Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/PjI9y5sHIHGWadJLjN0s60qTxT0.roa
File: PjI9y5sHIHGWadJLjN0s60qTxT0.roa (raw, json)
Hash identifier: hU2fJ/ZCuDpmpyJfgN4FkSzAGi6a0EA/ofzcRZSxmLk=
Subject key identifier: 3E:32:3D:CB:9B:07:20:71:96:69:D2:4B:8C:DD:2C:EB:4A:93:C5:3D
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018461B63AE9DCE7E55622F055888488E160
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/PjI9y5sHIHGWadJLjN0s60qTxT0.roa
Signing time: Thu 10 Nov 2022 13:24:03 +0000
ROA not before: Thu 10 Nov 2022 13:24:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206092
IP address blocks: 85.203.21.0/24 maxlen: 24
85.203.20.0/24 maxlen: 24
85.203.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:61:b6:3a:e9:dc:e7:e5:56:22:f0:55:88:84:88:e1:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Nov 10 13:24:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e323dcb9b0720719669d24b8cdd2ceb4a93c53d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e4:ce:26:3b:f1:cf:d0:5d:5f:f9:95:04:17:
be:9b:dd:38:67:54:ae:3e:8e:83:07:89:57:d8:5e:
fc:14:de:7a:7c:e8:b0:72:7d:e9:d2:4f:9a:97:7c:
7f:9d:e2:52:b9:8b:ac:6a:80:5e:01:51:25:22:f1:
15:b8:f0:1e:4f:0f:6a:10:4b:aa:fa:be:01:d5:12:
7d:d0:6a:dd:4e:70:05:d3:ea:73:db:f0:26:0e:cc:
51:6f:a9:c9:55:9e:b4:81:be:af:94:ff:c4:e1:62:
da:cc:41:69:f7:b0:f1:25:50:c5:ef:f9:45:0b:50:
20:5d:68:39:8e:98:ed:23:35:94:fd:45:6f:0c:01:
60:b2:a7:fb:76:57:21:25:fe:4e:ad:6d:ca:4a:a5:
4f:44:66:cb:60:9b:39:73:ac:4b:c4:6e:74:b0:fb:
fd:29:d1:dd:69:b4:a4:26:08:87:ba:63:94:c5:a2:
9a:84:b8:d0:fa:37:32:f3:73:74:5a:4f:cd:cf:f8:
cf:1c:a1:5b:a5:db:79:c5:d9:5a:c4:04:a5:cc:63:
f2:1b:04:8e:fb:99:26:43:75:49:72:52:05:e9:78:
0d:56:dc:fa:f0:2c:ec:8c:06:c1:65:5f:43:7e:5d:
a8:13:1a:8c:55:50:6f:69:4f:19:ad:18:39:11:4b:
d6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:32:3D:CB:9B:07:20:71:96:69:D2:4B:8C:DD:2C:EB:4A:93:C5:3D
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/PjI9y5sHIHGWadJLjN0s60qTxT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.20.0/23
85.203.34.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:6f:33:a9:22:6d:2a:36:5a:7b:2a:a6:44:28:0e:88:ba:66:
75:05:de:6e:60:85:90:57:d7:75:f5:6f:b6:2c:1a:c7:ba:1d:
be:2e:22:6e:b9:84:9c:3f:70:cf:99:4d:a4:f9:3b:a4:85:24:
82:04:10:b8:11:b3:19:38:7e:f8:b1:68:90:11:57:7a:48:4f:
d8:9f:41:34:d6:e7:34:82:42:76:71:30:c3:a2:51:73:9d:73:
83:92:b4:54:51:a9:5e:84:49:0b:67:cb:d4:1e:2a:9d:4c:5d:
1a:a6:5c:4e:26:85:ac:98:4e:c9:f7:16:72:fc:63:37:a9:38:
73:03:fd:51:6b:be:e9:83:95:c7:c2:7b:09:6a:19:21:f2:73:
11:d0:93:21:46:1e:67:24:85:dd:14:88:5d:2b:92:4b:a1:0c:
1b:26:74:3d:83:3c:74:bd:6b:07:7d:60:ac:58:f7:66:5b:e5:
28:52:b0:f9:a5:d2:32:07:e0:82:af:2b:60:44:f4:ae:29:de:
4c:2c:a8:0b:30:d5:18:10:b1:78:ff:f6:21:8e:2d:21:1e:c5:
65:b3:dc:51:85:24:1a:94:46:8b:58:80:fb:b7:a0:68:b2:ec:
2c:91:29:d6:ca:37:58:77:3d:5f:1a:b1:c4:31:d2:e2:04:16:
15:cc:09:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRhtjrp3OflViLwVYiEiOFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjIxMTEwMTMyNDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTMyM2RjYjliMDcyMDcxOTY2OWQyNGI4Y2RkMmNlYjRhOTNjNTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+TOJjvxz9BdX/mVBBe+m904Z1Su
Po6DB4lX2F78FN56fOiwcn3p0k+al3x/neJSuYusaoBeAVElIvEVuPAeTw9qEEuq
+r4B1RJ90GrdTnAF0+pz2/AmDsxRb6nJVZ60gb6vlP/E4WLazEFp97DxJVDF7/lF
C1AgXWg5jpjtIzWU/UVvDAFgsqf7dlchJf5OrW3KSqVPRGbLYJs5c6xLxG50sPv9
KdHdabSkJgiHumOUxaKahLjQ+jcy83N0Wk/Nz/jPHKFbpdt5xdlaxASlzGPyGwSO
+5kmQ3VJclIF6XgNVtz68CzsjAbBZV9Dfl2oExqMVVBvaU8ZrRg5EUvWSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD4yPcubByBxlmnSS4zdLOtKk8U9MB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvUGpJOXk1c0hJSEdXYWRKTGpOMHM2MHFUeFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVcsUAwQA
VcsiMA0GCSqGSIb3DQEBCwUAA4IBAQAdbzOpIm0qNlp7KqZEKA6IumZ1Bd5uYIWQ
V9d19W+2LBrHuh2+LiJuuYScP3DPmU2k+TukhSSCBBC4EbMZOH74sWiQEVd6SE/Y
n0E01uc0gkJ2cTDDolFznXODkrRUUalehEkLZ8vUHiqdTF0aplxOJoWsmE7J9xZy
/GM3qThzA/1Ra77pg5XHwnsJahkh8nMR0JMhRh5nJIXdFIhdK5JLoQwbJnQ9gzx0
vWsHfWCsWPdmW+UoUrD5pdIyB+CCrytgRPSuKd5MLKgLMNUYELF4//Yhji0hHsVl
s9xRhSQalEaLWID7t6BosuwskSnWyjdYdz1fGrHEMdLiBBYVzAmn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:07 2023 by rpki-client on console-fra.rpki-client.org