Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/pnD81SGuNBZxuvCjFBG-uITJqJ8.roa
File: pnD81SGuNBZxuvCjFBG-uITJqJ8.roa (raw, json)
Hash identifier: 1XlwOWZJogyLNI4BdQjuTaKw8fyjfYB9y4U7N+PoFwA=
Subject key identifier: A6:70:FC:D5:21:AE:34:16:71:BA:F0:A3:14:11:BE:B8:84:C9:A8:9F
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 018414C7CBF673F25040323B8718FF60577D
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/pnD81SGuNBZxuvCjFBG-uITJqJ8.roa
Signing time: Wed 26 Oct 2022 14:52:28 +0000
ROA not before: Wed 26 Oct 2022 14:52:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50352
IP address blocks: 185.94.82.0/24 maxlen: 24
185.94.80.0/23 maxlen: 23
193.42.157.0/24 maxlen: 24
194.50.52.0/24 maxlen: 24
2a05:bf81::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:14:c7:cb:f6:73:f2:50:40:32:3b:87:18:ff:60:57:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Oct 26 14:52:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a670fcd521ae341671baf0a31411beb884c9a89f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:01:2d:24:66:6c:64:f8:94:68:78:87:31:a5:
f7:59:46:19:36:a9:8e:bc:16:af:80:d2:42:9e:a7:
14:1b:80:ce:a7:bf:b3:5d:45:ec:1f:c0:70:9d:14:
58:75:10:45:b0:1a:8b:27:6c:b2:b1:27:f0:c1:66:
55:52:18:8b:72:5d:e9:00:5f:fc:1c:2b:e0:1b:9f:
45:5c:68:20:07:f6:fa:cc:96:9c:be:7a:9b:69:b7:
36:c0:7c:c8:fd:8d:29:95:11:dd:be:50:5c:20:9c:
c1:1e:63:ed:18:bc:67:43:14:34:07:10:df:71:f3:
e5:09:fb:d6:46:a5:d3:f1:56:f4:39:69:63:43:64:
39:f6:44:1c:b4:2b:59:1d:bf:46:06:52:e0:4d:18:
e8:a2:6f:1e:f7:ce:90:ca:6c:51:e9:b6:2c:5a:cb:
1c:a8:0b:c3:28:67:b9:fc:20:55:54:22:ea:8c:6e:
9b:aa:54:c8:0a:61:26:03:9e:37:11:43:39:e4:13:
f0:5d:cd:ad:36:29:27:5f:62:59:21:2b:0a:28:52:
23:60:1a:4a:e6:42:76:66:fa:f8:42:12:8c:b7:41:
a2:29:39:8a:4a:cb:4a:3d:f6:0c:89:e2:8a:db:71:
5e:c9:f8:01:72:83:f6:c3:d1:ec:df:b0:74:e0:54:
e2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:70:FC:D5:21:AE:34:16:71:BA:F0:A3:14:11:BE:B8:84:C9:A8:9F
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/pnD81SGuNBZxuvCjFBG-uITJqJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.80.0-185.94.82.255
193.42.157.0/24
194.50.52.0/24
IPv6:
2a05:bf81::/32
Signature Algorithm: sha256WithRSAEncryption
76:67:75:24:ad:14:d3:19:ac:f1:8f:af:33:b7:12:b9:71:20:
50:f1:b0:fd:0d:d1:68:eb:ef:4e:2d:3e:43:3b:e4:67:0a:10:
66:cd:71:4b:24:3a:5c:ba:7a:95:da:22:92:b6:3c:5f:72:be:
4d:d2:97:11:4a:bc:3c:d6:e5:9f:b2:e4:a8:24:be:a5:33:0a:
73:a4:7d:f6:01:2f:e4:07:35:5e:b8:f6:61:e0:19:6a:42:4f:
e7:8a:ba:88:2a:7e:b6:d0:a2:31:70:bc:0a:5d:bd:01:36:4a:
7b:c3:86:46:55:fc:0f:42:48:c0:9c:8f:57:d5:a9:fb:c2:b3:
3c:f4:99:9b:e8:da:b9:f2:90:f5:a9:c4:77:b2:7a:da:e3:3f:
43:ee:de:4d:12:d1:5a:3c:54:36:29:09:98:3f:dc:23:3e:0c:
1d:ab:99:ea:50:96:46:f3:fa:02:98:d8:d8:ef:f0:69:7d:98:
1e:37:ae:f1:23:f7:a0:e8:49:ef:43:61:73:57:af:32:8d:8f:
98:2a:79:2e:e4:00:e0:d5:a2:85:7b:d3:c5:9f:23:c5:86:63:
15:c1:ce:43:65:aa:2e:27:de:1d:2b:f2:5d:29:ce:40:d0:f8:
c5:cf:8b:b5:d3:16:d4:35:6d:e1:5a:e3:a6:12:6a:74:b4:0b:
57:1f:b6:e3
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYQUx8v2c/JQQDI7hxj/YFd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjIxMDI2MTQ1MjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjcwZmNkNTIxYWUzNDE2NzFiYWYwYTMxNDExYmViODg0YzlhODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQEtJGZsZPiUaHiHMaX3WUYZNqmO
vBavgNJCnqcUG4DOp7+zXUXsH8BwnRRYdRBFsBqLJ2yysSfwwWZVUhiLcl3pAF/8
HCvgG59FXGggB/b6zJacvnqbabc2wHzI/Y0plRHdvlBcIJzBHmPtGLxnQxQ0BxDf
cfPlCfvWRqXT8Vb0OWljQ2Q59kQctCtZHb9GBlLgTRjoom8e986QymxR6bYsWssc
qAvDKGe5/CBVVCLqjG6bqlTICmEmA543EUM55BPwXc2tNiknX2JZISsKKFIjYBpK
5kJ2Zvr4QhKMt0GiKTmKSstKPfYMieKK23FeyfgBcoP2w9Hs37B04FTiBwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKZw/NUhrjQWcbrwoxQRvriEyaifMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvcG5EODFTR3VOQlp4dXZDakZCRy11SVRKcUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAS5XlAD
BAC5XlIDBADBKp0DBADCMjQwDQQCAAIwBwMFACoFv4EwDQYJKoZIhvcNAQELBQAD
ggEBAHZndSStFNMZrPGPrzO3ErlxIFDxsP0N0Wjr704tPkM75GcKEGbNcUskOly6
epXaIpK2PF9yvk3SlxFKvDzW5Z+y5KgkvqUzCnOkffYBL+QHNV649mHgGWpCT+eK
uogqfrbQojFwvApdvQE2SnvDhkZV/A9CSMCcj1fVqfvCszz0mZvo2rnykPWpxHey
etrjP0Pu3k0S0Vo8VDYpCZg/3CM+DB2rmepQlkbz+gKY2Njv8Gl9mB43rvEj96Do
Se9DYXNXrzKNj5gqeS7kAODVooV708WfI8WGYxXBzkNlqi4n3h0r8l0pzkDQ+MXP
i7XTFtQ1beFa46YSanS0C1cftuM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:59 2024 by rpki-client on console-fra.rpki-client.org