Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/PFqQtPAYcDosc0Xnu0Ql2c6VVH8.roa
File: PFqQtPAYcDosc0Xnu0Ql2c6VVH8.roa (raw, json)
Hash identifier: YqVL01KuTqglG/rEi0DQ9W4R5DnkzsdidP/81Mfa5U4=
Subject key identifier: 3C:5A:90:B4:F0:18:70:3A:2C:73:45:E7:BB:44:25:D9:CE:95:54:7F
Certificate issuer: /CN=bc063d650534aa9f06931fd8ed6e0bb276ebd3bf
Certificate serial: 0A70E413
Authority key identifier: BC:06:3D:65:05:34:AA:9F:06:93:1F:D8:ED:6E:0B:B2:76:EB:D3:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vAY9ZQU0qp8Gkx_Y7W4Lsnbr078.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/PFqQtPAYcDosc0Xnu0Ql2c6VVH8.roa
Signing time: Sat 01 Jan 2022 10:53:45 +0000
ROA not before: Sat 01 Jan 2022 10:53:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35349
IP address blocks: 185.239.248.0/22 maxlen: 22
2a0c:6780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175170579 (0xa70e413)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc063d650534aa9f06931fd8ed6e0bb276ebd3bf
Validity
Not Before: Jan 1 10:53:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c5a90b4f018703a2c7345e7bb4425d9ce95547f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6f:f2:f8:d5:78:4d:8b:e2:49:1a:b0:ab:b2:
be:ee:f5:1c:f2:3a:ac:51:e7:28:df:01:d0:db:06:
56:99:fb:50:3a:7c:b0:4b:99:da:dd:38:f4:ca:8b:
94:01:e1:e9:e2:1e:e7:de:5a:cd:41:73:14:e8:d4:
71:eb:dd:82:19:6b:54:47:87:b7:61:9a:00:af:ad:
31:9f:37:72:ea:07:c7:60:92:1a:51:08:00:1a:00:
d7:3f:97:0e:8a:ad:06:e8:d0:c3:38:3a:bb:ca:6f:
56:08:35:1b:41:19:e5:06:c8:6e:eb:17:8c:ee:50:
89:18:cf:47:01:1f:d4:1d:2f:8e:f6:ff:83:83:68:
97:70:b4:f0:93:c9:cb:e3:26:7f:65:ac:35:37:92:
76:1b:cf:70:90:8a:8d:ce:47:c1:3b:24:4b:02:4e:
ea:4c:5d:a6:56:df:c4:86:b5:b4:be:90:69:69:a6:
85:fe:e7:c0:ca:04:54:0b:36:05:33:a6:62:ee:74:
7a:78:74:a9:b4:71:7a:b1:b5:8a:20:b6:be:39:17:
f8:4a:2a:ed:0f:2e:6f:d9:bf:0c:9b:08:6d:22:d2:
52:9b:8d:9f:02:49:16:62:a6:78:4c:30:06:87:25:
e2:e0:b3:31:da:85:bc:31:08:59:01:c3:ee:1e:13:
46:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:5A:90:B4:F0:18:70:3A:2C:73:45:E7:BB:44:25:D9:CE:95:54:7F
X509v3 Authority Key Identifier:
keyid:BC:06:3D:65:05:34:AA:9F:06:93:1F:D8:ED:6E:0B:B2:76:EB:D3:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vAY9ZQU0qp8Gkx_Y7W4Lsnbr078.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/PFqQtPAYcDosc0Xnu0Ql2c6VVH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/vAY9ZQU0qp8Gkx_Y7W4Lsnbr078.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.248.0/22
IPv6:
2a0c:6780::/29
Signature Algorithm: sha256WithRSAEncryption
