Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/PqTZBdqcTuB32jZutrLXvcjJfQQ.roa
File: PqTZBdqcTuB32jZutrLXvcjJfQQ.roa (raw, json)
Hash identifier: yIyDedFkXuQXT+qYtwzbZZZ9g0DMgB1ZKo7qhzwoZgc=
Subject key identifier: 3E:A4:D9:05:DA:9C:4E:E0:77:DA:36:6E:B6:B2:D7:BD:C8:C9:7D:04
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 01829690178AEBB47335978F4196DB311DFD
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/PqTZBdqcTuB32jZutrLXvcjJfQQ.roa
Signing time: Sat 13 Aug 2022 09:36:41 +0000
ROA not before: Sat 13 Aug 2022 09:36:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61400
IP address blocks: 77.220.216.0/21 maxlen: 21
62.76.24.0/22 maxlen: 22
91.107.85.0/24 maxlen: 24
91.107.84.0/24 maxlen: 24
91.107.86.0/24 maxlen: 24
91.107.86.0/23 maxlen: 23
185.126.92.0/22 maxlen: 24
185.62.103.0/24 maxlen: 24
46.21.252.0/22 maxlen: 24
62.76.112.0/22 maxlen: 32
185.111.216.0/23 maxlen: 23
185.111.219.0/24 maxlen: 24
185.111.218.0/24 maxlen: 24
212.8.232.0/22 maxlen: 22
89.248.236.0/24 maxlen: 24
185.40.28.0/22 maxlen: 22
31.200.248.0/21 maxlen: 21
62.76.88.0/22 maxlen: 22
91.227.34.0/23 maxlen: 23
62.76.100.0/22 maxlen: 22
2a03:220::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:96:90:17:8a:eb:b4:73:35:97:8f:41:96:db:31:1d:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Aug 13 09:36:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ea4d905da9c4ee077da366eb6b2d7bdc8c97d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:51:c4:b2:63:31:c5:7b:22:06:2f:6d:0a:8d:
a8:82:f0:1c:3d:7c:e5:f6:df:37:53:d3:20:37:2f:
d9:12:3a:8b:f1:b2:24:d7:97:87:12:65:7c:2e:87:
21:24:3a:32:f0:b1:8d:71:2b:65:0b:cd:8c:5e:5c:
45:17:ca:e7:a0:20:a3:1c:a0:7e:b2:c5:68:6e:0e:
14:67:72:fc:ba:33:22:1f:03:bd:24:da:64:64:72:
b4:9c:3c:6a:b6:0f:a4:09:34:00:cf:dc:0b:87:06:
82:a8:83:fd:65:4a:09:3c:83:25:49:65:16:89:20:
23:e6:0f:97:ba:fb:1b:1a:ad:01:ea:cc:ab:07:a5:
51:0a:6d:58:df:c4:06:76:ce:df:9f:9f:ee:1a:20:
ce:de:51:10:1f:65:18:b0:16:cf:a4:3f:1d:15:68:
1c:3b:88:4b:90:ce:d9:34:a3:97:d8:4a:2f:3b:8d:
ba:58:fb:82:0c:ba:3d:bd:da:8e:08:ad:bf:da:54:
46:5a:0e:0f:62:1e:aa:ea:92:9e:3b:71:5d:96:52:
d3:bf:57:22:28:8c:1a:aa:31:4e:c8:a9:ea:71:7e:
71:96:aa:48:52:74:99:16:c4:1c:de:68:02:72:92:
44:9d:39:a6:4e:3c:0e:88:8a:47:ee:26:ae:3e:f4:
2c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A4:D9:05:DA:9C:4E:E0:77:DA:36:6E:B6:B2:D7:BD:C8:C9:7D:04
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/PqTZBdqcTuB32jZutrLXvcjJfQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.248.0/21
46.21.252.0/22
62.76.24.0/22
