Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/Pnmlpy9xG0aNQjYCUyou_i5C2aQ.roa
File: Pnmlpy9xG0aNQjYCUyou_i5C2aQ.roa (raw, json)
Hash identifier: m7WkLfmeMV1dy1gVsUNSn8hAgYVVDbZzX1ubvsYWFX8=
Subject key identifier: 3E:79:A5:A7:2F:71:1B:46:8D:42:36:02:53:2A:2E:FE:2E:42:D9:A4
Certificate issuer: /CN=cc72e633df5635a9f98d2f68a6d2adcb44155cdc
Certificate serial: 01856D018F61B0CD0A3AEBD41431DC12FB85
Authority key identifier: CC:72:E6:33:DF:56:35:A9:F9:8D:2F:68:A6:D2:AD:CB:44:15:5C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHLmM99WNan5jS9optKty0QVXNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/Pnmlpy9xG0aNQjYCUyou_i5C2aQ.roa
Signing time: Sun 01 Jan 2023 11:04:56 +0000
ROA not before: Sun 01 Jan 2023 11:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60051
IP address blocks: 185.71.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:8f:61:b0:cd:0a:3a:eb:d4:14:31:dc:12:fb:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc72e633df5635a9f98d2f68a6d2adcb44155cdc
Validity
Not Before: Jan 1 11:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e79a5a72f711b468d423602532a2efe2e42d9a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0d:15:45:d4:4d:b8:94:7d:24:61:b4:40:88:
8a:c4:71:c0:fd:4c:fc:c6:71:2a:e3:a5:b7:26:44:
ff:08:d0:5c:9a:71:01:7f:a5:77:a6:f1:13:5a:8a:
1c:a6:2f:58:6a:c5:73:d0:8c:15:0e:05:02:78:90:
88:4e:43:34:1f:0e:80:0e:8f:81:19:7f:6c:62:bb:
76:98:58:c7:73:28:93:84:36:21:a0:49:46:c5:f6:
0b:ce:2f:86:1a:72:02:74:67:4a:42:67:d4:b8:bb:
84:c4:8f:24:1c:91:6f:fc:ad:37:87:25:fa:c1:1b:
d8:f1:eb:65:eb:60:b0:85:cb:d2:83:e8:ed:fd:4a:
91:28:e1:33:07:8a:fd:e0:6b:7c:e0:77:77:5a:59:
b1:8a:4f:11:ce:9d:b6:d0:f6:1e:02:d6:68:c3:fc:
89:49:74:b7:ef:80:5a:53:96:cb:ec:cc:78:8c:11:
78:1e:b2:79:4e:82:70:dc:b0:98:3d:1a:4f:32:c5:
49:bc:f8:ae:f5:af:ef:b4:7f:02:83:0e:59:32:fa:
2a:56:d7:db:de:d6:5d:1f:d4:07:fa:13:c2:70:d2:
ce:f4:08:26:4a:93:44:d5:9b:7b:ba:3b:57:19:80:
0a:72:d3:c7:2c:fe:26:88:56:f7:50:4d:3f:0a:c7:
c3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:79:A5:A7:2F:71:1B:46:8D:42:36:02:53:2A:2E:FE:2E:42:D9:A4
X509v3 Authority Key Identifier:
keyid:CC:72:E6:33:DF:56:35:A9:F9:8D:2F:68:A6:D2:AD:CB:44:15:5C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHLmM99WNan5jS9optKty0QVXNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/Pnmlpy9xG0aNQjYCUyou_i5C2aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/zHLmM99WNan5jS9optKty0QVXNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.204.0/24
Signature Algorithm: sha256WithRSAEncryption