b1:a3:1f:9d:40:1d:62:e6:4e:a2:f8:72:25:be:16:59:b8:6d:
eb:de:78:e9:99:14:be:7c:74:44:0e:db:f2:3f:4c:d4:3d:3d:
52:dc:56:53:b5:0d:8c:1b:31:09:09:21:6f:bc:c6:1f:67:6a:
fe:7f:91:2c:30:c5:82:a0:65:e2:9b:eb:ec:a4:9a:96:05:6e:
53:2e:d8:81:db:7a:70:4a:49:02:b7:c9:cb:3a:58:57:a3:1f:
39:b8:d3:be:29:2e:c1:34:3b:48:cc:00:ef:78:ec:fa:3e:0a:
f3:ef:02:3f:43:e0:2e:0d:b8:f4:26:69:eb:0c:e8:14:86:40:
ec:ac:1f:b8:3d:84:4e:95:d6:9d:2f:6c:ad:e1:21:f5:c4:08:
f9:d8:0b:83:13:57:63:99:1e:1b:fc:76:df:00:ed:e9:db:63:
cd:f9:fe:26:04:51:97:bd:c7:7d:fe:f3:41:0c:b9:b5:b9:25:
73:32:fb:d8:5d:66:61:cd:b7:38:34:56:be:2f:ef:59:fa:8c:
61:ff:17:de:88:35:b5:ee:d5:8a:26:9e:38:75:ae:84:e5:19:
ef:6c:d2:bf:64:91:c7:3f:95:84:51:26:47:e8:1f:0b:68:28:
ad:03:05:a4:bc:3c:88:2e:d4:a3:2a:69:99:16:e6:74:8b:d3:
29:fc:c9:a4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECnDkEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzA2M2Q2NTA1MzRhYTlmMDY5MzFmZDhlZDZlMGJiMjc2ZWJkM2JmMB4XDTIyMDEw
MTEwNTM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2M1YTkwYjRmMDE4
NzAzYTJjNzM0NWU3YmI0NDI1ZDljZTk1NTQ3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhv8vjVeE2L4kkasKuyvu71HPI6rFHnKN8B0NsGVpn7UDp8
sEuZ2t049MqLlAHh6eIe595azUFzFOjUcevdghlrVEeHt2GaAK+tMZ83cuoHx2CS
GlEIABoA1z+XDoqtBujQwzg6u8pvVgg1G0EZ5QbIbusXjO5QiRjPRwEf1B0vjvb/
g4Nol3C08JPJy+Mmf2WsNTeSdhvPcJCKjc5HwTskSwJO6kxdplbfxIa1tL6QaWmm
hf7nwMoEVAs2BTOmYu50enh0qbRxerG1iiC2vjkX+Eoq7Q8ub9m/DJsIbSLSUpuN
nwJJFmKmeEwwBocl4uCzMdqFvDEIWQHD7h4TRtcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ8WpC08BhwOixzRee7RCXZzpVUfzAfBgNVHSMEGDAWgBS8Bj1lBTSqnwaT
H9jtbguyduvTvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZBWTlaUVUwcXA4R2t4X1k3VzRMc25icjA3OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvMTc5NGU4LTg5OTgtNDUxNC1iN2UxLTIxNmQyODlmMTc2NC8x
L1BGcVF0UEFZY0Rvc2MwWG51MFFsMmM2VlZIOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
MTc5NGU4LTg5OTgtNDUxNC1iN2UxLTIxNmQyODlmMTc2NC8xL3ZBWTlaUVUwcXA4
R2t4X1k3VzRMc25icjA3OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnv+DANBAIAAjAHAwUDKgxngDAN
BgkqhkiG9w0BAQsFAAOCAQEAsaMfnUAdYuZOovhyJb4WWbht69546ZkUvnx0RA7b
8j9M1D09UtxWU7UNjBsxCQkhb7zGH2dq/n+RLDDFgqBl4pvr7KSalgVuUy7Ygdt6
cEpJArfJyzpYV6MfObjTvikuwTQ7SMwA73js+j4K8+8CP0PgLg249CZp6wzoFIZA
7KwfuD2ETpXWnS9sreEh9cQI+dgLgxNXY5keG/x23wDt6dtjzfn+JgRRl73Hff7z
QQy5tbklczL72F1mYc23ODRWvi/vWfqMYf8X3og1te7ViiaeOHWuhOUZ72zSv2SR
xz+VhFEmR+gfC2gorQMFpLw8iC7UoyppmRbmdIvTKfzJpA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:42:26 2025 by rpki-client