62.76.88.0/22
62.76.100.0/22
62.76.112.0/22
77.220.216.0/21
89.248.236.0/24
91.107.84.0/22
91.227.34.0/23
185.40.28.0/22
185.62.103.0/24
185.111.216.0/22
185.126.92.0/22
212.8.232.0/22
IPv6:
2a03:220::/32
Signature Algorithm: sha256WithRSAEncryption
64:d6:d8:38:83:f3:51:95:17:29:a7:7b:c2:f5:d7:27:f2:35:
6f:58:d5:fc:0a:7b:f1:68:58:c0:17:bc:73:26:b1:e4:1f:e7:
f1:5d:00:48:05:06:21:81:58:40:53:ec:18:76:4b:e8:30:3b:
ec:49:a9:67:4e:bc:5a:14:8e:b7:20:0f:95:41:8b:e3:da:d4:
6c:62:3e:93:a4:2f:9e:6c:2c:e3:3c:68:14:8c:bc:32:38:9d:
9f:5c:78:d5:dd:05:0b:87:40:5c:3e:b7:c3:93:25:e4:4f:9f:
d8:31:6e:89:ce:c9:6e:7d:2d:03:17:34:6d:36:22:44:e5:bc:
93:aa:3d:1c:f1:2e:4e:f5:03:40:07:ad:ce:e2:b8:36:0f:52:
47:c0:fb:94:70:6d:92:e5:17:89:9b:e5:3a:59:d8:8a:38:9b:
9d:ab:84:db:de:df:b9:6e:e0:46:ff:1b:0a:7c:fb:97:f8:3a:
4c:cd:02:53:61:48:d2:31:32:1b:d4:69:c8:ce:36:8d:31:c6:
8f:f3:d0:7b:f0:0a:8a:f8:ce:8a:d1:89:e7:73:b0:c9:68:c2:
d1:98:70:06:9c:65:50:db:f3:70:84:14:af:65:22:54:4f:e0:
6d:fc:e3:70:0c:68:d6:57:5b:28:73:28:f3:ab:ab:02:9a:f2:
29:cd:56:a3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYKWkBeK67RzNZePQZbbMR39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjIwODEzMDkzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWE0ZDkwNWRhOWM0ZWUwNzdkYTM2NmViNmIyZDdiZGM4Yzk3ZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFHEsmMxxXsiBi9tCo2ogvAcPXzl
9t83U9MgNy/ZEjqL8bIk15eHEmV8LochJDoy8LGNcStlC82MXlxFF8rnoCCjHKB+
ssVobg4UZ3L8ujMiHwO9JNpkZHK0nDxqtg+kCTQAz9wLhwaCqIP9ZUoJPIMlSWUW
iSAj5g+XuvsbGq0B6syrB6VRCm1Y38QGds7fn5/uGiDO3lEQH2UYsBbPpD8dFWgc
O4hLkM7ZNKOX2EovO426WPuCDLo9vdqOCK2/2lRGWg4PYh6q6pKeO3FdllLTv1ci
KIwaqjFOyKnqcX5xlqpIUnSZFsQc3mgCcpJEnTmmTjwOiIpH7iauPvQstQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFD6k2QXanE7gd9o2bray173IyX0EMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvUHFUWkJkcWNUdUIzMmpadXRyTFh2Y2pKZlFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAx/I+AME
Ai4V/AMEAj5MGAMEAj5MWAMEAj5MZAMEAj5McAMEA03c2AMEAFn47AMEAltrVAME
AVvjIgMEArkoHAMEALk+ZwMEArlv2AMEArl+XAMEAtQI6DANBAIAAjAHAwUAKgMC
IDANBgkqhkiG9w0BAQsFAAOCAQEAZNbYOIPzUZUXKad7wvXXJ/I1b1jV/Ap78WhY
wBe8cyax5B/n8V0ASAUGIYFYQFPsGHZL6DA77EmpZ068WhSOtyAPlUGL49rUbGI+
k6Qvnmws4zxoFIy8Mjidn1x41d0FC4dAXD63w5Ml5E+f2DFuic7Jbn0tAxc0bTYi
ROW8k6o9HPEuTvUDQAetzuK4Ng9SR8D7lHBtkuUXiZvlOlnYijibnauE297fuW7g
Rv8bCnz7l/g6TM0CU2FI0jEyG9RpyM42jTHGj/PQe/AKivjOitGJ53OwyWjC0Zhw
BpxlUNvzcIQUr2UiVE/gbfzjcAxo1ldbKHMo86urApryKc1Wow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:48 2024 by rpki-client on console-ams.rpki-client.org