Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/PFD4Pox4Sm9RC3RH4l0Mp2YF0ME.roa
File: PFD4Pox4Sm9RC3RH4l0Mp2YF0ME.roa (raw, json)
Hash identifier: RwccQrrtu3Gnt9JMiv18Hw0chflXsnrFhMWQvfaQKiQ=
Subject key identifier: 3C:50:F8:3E:8C:78:4A:6F:51:0B:74:47:E2:5D:0C:A7:66:05:D0:C1
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018C14029131A1C4884B1C131EFD3977B132
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/PFD4Pox4Sm9RC3RH4l0Mp2YF0ME.roa
Signing time: Tue 28 Nov 2023 03:39:21 +0000
ROA not before: Tue 28 Nov 2023 03:39:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.249.202.0/24 maxlen: 24
185.21.254.0/24 maxlen: 24
89.249.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:14:02:91:31:a1:c4:88:4b:1c:13:1e:fd:39:77:b1:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Nov 28 03:39:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c50f83e8c784a6f510b7447e25d0ca76605d0c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a7:90:05:08:52:3d:5c:9d:52:e4:93:12:d5:
06:02:d5:36:6c:4c:91:b5:76:71:da:5e:a5:fc:97:
3b:64:eb:e0:8f:66:97:84:51:2f:a2:96:8e:0b:27:
37:55:08:ae:cb:fa:ee:7e:86:63:f9:24:61:a3:22:
a5:7f:76:0f:9d:80:55:64:08:a0:ad:05:41:0e:92:
e8:ef:c0:fb:16:7a:26:7e:a6:0e:be:3b:12:0e:b9:
30:7d:fc:10:ee:47:0d:ab:15:2b:6a:0f:92:cb:b6:
15:c2:b0:fc:66:7e:65:d9:7a:bb:29:6a:bd:85:d2:
40:38:f8:d6:b7:58:70:7e:73:df:3d:19:eb:f4:e6:
bf:19:6d:80:fe:17:b6:71:58:12:79:6b:26:8a:0d:
2a:eb:05:2b:ba:cd:0a:44:c5:26:c1:e4:bf:47:5f:
95:75:26:25:e3:4f:6a:f0:09:a3:b2:02:f1:62:06:
41:b4:a9:78:87:ca:83:23:0d:d7:29:d8:ab:23:98:
f5:a5:e6:5e:9d:9c:05:8d:bb:01:ed:49:f0:ec:0e:
af:06:61:68:4d:91:2f:00:ad:35:6d:1d:9f:78:95:
20:d6:d5:34:13:4e:12:45:f5:4a:e4:49:5b:6b:2f:
17:36:f8:ed:a1:c3:8a:91:5d:5f:15:cc:4a:97:9e:
06:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:50:F8:3E:8C:78:4A:6F:51:0B:74:47:E2:5D:0C:A7:66:05:D0:C1
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/PFD4Pox4Sm9RC3RH4l0Mp2YF0ME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.202.0/24
89.249.204.0/24
185.21.254.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:c9:1d:a7:51:74:6d:87:69:3a:50:97:72:b4:0c:88:6e:ab:
7a:dd:da:33:1a:19:86:67:35:0c:ed:ac:1e:6d:07:32:0a:0e:
cc:c8:f9:6c:b8:ec:fe:43:1f:03:c8:cf:5d:de:55:1c:03:d4:
69:f9:d6:f1:58:bb:a7:3f:2d:99:9c:70:dc:09:87:d3:09:b2:
95:11:52:7f:df:ea:4c:15:fe:c2:d6:68:16:74:50:23:fe:ba:
a1:1b:80:89:7c:ce:11:44:d5:d5:26:97:77:22:f3:d6:20:73:
d0:39:9b:a8:38:84:f7:ff:79:64:fe:be:08:d2:fa:83:d4:c3:
06:fc:40:cc:fd:d4:c9:c6:f7:1a:52:c0:0b:bc:1e:53:e1:bc:
bb:35:bf:55:e9:4b:39:10:11:80:a0:3f:78:7e:1d:8d:29:e3:
bd:b4:03:61:97:4c:8f:9b:9e:ae:4b:fd:6e:8c:08:65:f7:f7:
59:82:58:35:c8:95:48:95:dc:0f:02:24:30:8f:93:4f:f7:0b:
86:76:9e:ef:e4:7e:ee:52:2f:cd:f8:f0:99:80:1e:63:db:d1:
9d:4a:8a:88:7f:31:9a:0f:ee:df:57:95:bb:7b:1a:28:c7:55:
57:17:4e:27:ae:9d:cd:5d:db:b0:ea:1e:1f:c9:55:07:e4:6f:
ac:43:c0:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwUApExocSISxwTHv05d7EyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMxMTI4MDMzOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzUwZjgzZThjNzg0YTZmNTEwYjc0NDdlMjVkMGNhNzY2MDVkMGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqeQBQhSPVydUuSTEtUGAtU2bEyR
tXZx2l6l/Jc7ZOvgj2aXhFEvopaOCyc3VQiuy/rufoZj+SRhoyKlf3YPnYBVZAig
rQVBDpLo78D7FnomfqYOvjsSDrkwffwQ7kcNqxUrag+Sy7YVwrD8Zn5l2Xq7KWq9
hdJAOPjWt1hwfnPfPRnr9Oa/GW2A/he2cVgSeWsmig0q6wUrus0KRMUmweS/R1+V
dSYl409q8AmjsgLxYgZBtKl4h8qDIw3XKdirI5j1peZenZwFjbsB7Unw7A6vBmFo
TZEvAK01bR2feJUg1tU0E04SRfVK5Elbay8XNvjtocOKkV1fFcxKl54GKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDxQ+D6MeEpvUQt0R+JdDKdmBdDBMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvUEZENFBveDRTbTlSQzNSSDRsME1wMllGME1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfnKAwQA
WfnMAwQAuRX+MA0GCSqGSIb3DQEBCwUAA4IBAQDWyR2nUXRth2k6UJdytAyIbqt6
3dozGhmGZzUM7awebQcyCg7MyPlsuOz+Qx8DyM9d3lUcA9Rp+dbxWLunPy2ZnHDc
CYfTCbKVEVJ/3+pMFf7C1mgWdFAj/rqhG4CJfM4RRNXVJpd3IvPWIHPQOZuoOIT3
/3lk/r4I0vqD1MMG/EDM/dTJxvcaUsALvB5T4by7Nb9V6Us5EBGAoD94fh2NKeO9
tANhl0yPm56uS/1ujAhl9/dZglg1yJVIldwPAiQwj5NP9wuGdp7v5H7uUi/N+PCZ
gB5j29GdSoqIfzGaD+7fV5W7exoox1VXF04nrp3NXduw6h4fyVUH5G+sQ8CT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:10 2025 by rpki-client