Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/uOWNrIAgdTXJ8oK91d9Rgm6rOOk.roa
File: uOWNrIAgdTXJ8oK91d9Rgm6rOOk.roa (raw, json)
Hash identifier: G5E+SH4e8/rP3Pg3iTYylRMR/8B3KI8wtFvoHEYpqI0=
Subject key identifier: B8:E5:8D:AC:80:20:75:35:C9:F2:82:BD:D5:DF:51:82:6E:AB:38:E9
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1C4DD631
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/uOWNrIAgdTXJ8oK91d9Rgm6rOOk.roa
Signing time: Fri 04 Mar 2022 07:36:31 +0000
ROA not before: Fri 04 Mar 2022 07:36:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 64.43.64.0/24 maxlen: 24
91.245.90.0/23 maxlen: 23
91.245.88.0/23 maxlen: 23
64.43.65.0/24 maxlen: 24
64.43.72.0/24 maxlen: 24
64.43.76.0/24 maxlen: 24
91.246.201.0/24 maxlen: 24
176.110.107.0/24 maxlen: 24
89.46.112.0/23 maxlen: 24
85.204.196.0/23 maxlen: 24
89.45.92.0/23 maxlen: 24
91.232.20.0/24 maxlen: 24
195.80.142.0/23 maxlen: 24
193.36.200.0/24 maxlen: 24
193.36.201.0/24 maxlen: 24
193.36.202.0/24 maxlen: 24
31.135.2.0/24 maxlen: 24
31.135.3.0/24 maxlen: 24
31.135.4.0/24 maxlen: 24
31.135.0.0/23 maxlen: 23
31.135.5.0/24 maxlen: 24
31.135.6.0/24 maxlen: 24
31.135.7.0/24 maxlen: 24
77.232.192.0/23 maxlen: 24
185.104.196.0/22 maxlen: 24
188.213.233.0/24 maxlen: 24
86.104.132.0/23 maxlen: 24
193.221.82.0/23 maxlen: 24
176.103.120.0/21 maxlen: 24
89.42.232.0/23 maxlen: 24
171.25.223.0/24 maxlen: 24
89.44.100.0/23 maxlen: 24
89.34.74.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 474863153 (0x1c4dd631)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 4 07:36:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8e58dac80207535c9f282bdd5df51826eab38e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c5:72:a0:54:a9:09:37:35:93:6d:a4:0a:5a:
04:cf:fc:75:45:5c:6f:1b:fe:2d:f6:41:1a:1e:71:
e4:d6:88:48:e8:3e:c6:52:a4:63:f3:36:7f:ba:78:
9a:a4:23:31:9f:72:58:8d:95:ec:44:73:ea:6f:41:
df:58:97:59:f2:96:9c:7a:e5:dd:d6:59:c4:96:24:
a2:d0:71:d3:07:8c:ce:b9:46:a4:9f:56:37:18:1f:
83:6c:84:89:3e:f1:01:d0:c4:92:c7:00:8b:c2:6b:
92:df:71:e1:37:4f:a4:f4:3e:b3:a2:bf:0b:8b:19:
95:23:82:6b:be:5e:70:35:24:22:d0:a4:75:fe:b3:
68:1e:b5:db:05:c7:73:3d:f0:4b:39:9d:ff:5f:4e:
a2:4a:18:20:ba:0a:be:35:98:cc:6f:7d:5e:18:c9:
c1:5d:26:cd:16:2b:c1:a2:d6:90:03:1e:74:7c:52:
40:cb:b4:d8:61:6f:93:d0:57:6e:80:a5:9f:e4:77:
f5:43:47:43:d1:5c:32:71:2d:1f:1d:f3:ec:a3:6d:
e2:1f:6e:65:c1:bd:92:08:5b:85:6d:84:1d:81:fe:
4f:9f:f2:90:a9:69:e3:92:f2:e1:da:dc:1f:c9:a8:
77:a8:6e:3b:57:45:09:9e:9b:9b:c4:f3:24:ae:c3:
e1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E5:8D:AC:80:20:75:35:C9:F2:82:BD:D5:DF:51:82:6E:AB:38:E9
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/uOWNrIAgdTXJ8oK91d9Rgm6rOOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.0.0/21
