Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/pj44poAnIBQnkOgtKfw3LinQP0k.roa
File: pj44poAnIBQnkOgtKfw3LinQP0k.roa (raw, json)
Hash identifier: rMzpIbgtWB37JQks8CJTajwh4WkmBujQwGL3SLg1drw=
Subject key identifier: A6:3E:38:A6:80:27:20:14:27:90:E8:2D:29:FC:37:2E:29:D0:3F:49
Certificate issuer: /CN=836528e152b6dcba1571241ac55be5bce01118b7
Certificate serial: 23904E9D
Authority key identifier: 83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/pj44poAnIBQnkOgtKfw3LinQP0k.roa
Signing time: Sat 01 Jan 2022 16:10:43 +0000
ROA not before: Sat 01 Jan 2022 16:10:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197991
IP address blocks: 149.126.32.0/20 maxlen: 24
178.132.56.0/21 maxlen: 24
5.144.144.0/21 maxlen: 24
2a0d:a5c0::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 596659869 (0x23904e9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=836528e152b6dcba1571241ac55be5bce01118b7
Validity
Not Before: Jan 1 16:10:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a63e38a6802720142790e82d29fc372e29d03f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:39:41:8e:96:5c:f0:99:ac:2f:dd:a9:b2:92:
52:9b:13:03:67:08:db:4f:b5:46:5f:e6:67:b1:21:
00:2e:6f:39:ca:75:86:a6:0c:c6:80:b8:29:1d:b9:
f7:c5:3d:73:87:83:7f:53:7a:dc:e3:55:51:aa:d2:
ad:9d:15:d2:65:c7:8f:94:d8:af:23:bc:13:44:e0:
95:94:37:c6:b1:6e:53:a6:af:33:6a:e1:14:1d:16:
28:dc:05:ee:02:48:b4:d7:35:7a:ad:73:79:f1:f3:
2e:db:68:96:46:41:50:db:7f:88:22:b4:98:e2:9d:
1e:d0:8b:55:dd:a5:56:54:65:97:48:de:6d:09:b1:
d3:d6:b2:e9:da:ab:ee:62:38:94:2b:27:e6:9d:0d:
61:46:1b:61:17:17:80:55:ed:98:68:09:df:ca:cd:
5a:3f:59:67:97:31:a9:9f:a6:8f:ce:5d:7b:55:80:
eb:3f:fc:64:9e:20:a2:68:4c:6c:c6:a7:5f:02:eb:
73:f2:7a:ba:b2:35:e2:75:6e:3e:06:0a:7d:77:f1:
31:77:33:cc:78:48:ff:f1:d7:c3:a0:ff:c9:75:51:
a0:5c:06:5b:40:86:d1:cf:79:e5:ae:44:f7:7e:8b:
ae:39:32:12:2a:25:ed:3a:42:7d:96:b3:07:17:4a:
68:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:3E:38:A6:80:27:20:14:27:90:E8:2D:29:FC:37:2E:29:D0:3F:49
X509v3 Authority Key Identifier:
keyid:83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/pj44poAnIBQnkOgtKfw3LinQP0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.144.0/21
149.126.32.0/20
178.132.56.0/21
IPv6:
2a0d:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:58:b9:8a:48:48:a0:04:a6:45:e9:47:94:1b:61:f7:e4:d5:
3c:87:34:14:c9:86:36:bc:4e:5c:fa:b4:dd:f5:51:6f:e0:6d:
fb:d5:5f:e7:97:8c:fb:b0:7e:ba:a3:5d:92:08:3f:9f:b3:7a:
