Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/PyPGGoIiGgTKzLxhzlrHPofPt34.roa
File: PyPGGoIiGgTKzLxhzlrHPofPt34.roa (raw, json)
Hash identifier: XpTXxjt3Ja3R/PrOLGVSUnrZqGf3Fvt1JddAR+aCgi4=
Subject key identifier: 3F:23:C6:1A:82:22:1A:04:CA:CC:BC:61:CE:5A:C7:3E:87:CF:B7:7E
Certificate issuer: /CN=535761913f575c411c992322ebb06cd2f37f02a2
Certificate serial: 018870AA3CB5DC4ED0C4CFD4831EC711DE00
Authority key identifier: 53:57:61:91:3F:57:5C:41:1C:99:23:22:EB:B0:6C:D2:F3:7F:02:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1dhkT9XXEEcmSMi67Bs0vN_AqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/PyPGGoIiGgTKzLxhzlrHPofPt34.roa
Signing time: Wed 31 May 2023 07:16:24 +0000
ROA not before: Wed 31 May 2023 07:16:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5520
IP address blocks: 134.95.0.0/16 maxlen: 16
185.240.116.0/22 maxlen: 22
2a00:a200::/32 maxlen: 32
2a00:a200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:70:aa:3c:b5:dc:4e:d0:c4:cf:d4:83:1e:c7:11:de:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535761913f575c411c992322ebb06cd2f37f02a2
Validity
Not Before: May 31 07:16:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f23c61a82221a04caccbc61ce5ac73e87cfb77e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f0:3c:2a:31:68:5f:22:0f:06:72:2a:93:29:
f4:43:6f:ce:af:cb:3e:fa:e5:c0:cb:ed:57:39:77:
8e:c9:39:89:0b:e6:f4:65:e8:f6:be:5b:dc:78:10:
a3:76:9c:29:2b:7d:5c:d5:ad:df:36:e1:1e:8e:7e:
6e:a7:03:0a:09:e5:72:f2:45:28:da:d4:d9:6d:43:
26:59:39:bd:e7:b1:d4:d8:7d:1d:40:00:62:ff:0b:
ce:81:c0:34:2c:71:67:6f:81:3c:5d:68:69:3a:f3:
2c:be:ec:cd:1d:56:77:0a:1b:ca:0a:28:58:b7:57:
20:b9:cb:b5:bc:85:9e:83:ba:30:06:d4:88:cf:b2:
46:a0:0c:c8:be:cb:5a:e0:51:63:66:45:bc:b5:56:
86:c6:f3:7b:98:6a:a6:86:90:91:cf:5d:92:70:42:
80:2a:46:c2:b4:26:39:b1:d6:11:2a:d8:55:e9:ee:
56:98:b0:58:57:65:b9:41:33:3f:20:95:d1:c5:3c:
10:d9:7e:e5:70:26:b4:6c:10:ef:82:86:72:f7:16:
4c:ce:0c:07:32:62:30:62:76:72:64:1a:d1:41:bb:
1c:b5:fd:ef:3a:fb:8b:cb:70:9d:76:66:84:db:3a:
ef:65:a1:83:48:7e:68:48:e6:02:b3:13:2c:a2:ce:
eb:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:23:C6:1A:82:22:1A:04:CA:CC:BC:61:CE:5A:C7:3E:87:CF:B7:7E
X509v3 Authority Key Identifier:
keyid:53:57:61:91:3F:57:5C:41:1C:99:23:22:EB:B0:6C:D2:F3:7F:02:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1dhkT9XXEEcmSMi67Bs0vN_AqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/PyPGGoIiGgTKzLxhzlrHPofPt34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/U1dhkT9XXEEcmSMi67Bs0vN_AqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.95.0.0/16
185.240.116.0/22