64.43.64.0/23
64.43.72.0/24
64.43.76.0/24
77.232.192.0/23
85.204.196.0/23
86.104.132.0/23
89.34.74.0/23
89.42.232.0/23
89.44.100.0/23
89.45.92.0/23
89.46.112.0/23
91.232.20.0/24
91.245.88.0/22
91.246.201.0/24
171.25.223.0/24
176.103.120.0/21
176.110.107.0/24
185.104.196.0/22
188.213.233.0/24
193.36.200.0-193.36.202.255
193.221.82.0/23
195.80.142.0/23
Signature Algorithm: sha256WithRSAEncryption
65:65:96:10:4e:44:c4:ab:58:af:e6:55:4d:79:b6:64:c8:64:
38:91:64:4f:8e:85:fc:6c:55:8a:e3:93:bf:33:9a:a1:8e:d5:
23:bb:6b:a9:2e:59:bb:ab:6e:ab:8a:54:04:02:75:49:9b:cf:
2d:10:c2:7c:5e:6e:66:b4:33:60:df:ee:9b:c9:e8:5c:b1:a4:
8c:7d:ea:fd:3a:f6:4b:da:51:d3:06:c5:8f:df:62:dc:e9:ee:
4a:09:39:a2:4b:8c:af:d6:6b:a1:34:58:8b:9c:1d:1b:7a:30:
c3:00:82:08:e4:5a:0f:ce:b9:84:92:dc:59:36:9e:ad:89:2e:
65:35:e1:1a:0a:a6:80:67:6f:d5:84:d0:09:5b:c1:f9:53:0c:
42:3d:ab:99:d0:e7:90:a9:73:99:1f:19:3e:8d:5f:8b:78:00:
50:77:32:fb:55:5f:b5:a7:53:1e:75:b3:57:06:ef:7b:02:f8:
96:3a:b0:62:71:92:9b:62:e6:7f:e5:bb:c2:9f:78:be:be:fc:
a6:af:79:74:43:75:6e:b1:3e:66:2e:73:db:83:fe:75:86:a8:
1c:c7:41:8b:6e:2d:05:b6:d9:26:07:bd:5e:95:e7:1e:da:2e:
c9:1a:78:ac:df:02:d8:c3:b5:13:6d:d1:d6:49:4d:e9:8c:70:
31:45:ba:44
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIEHE3WMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDMw
NDA3MzYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjhlNThkYWM4MDIw
NzUzNWM5ZjI4MmJkZDVkZjUxODI2ZWFiMzhlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjFcqBUqQk3NZNtpApaBM/8dUVcbxv+LfZBGh5x5NaISOg+
xlKkY/M2f7p4mqQjMZ9yWI2V7ERz6m9B31iXWfKWnHrl3dZZxJYkotBx0weMzrlG
pJ9WNxgfg2yEiT7xAdDEkscAi8Jrkt9x4TdPpPQ+s6K/C4sZlSOCa75ecDUkItCk
df6zaB612wXHcz3wSzmd/19OokoYILoKvjWYzG99XhjJwV0mzRYrwaLWkAMedHxS
QMu02GFvk9BXboCln+R39UNHQ9FcMnEtHx3z7KNt4h9uZcG9kghbhW2EHYH+T5/y
kKlp45Ly4drcH8mod6huO1dFCZ6bm8TzJK7D4dECAwEAAaOCApowggKWMB0GA1Ud
DgQWBBS45Y2sgCB1Ncnygr3V31GCbqs46TAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L3VPV05ySUFnZFRYSjhvSzkxZDlSZ202ck9Pay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rwYIKwYBBQUHAQcBAf8EgZ8wgZwwgZkEAgABMIGSAwQDH4cAAwQBQCtAAwQAQCtI
AwQAQCtMAwQBTejAAwQBVczEAwQBVmiEAwQBWSJKAwQBWSroAwQBWSxkAwQBWS1c
AwQBWS5wAwQAW+gUAwQCW/VYAwQAW/bJAwQAqxnfAwQDsGd4AwQAsG5rAwQCuWjE
AwQAvNXpMAwDBAPBJMgDBADBJMoDBAHB3VIDBAHDUI4wDQYJKoZIhvcNAQELBQAD
ggEBAGVllhBORMSrWK/mVU15tmTIZDiRZE+OhfxsVYrjk78zmqGO1SO7a6kuWbur
bquKVAQCdUmbzy0Qwnxebma0M2Df7pvJ6FyxpIx96v069kvaUdMGxY/fYtzp7koJ
OaJLjK/Wa6E0WIucHRt6MMMAggjkWg/OuYSS3Fk2nq2JLmU14RoKpoBnb9WE0Alb
wflTDEI9q5nQ55Cpc5kfGT6NX4t4AFB3MvtVX7WnUx51s1cG73sC+JY6sGJxkpti
5n/lu8KfeL6+/KaveXRDdW6xPmYuc9uD/nWGqBzHQYtuLQW22SYHvV6V5x7aLska
eKzfAtjDtRNt0dZJTemMcDFFukQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org