e1:fa:52:4c:95:98:30:b6:89:0f:85:a5:2a:a9:f0:91:c1:3d:
a6:7e:54:e5:c5:68:de:44:ba:6a:7e:6d:b7:8b:4f:d0:9b:e7:
e4:ed:08:24:30:61:05:e0:5f:7f:a9:84:6b:d8:6e:e7:36:84:
07:c8:c5:e4:2a:18:6f:7d:5d:49:17:97:53:32:3b:d6:83:29:
d6:07:ca:fd:af:65:86:d6:61:79:0e:dd:49:98:a3:b0:f2:47:
12:e0:26:2e:ae:5f:48:d7:66:fd:69:d5:c3:7d:81:b3:2d:9e:
5b:ce:bd:26:f4:f7:60:5d:b3:6a:1f:de:ed:8c:3f:a4:ad:34:
45:70:83:71:00:2e:eb:37:21:ae:91:e5:ae:9f:fb:ea:47:08:
8b:a4:6a:1a:37:55:43:41:75:1c:86:73:10:bd:82:8f:98:7b:
0b:74:fe:1e:49:c6:22:12:c3:f7:49:bd:40:8f:57:b7:f3:7a:
26:ef:68:73:5a:38:60:0c:ee:c1:f4:0e:e6:d9:f3:35:56:c4:
77:b1:6f:59
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEI5BOnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzY1MjhlMTUyYjZkY2JhMTU3MTI0MWFjNTViZTViY2UwMTExOGI3MB4XDTIyMDEw
MTE2MTA0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTYzZTM4YTY4MDI3
MjAxNDI3OTBlODJkMjlmYzM3MmUyOWQwM2Y0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMU5QY6WXPCZrC/dqbKSUpsTA2cI20+1Rl/mZ7EhAC5vOcp1
hqYMxoC4KR2598U9c4eDf1N63ONVUarSrZ0V0mXHj5TYryO8E0TglZQ3xrFuU6av
M2rhFB0WKNwF7gJItNc1eq1zefHzLttolkZBUNt/iCK0mOKdHtCLVd2lVlRll0je
bQmx09ay6dqr7mI4lCsn5p0NYUYbYRcXgFXtmGgJ38rNWj9ZZ5cxqZ+mj85de1WA
6z/8ZJ4gomhMbManXwLrc/J6urI14nVuPgYKfXfxMXczzHhI//HXw6D/yXVRoFwG
W0CG0c955a5E936LrjkyEiol7TpCfZazBxdKaKcCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSmPjimgCcgFCeQ6C0p/DcuKdA/STAfBgNVHSMEGDAWgBSDZSjhUrbcuhVx
JBrFW+W84BEYtzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cyVW80VksyM0xvVmNTUWF4VnZsdk9BUkdMYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvN2M3MGY0LTVmM2EtNGZkMy04ODNjLWViOTQxNWVjNTQ4YS8x
L3BqNDRwb0FuSUJRbmtPZ3RLZnczTGluUVAway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
N2M3MGY0LTVmM2EtNGZkMy04ODNjLWViOTQxNWVjNTQ4YS8xL2cyVW80VksyM0xv
VmNTUWF4VnZsdk9BUkdMYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAwWQkAMEBJV+IAMEA7KEODANBAIA
AjAHAwUDKg2lwDANBgkqhkiG9w0BAQsFAAOCAQEAjVi5ikhIoASmRelHlBth9+TV
PIc0FMmGNrxOXPq03fVRb+Bt+9Vf55eM+7B+uqNdkgg/n7N64fpSTJWYMLaJD4Wl
KqnwkcE9pn5U5cVo3kS6an5tt4tP0Jvn5O0IJDBhBeBff6mEa9hu5zaEB8jF5CoY
b31dSReXUzI71oMp1gfK/a9lhtZheQ7dSZijsPJHEuAmLq5fSNdm/WnVw32Bsy2e
W869JvT3YF2zah/e7Yw/pK00RXCDcQAu6zchrpHlrp/76kcIi6RqGjdVQ0F1HIZz
EL2Cj5h7C3T+HknGIhLD90m9QI9Xt/N6Ju9oc1o4YAzuwfQO5tnzNVbEd7FvWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:29 2024 by rpki-client on console-fra.rpki-client.org