66:45:c0:84:33:9a:37:07:1f:84:d7:35:b2:cd:0d:a6:e8:b5:
7f:95:3a:09:af:53:21:4c:12:40:59:68:88:17:2d:ab:53:61:
eb:68:47:fb:82:f7:e0:fe:84:1c:1f:56:e2:1e:2c:e9:b4:6f:
03:f1:44:6e:f8:54:24:12:3f:30:fb:f2:a8:4b:95:2c:fd:97:
15:db:55:ca:4f:e1:2f:e2:77:7a:a9:ee:7d:a0:8f:88:ea:bf:
dc:57:77:f4:43:58:f9:89:48:c3:17:94:0d:9b:e7:bb:0c:21:
64:f9:75:f4:64:82:bf:b3:9f:1d:b3:ac:6c:34:6c:26:f2:32:
10:55:2e:02:7c:0f:f6:89:39:de:36:99:6a:b0:27:96:95:00:
cf:cb:4d:c9:94:3e:7b:a0:b0:32:08:08:5c:01:44:37:34:af:
2d:27:65:1e:20:1c:88:38:2d:8d:fe:32:17:d4:50:ee:db:19:
2e:45:8c:b1:69:c8:e0:db:28:ce:12:a2:f7:6c:68:cf:f9:fb:
1f:5e:f4:ba:9a:7d:11:1b:b4:e8:b0:5c:bf:a7:f9:8e:77:fb:
49:ee:3b:c8:22:fd:e1:1c:b4:93:42:a1:00:7c:ef:d5:3b:93:
de:0d:7f:4f:f8:ae:03:d3:a5:4c:3c:dc:0c:fc:de:37:60:b8:
a4:ef:f7:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAY9hsM0KOuvUFDHcEvuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNzJlNjMzZGY1NjM1YTlmOThkMmY2OGE2ZDJhZGNiNDQx
NTVjZGMwHhcNMjMwMTAxMTEwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTc5YTVhNzJmNzExYjQ2OGQ0MjM2MDI1MzJhMmVmZTJlNDJkOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7g0VRdRNuJR9JGG0QIiKxHHA/Uz8
xnEq46W3JkT/CNBcmnEBf6V3pvETWoocpi9YasVz0IwVDgUCeJCITkM0Hw6ADo+B
GX9sYrt2mFjHcyiThDYhoElGxfYLzi+GGnICdGdKQmfUuLuExI8kHJFv/K03hyX6
wRvY8etl62CwhcvSg+jt/UqRKOEzB4r94Gt84Hd3Wlmxik8Rzp220PYeAtZow/yJ
SXS374BaU5bL7Mx4jBF4HrJ5ToJw3LCYPRpPMsVJvPiu9a/vtH8Cgw5ZMvoqVtfb
3tZdH9QH+hPCcNLO9AgmSpNE1Zt7ujtXGYAKctPHLP4miFb3UE0/CsfDtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD55pacvcRtGjUI2AlMqLv4uQtmkMB8GA1UdIwQY
MBaAFMxy5jPfVjWp+Y0vaKbSrctEFVzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhMbU05OVdOYW41alM5b3B0S3R5MFFWWE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wMjcwMzYtODJiMy00MTI4LWI5NTQt
ZDAxMmNhOWVjMTk3LzEvUG5tbHB5OXhHMGFOUWpZQ1V5b3VfaTVDMmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wMjcwMzYtODJiMy00MTI4LWI5NTQtZDAxMmNhOWVjMTk3
LzEvekhMbU05OVdOYW41alM5b3B0S3R5MFFWWE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUfMMA0G
CSqGSIb3DQEBCwUAA4IBAQBmRcCEM5o3Bx+E1zWyzQ2m6LV/lToJr1MhTBJAWWiI
Fy2rU2HraEf7gvfg/oQcH1biHizptG8D8URu+FQkEj8w+/KoS5Us/ZcV21XKT+Ev
4nd6qe59oI+I6r/cV3f0Q1j5iUjDF5QNm+e7DCFk+XX0ZIK/s58ds6xsNGwm8jIQ
VS4CfA/2iTneNplqsCeWlQDPy03JlD57oLAyCAhcAUQ3NK8tJ2UeIByIOC2N/jIX
1FDu2xkuRYyxacjg2yjOEqL3bGjP+fsfXvS6mn0RG7TosFy/p/mOd/tJ7jvIIv3h
HLSTQqEAfO/VO5PeDX9P+K4D06VMPNwM/N43YLik7/dC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:30 2025 by rpki-client