Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/teDDpg1b9EN1iEG5N71mlxJF8vs.roa
File: teDDpg1b9EN1iEG5N71mlxJF8vs.roa (raw, json)
Hash identifier: OoKWYwY1s+4niuuLFeLbqamtk3uAyCLkeX53Mt9Iw64=
Subject key identifier: B5:E0:C3:A6:0D:5B:F4:43:75:88:41:B9:37:BD:66:97:12:45:F2:FB
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1C8A9D07
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/teDDpg1b9EN1iEG5N71mlxJF8vs.roa
Signing time: Thu 17 Mar 2022 16:08:53 +0000
ROA not before: Thu 17 Mar 2022 16:08:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211143
IP address blocks: 109.207.131.0/24 maxlen: 24
77.36.58.0/23 maxlen: 23
77.36.66.0/23 maxlen: 23
93.120.34.0/23 maxlen: 23
93.120.36.0/22 maxlen: 22
93.120.40.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 478846215 (0x1c8a9d07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 17 16:08:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5e0c3a60d5bf443758841b937bd66971245f2fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:56:a7:ce:92:2d:29:59:fe:9e:a6:90:9f:5a:
73:72:71:51:db:bd:29:31:12:e7:8a:8f:57:1f:6a:
1e:fd:42:55:46:29:7b:9e:d9:ad:c3:6b:12:e4:85:
0b:22:51:58:f3:fe:a7:dc:0d:f6:46:7c:66:2e:41:
2d:e5:25:9a:73:1f:6e:b9:d4:a2:b6:09:90:ee:d7:
c3:94:64:1b:a4:e5:ed:0a:2f:cb:e8:58:a4:52:7f:
5d:96:7d:5b:bf:32:81:d2:34:65:cb:0a:d5:db:5a:
3e:aa:a4:91:4a:a3:e7:32:91:e5:c0:63:ec:d3:8d:
99:86:e5:5e:49:ea:ee:4f:cf:f1:b7:9b:23:44:75:
4e:bc:83:bf:57:58:a4:b4:f7:06:c9:59:fb:58:5a:
f8:e9:ca:73:74:59:91:ae:f6:61:89:4a:d9:15:3c:
7d:7e:3a:44:23:c7:53:10:d2:f0:12:a1:41:2e:28:
9d:36:ae:c0:d7:13:14:2d:f7:48:fd:5e:d9:d0:08:
90:f5:26:c7:a5:a0:26:ff:af:e5:8a:3f:63:72:3b:
40:ad:f3:8c:6f:8b:3b:f2:ca:d3:94:e0:6b:e4:2f:
bc:bc:55:b4:8c:e2:ae:6d:03:29:ba:67:d5:3e:5c:
e3:40:6b:ec:ec:f2:72:ca:62:25:32:c6:79:7e:57:
e2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:E0:C3:A6:0D:5B:F4:43:75:88:41:B9:37:BD:66:97:12:45:F2:FB
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/teDDpg1b9EN1iEG5N71mlxJF8vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.58.0/23
77.36.66.0/23
93.120.34.0-93.120.41.255
109.207.131.0/24
Signature Algorithm: sha256WithRSAEncryption
03:95:d9:15:16:5c:5a:45:f6:2e:fa:9c:4d:79:02:4a:41:8a:
be:7d:9f:b5:ae:91:29:39:18:91:17:5a:97:65:e1:b4:eb:b7:
16:4a:b2:8e:83:4c:d1:5d:fa:af:47:e0:c9:4e:2f:4d:ca:e9:
af:5a:bd:7c:6c:e9:0e:4d:b1:a4:fa:ec:4b:a8:48:e2:aa:c1:
15:1c:15:76:24:08:55:d4:b9:d3:89:b8:6f:64:25:a4:3a:21:
ea:66:b9:51:45:3f:ce:e3:c7:8d:e7:3c:c7:28:5d:59:2b:49:
27:a8:f8:1c:53:c1:0c:96:4d:92:20:e9:c2:78:c2:23:95:c8:
a3:57:36:fa:0a:4d:2e:7f:92:6a:e5:e0:5a:21:6b:60:b5:fe:
73:ed:c4:10:45:7f:85:73:54:ee:ce:da:c2:41:35:5c:58:71:
10:40:84:22:e9:2e:87:27:c7:4e:5c:7a:d4:5f:9e:6e:d4:c0:
19:e7:b8:27:44:4d:09:44:ef:e3:d3:0b:31:62:a6:3e:e0:a8:
32:ef:52:b5:d0:70:a4:9e:6f:33:c9:c7:e8:2d:c0:3e:83:19:
9b:fd:a4:f3:78:06:8c:fb:3b:ed:23:75:e9:e3:a3:e6:43:64:
d5:03:65:56:4d:94:08:dd:23:5d:fb:47:c2:76:2f:e7:40:95:
3f:e2:45:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEHIqdBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDMx
NzE2MDg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVlMGMzYTYwZDVi
ZjQ0Mzc1ODg0MWI5MzdiZDY2OTcxMjQ1ZjJmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFWp86SLSlZ/p6mkJ9ac3JxUdu9KTES54qPVx9qHv1CVUYp
e57ZrcNrEuSFCyJRWPP+p9wN9kZ8Zi5BLeUlmnMfbrnUorYJkO7Xw5RkG6Tl7Qov
y+hYpFJ/XZZ9W78ygdI0ZcsK1dtaPqqkkUqj5zKR5cBj7NONmYblXknq7k/P8beb
I0R1TryDv1dYpLT3BslZ+1ha+OnKc3RZka72YYlK2RU8fX46RCPHUxDS8BKhQS4o
nTauwNcTFC33SP1e2dAIkPUmx6WgJv+v5Yo/Y3I7QK3zjG+LO/LK05Tga+QvvLxV
tIzirm0DKbpn1T5c40Br7OzycspiJTLGeX5X4rcCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBS14MOmDVv0Q3WIQbk3vWaXEkXy+zAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L3RlRERwZzFiOUVOMWlFRzVONzFtbHhKRjh2cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAU0kOgMEAU0kQjAMAwQBXXgiAwQB
XXgoAwQAbc+DMA0GCSqGSIb3DQEBCwUAA4IBAQADldkVFlxaRfYu+pxNeQJKQYq+
fZ+1rpEpORiRF1qXZeG067cWSrKOg0zRXfqvR+DJTi9NyumvWr18bOkOTbGk+uxL
qEjiqsEVHBV2JAhV1LnTibhvZCWkOiHqZrlRRT/O48eN5zzHKF1ZK0knqPgcU8EM
lk2SIOnCeMIjlcijVzb6Ck0uf5Jq5eBaIWtgtf5z7cQQRX+Fc1TuztrCQTVcWHEQ
QIQi6S6HJ8dOXHrUX55u1MAZ57gnRE0JRO/j0wsxYqY+4Kgy71K10HCknm8zycfo
LcA+gxmb/aTzeAaM+zvtI3Xp46PmQ2TVA2VWTZQI3SNd+0fCdi/nQJU/4kVv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org