Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/PzOUn6UD7LfFEu0425GT5OnRgvA.roa
File: PzOUn6UD7LfFEu0425GT5OnRgvA.roa (raw, json)
Hash identifier: ZOSG9+MvNDKWtaElOafAR3n3Q3eHeVZe6PoLwZYyfgg=
Subject key identifier: 3F:33:94:9F:A5:03:EC:B7:C5:12:ED:38:DB:91:93:E4:E9:D1:82:F0
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01857039A2CEC294B216CEB99E52BD47BBBD
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/PzOUn6UD7LfFEu0425GT5OnRgvA.roa
Signing time: Mon 02 Jan 2023 02:05:03 +0000
ROA not before: Mon 02 Jan 2023 02:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42962
IP address blocks: 195.180.150.0/23 maxlen: 24
194.163.80.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:a2:ce:c2:94:b2:16:ce:b9:9e:52:bd:47:bb:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 02:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f33949fa503ecb7c512ed38db9193e4e9d182f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f2:71:02:71:51:7a:17:5f:22:04:4c:b5:ec:
b6:34:3f:b4:2a:f6:af:06:e3:35:bb:5e:9d:92:f3:
64:52:24:16:22:97:dd:3c:cb:54:1f:0e:c5:8e:1d:
bb:91:c6:0d:17:fc:11:20:f2:d0:25:ab:8a:b5:74:
85:05:47:1d:97:14:02:eb:6a:ba:c1:cd:99:46:70:
95:4f:57:c9:15:bb:6f:5c:21:7d:b1:9c:41:53:93:
d5:ac:7e:42:2d:61:27:71:6d:66:b6:f7:fb:87:db:
c2:d8:62:3c:5e:27:bb:3c:e5:d2:83:1b:6f:0b:65:
77:92:73:30:cf:c0:34:76:d0:26:f2:45:3b:30:a6:
1a:d7:bf:0e:9b:50:ad:f7:b1:d4:cd:2c:c9:ba:1c:
0b:43:0d:50:0f:b4:f6:64:f5:7f:c8:11:ef:38:4c:
cc:b2:04:ee:c6:a5:d9:c2:0b:69:e6:64:c4:e6:cf:
77:7d:61:1c:7f:6f:aa:70:9f:bf:6e:fa:15:80:59:
28:ad:f6:c3:03:45:77:7d:6a:87:f1:70:91:ed:12:
15:79:db:e9:ab:e8:d8:a2:2d:3a:f2:11:74:97:56:
88:62:2a:cc:49:36:7a:83:2b:db:86:8e:75:0d:7d:
bb:52:30:13:43:f9:f4:9a:de:5a:03:8c:50:c0:4c:
42:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:33:94:9F:A5:03:EC:B7:C5:12:ED:38:DB:91:93:E4:E9:D1:82:F0
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/PzOUn6UD7LfFEu0425GT5OnRgvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.163.80.0/22
195.180.150.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:84:2b:53:27:81:01:5f:b3:ed:83:7a:83:ca:57:f8:d1:c8:
88:ce:2e:23:ff:c2:ae:dd:19:4d:37:a1:b3:ff:a7:99:16:70:
0a:28:c4:d6:e2:28:fb:64:86:f7:c8:3b:58:6a:eb:a1:75:30:
02:a4:fa:09:0c:7f:ac:44:8c:be:e1:44:74:ab:85:a7:e9:96:
cd:32:8a:f7:22:63:1d:e3:e0:73:5e:0d:a7:a4:01:07:5e:24:
cb:e5:84:76:b4:c3:fc:61:59:4b:c8:c4:87:6a:0f:f9:37:84:
ae:8e:44:a0:a4:97:68:f7:74:40:e8:a3:af:85:29:6a:ce:a2:
e0:c8:d8:e2:7d:12:ff:06:52:86:4e:0a:60:d5:ce:25:82:ef:
28:5d:f8:e6:d7:22:5d:5c:3c:dc:8c:9b:69:f7:f0:f3:fe:a3:
ac:eb:df:b7:14:88:ea:5c:18:83:09:6f:25:6d:fe:58:ac:77:
bc:10:6d:ef:58:29:a1:4b:26:ab:1a:fe:b6:8f:6a:26:61:fc:
87:61:c4:ef:94:d5:09:a0:86:6c:35:51:e2:d8:07:d8:67:d8:
91:2f:2a:b5:80:fc:7e:22:f3:63:71:2c:1d:d5:12:1c:d0:3b:
84:ab:5f:8c:c6:db:ab:58:89:50:db:cc:f9:21:07:99:73:64:
d1:48:c5:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwOaLOwpSyFs65nlK9R7u9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMwMTAyMDIwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjMzOTQ5ZmE1MDNlY2I3YzUxMmVkMzhkYjkxOTNlNGU5ZDE4MmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/JxAnFRehdfIgRMtey2ND+0Kvav
BuM1u16dkvNkUiQWIpfdPMtUHw7Fjh27kcYNF/wRIPLQJauKtXSFBUcdlxQC62q6
wc2ZRnCVT1fJFbtvXCF9sZxBU5PVrH5CLWEncW1mtvf7h9vC2GI8Xie7POXSgxtv
C2V3knMwz8A0dtAm8kU7MKYa178Om1Ct97HUzSzJuhwLQw1QD7T2ZPV/yBHvOEzM
sgTuxqXZwgtp5mTE5s93fWEcf2+qcJ+/bvoVgFkorfbDA0V3fWqH8XCR7RIVedvp
q+jYoi068hF0l1aIYirMSTZ6gyvbho51DX27UjATQ/n0mt5aA4xQwExCKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD8zlJ+lA+y3xRLtONuRk+Tp0YLwMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvUHpPVW42VUQ3TGZGRXUwNDI1R1Q1T25SZ3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwqNQAwQB
w7SWMA0GCSqGSIb3DQEBCwUAA4IBAQCxhCtTJ4EBX7Ptg3qDylf40ciIzi4j/8Ku
3RlNN6Gz/6eZFnAKKMTW4ij7ZIb3yDtYauuhdTACpPoJDH+sRIy+4UR0q4Wn6ZbN
Mor3ImMd4+BzXg2npAEHXiTL5YR2tMP8YVlLyMSHag/5N4SujkSgpJdo93RA6KOv
hSlqzqLgyNjifRL/BlKGTgpg1c4lgu8oXfjm1yJdXDzcjJtp9/Dz/qOs69+3FIjq
XBiDCW8lbf5YrHe8EG3vWCmhSyarGv62j2omYfyHYcTvlNUJoIZsNVHi2AfYZ9iR
Lyq1gPx+IvNjcSwd1RIc0DuEq1+MxturWIlQ28z5IQeZc2TRSMU8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:34 2025 by rpki-client