA4NDcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRjMGQxNmYyMGUz
OGEzZWJjNGRhOTYxZWZlZDYwMDFmNWI2NjRkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKA2Z65JbNMCcBG74WtuzHpLhhMdTHotrhwYdcXPQ3Lz7sPw
XvccnQU2oTTLj34DCN/tOtKjBY+uVnAZfYhveOXhb1c7DPyJUJ1NckaccK/ccU4n
LItAJpMcYu6WoKlX5ccf7GrRfMs4TYHCugAdgAEFod+zuXUU4viuo38w0925U/nL
vtEYN6gBU5WoQb4Y+9povn0BSepM3locqh23Mp47UcPg7RKshjCvdlXQIZwcafTu
h1zarYnJGzHM/GCQyYYpEKdt1m+9B4ESfcb4/xBW2fu7Rm/qHuzdFzj9iBEcWrr/
GDUB05ijnII+Bxxug1Shb7JECZUni/TwMd+D3mECAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBS0wNFvIOOKPrxNqWHv7WAB9bZk1DAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L3RNRFJieURqaWo2OFRhbGg3LTFnQWZXMlpOUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAx+EwAMEAFvg1QMEAlviNAMEAFvl
HgMEAFvvswMEAFvv4AMEAlv1XAMEAFv22AMEAG3PhQMEAG3PjwMEArBxsAMEArB8
rAMEArLVsDANBgkqhkiG9w0BAQsFAAOCAQEAaHsWFvr1n/qE5TYS9un0s9+IlVzm
HzNIIWl/MmrrQSfiF+5omJ6BuC5RQ8o35Z0DQ+hsXqyu9l/B5KdFBVsHEWy5Pwt1
RHbhoPaceGnWELWSWKoSoMecSy62eI8Dw9YOXKInsRizfMZGnk0gXAt1TDo7qXXv
pxOcDQvBDC/XhzyUnzk/vBygVurgJRWknGs49nHLHiBGzGmF/2yKTclUuBE4i8G7
MHgrJ8H5jnhEkZGAwBQ9tJf0/RxcTPtT+zrfY9IEchCZqYJwU+sZMQOsaLInQt+I
X90TqEFR/m16vnAGKE/SgaWC0Xv5calSXJvuXYLbuC1GSIuvNEUAmm/jCw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-fra.rpki-client.org