IPv6:
2a00:a200::/29
Signature Algorithm: sha256WithRSAEncryption
89:02:ed:08:48:ef:92:eb:39:e1:9d:65:ec:ca:d8:cf:ce:d8:
96:a6:ab:7c:77:88:8b:c1:1b:17:cb:b6:50:b6:20:c1:81:aa:
20:9b:7b:2e:5d:c5:13:56:ed:d3:2a:30:fb:87:44:2e:c3:04:
07:1c:23:b1:ef:bb:08:e2:63:83:8b:21:78:c7:62:31:2b:8e:
73:64:32:9e:ef:44:30:82:a5:37:c0:dc:a9:a8:57:38:5c:7b:
37:52:c0:b1:38:6d:20:3e:de:9e:90:69:9b:cb:36:de:e7:12:
fd:5a:4f:a4:3b:69:64:db:d9:7e:c9:f5:68:d0:53:fd:69:a8:
c8:fa:ba:2f:61:c1:33:f2:67:e3:4c:0c:83:45:77:6d:1f:83:
03:14:6e:e6:f5:39:39:dc:32:89:50:c4:35:47:65:f5:3e:21:
e4:80:8f:6c:fe:ba:95:6b:e9:b0:9c:ed:e7:84:d1:bc:1c:4e:
2d:c5:4c:de:60:fd:5a:49:99:87:9c:73:25:d4:30:6f:a3:7d:
36:55:ac:0e:cf:a8:b9:66:fe:38:a4:f1:df:3e:63:b6:0c:b9:
95:63:94:dc:f1:b8:fa:b7:1f:92:b0:a5:c3:3b:f4:b5:51:74:
61:b1:02:2a:7e:f0:dc:b9:07:db:ff:85:b6:5d:6b:77:8b:71:
5c:e3:50:15
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYhwqjy13E7QxM/Ugx7HEd4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTc2MTkxM2Y1NzVjNDExYzk5MjMyMmViYjA2Y2QyZjM3
ZjAyYTIwHhcNMjMwNTMxMDcxNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjIzYzYxYTgyMjIxYTA0Y2FjY2JjNjFjZTVhYzczZTg3Y2ZiNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvA8KjFoXyIPBnIqkyn0Q2/Or8s+
+uXAy+1XOXeOyTmJC+b0Zej2vlvceBCjdpwpK31c1a3fNuEejn5upwMKCeVy8kUo
2tTZbUMmWTm957HU2H0dQABi/wvOgcA0LHFnb4E8XWhpOvMsvuzNHVZ3ChvKCihY
t1cgucu1vIWeg7owBtSIz7JGoAzIvsta4FFjZkW8tVaGxvN7mGqmhpCRz12ScEKA
KkbCtCY5sdYRKthV6e5WmLBYV2W5QTM/IJXRxTwQ2X7lcCa0bBDvgoZy9xZMzgwH
MmIwYnZyZBrRQbsctf3vOvuLy3CddmaE2zrvZaGDSH5oSOYCsxMsos7r6wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD8jxhqCIhoEysy8Yc5axz6Hz7d+MB8GA1UdIwQY
MBaAFFNXYZE/V1xBHJkjIuuwbNLzfwKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFkaGtUOVhYRUVjbVNNaTY3QnMwdk5fQXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85ZjAwYTktYjYwZi00ZTMyLTkwMzct
MDRkZmMzNjYzZTM1LzEvUHlQR0dvSWlHZ1RLekx4aHpsckhQb2ZQdDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85ZjAwYTktYjYwZi00ZTMyLTkwMzctMDRkZmMzNjYzZTM1
LzEvVTFkaGtUOVhYRUVjbVNNaTY3QnMwdk5fQXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAhl8DBAK5
8HQwDQQCAAIwBwMFAyoAogAwDQYJKoZIhvcNAQELBQADggEBAIkC7QhI75LrOeGd
ZezK2M/O2Jamq3x3iIvBGxfLtlC2IMGBqiCbey5dxRNW7dMqMPuHRC7DBAccI7Hv
uwjiY4OLIXjHYjErjnNkMp7vRDCCpTfA3KmoVzhcezdSwLE4bSA+3p6QaZvLNt7n
Ev1aT6Q7aWTb2X7J9WjQU/1pqMj6ui9hwTPyZ+NMDINFd20fgwMUbub1OTncMolQ
xDVHZfU+IeSAj2z+upVr6bCc7eeE0bwcTi3FTN5g/VpJmYeccyXUMG+jfTZVrA7P
qLlm/jik8d8+Y7YMuZVjlNzxuPq3H5KwpcM79LVRdGGxAip+8Ny5B9v/hbZda3eL
cVzjUBU=
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:27:02 2025 by rpki-client