Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/pAgkm_5pyWnumUGpd94dLaWTDD0.roa
File: pAgkm_5pyWnumUGpd94dLaWTDD0.roa (raw, json)
Hash identifier: PyLxdSYaof2o6rqZGxjszz7wLPKJyXacK6AxC1hzZik=
Subject key identifier: A4:08:24:9B:FE:69:C9:69:EE:99:41:A9:77:DE:1D:2D:A5:93:0C:3D
Certificate issuer: /CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Certificate serial: 018571955438BC5738F5F7FFCBCF43602EB8
Authority key identifier: 93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/pAgkm_5pyWnumUGpd94dLaWTDD0.roa
Signing time: Mon 02 Jan 2023 08:24:49 +0000
ROA not before: Mon 02 Jan 2023 08:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56410
IP address blocks: 93.119.24.0/22 maxlen: 22
159.253.224.0/22 maxlen: 22
185.122.132.0/22 maxlen: 22
185.156.196.0/22 maxlen: 22
185.57.102.0/24 maxlen: 24
185.57.100.0/22 maxlen: 22
144.2.240.0/21 maxlen: 21
81.173.12.0/22 maxlen: 22
91.216.236.0/24 maxlen: 24
91.216.241.0/24 maxlen: 24
185.32.152.0/22 maxlen: 22
5.149.168.0/21 maxlen: 21
2a04:b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:54:38:bc:57:38:f5:f7:ff:cb:cf:43:60:2e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Validity
Not Before: Jan 2 08:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a408249bfe69c969ee9941a977de1d2da5930c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:74:de:9a:27:ee:58:b4:3f:2b:98:e5:6a:f4:
35:1c:1b:0a:46:e0:97:13:f9:be:37:24:fe:4c:c7:
4a:46:5d:5d:8d:db:b9:54:8a:da:ae:9a:28:c8:b9:
81:fe:e3:29:d9:d9:51:83:dd:15:ad:e5:a0:da:96:
70:48:1d:12:1f:4d:af:b9:28:52:24:b3:67:28:54:
40:1f:33:f3:a5:63:50:49:a1:6e:55:8e:19:ea:e6:
cd:19:64:46:e2:f8:aa:79:ec:ba:76:23:72:76:86:
cc:16:70:95:e3:44:2c:7f:18:cf:3c:d3:0a:f2:53:
85:a5:02:02:01:dc:56:e7:fe:ad:f1:06:9c:38:3a:
8d:2a:1b:21:87:3f:66:b3:ea:9a:8f:6b:56:c6:20:
3f:95:8c:7b:c6:6a:d5:4d:5a:d7:1d:17:d3:01:6e:
ea:20:45:c0:e5:d4:27:95:aa:c0:95:cc:ce:a6:8d:
06:fe:04:98:8b:50:5c:fd:23:47:c3:5a:3f:df:5a:
ca:06:ba:7c:4a:52:63:80:30:ca:b9:f5:ec:1e:b2:
06:98:10:b7:c3:7a:c4:25:ee:0e:d1:03:56:49:d2:
6d:0d:38:14:9a:6f:66:f3:6b:1f:79:8b:1d:ef:44:
5c:44:67:90:69:db:ae:9d:1a:a8:35:cb:ab:b0:0c:
f8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:08:24:9B:FE:69:C9:69:EE:99:41:A9:77:DE:1D:2D:A5:93:0C:3D
X509v3 Authority Key Identifier:
keyid:93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/pAgkm_5pyWnumUGpd94dLaWTDD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.168.0/21
81.173.12.0/22
91.216.236.0/24
91.216.241.0/24
93.119.24.0/22
144.2.240.0/21
159.253.224.0/22
185.32.152.0/22
185.57.100.0/22
185.122.132.0/22
185.156.196.0/22
IPv6:
2a04:b00::/29
Signature Algorithm: sha256WithRSAEncryption
16:e5:e3:21:aa:35:af:06:51:dd:20:73:e5:01:8f:d5:be:3a:
30:41:af:31:cc:b6:b2:4e:a8:5b:f2:c4:82:4a:a6:f7:39:59:
6f:84:49:ed:58:5e:91:b8:11:e6:3d:2e:66:d9:ac:32:9c:ae:
53:6a:63:7f:99:c9:1a:4c:44:e4:d7:89:59:a6:db:32:86:16:
ee:91:05:e1:ab:98:f7:0c:3a:a4:e3:10:da:81:a6:e4:45:8d:
db:b1:72:bc:65:e9:cf:ef:6f:42:a8:db:fd:d5:74:b9:74:42:
e3:0a:50:d4:9d:48:7c:d8:8d:ff:6a:c8:35:9d:b3:65:c0:cb:
18:d6:b8:a0:ea:14:4b:57:bd:78:41:1b:b7:a7:87:2b:68:a2:
a8:55:1c:72:bc:6b:a6:c5:46:4d:32:2d:ad:4f:99:70:03:7a:
67:8c:de:1a:e5:35:09:26:19:81:a0:c4:47:88:91:ee:01:07:
c6:3a:53:09:82:27:a4:28:e4:0c:ea:b3:65:12:a0:41:76:18:
ce:9a:fc:e8:64:4c:67:b6:fd:9a:55:be:0a:ba:dc:5a:4c:82:
c6:70:7b:c2:86:6b:91:6b:db:bd:79:43:7d:35:1d:68:3c:42:
9a:c6:d0:a5:87:6e:23:ce:2d:d1:18:e7:88:92:2c:57:15:0b:
8b:94:f0:4c
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVxlVQ4vFc49ff/y89DYC64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjI5ODE5Nzg4ODU2OTZjZTFjMmJiZjRhZjk5ZGFkYzJj
NjE4ZWIwHhcNMjMwMTAyMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDA4MjQ5YmZlNjljOTY5ZWU5OTQxYTk3N2RlMWQyZGE1OTMwYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnTemifuWLQ/K5jlavQ1HBsKRuCX
E/m+NyT+TMdKRl1djdu5VIrarpooyLmB/uMp2dlRg90VreWg2pZwSB0SH02vuShS
JLNnKFRAHzPzpWNQSaFuVY4Z6ubNGWRG4viqeey6diNydobMFnCV40QsfxjPPNMK
8lOFpQICAdxW5/6t8QacODqNKhshhz9ms+qaj2tWxiA/lYx7xmrVTVrXHRfTAW7q
IEXA5dQnlarAlczOpo0G/gSYi1Bc/SNHw1o/31rKBrp8SlJjgDDKufXsHrIGmBC3
w3rEJe4O0QNWSdJtDTgUmm9m82sfeYsd70RcRGeQaduunRqoNcursAz4CwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFKQIJJv+aclp7plBqXfeHS2lkww9MB8GA1UdIwQY
MBaAFJOymBl4iFaWzhwrv0r5na3CxhjrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzkt
MzFjOTVlMmExZDZmLzEvcEFna21fNXB5V251bVVHcGQ5NGRMYVdUREQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzktMzFjOTVlMmExZDZm
LzEvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDBZWoAwQC
Ua0MAwQAW9jsAwQAW9jxAwQCXXcYAwQDkALwAwQCn/3gAwQCuSCYAwQCuTlkAwQC
uXqEAwQCuZzEMA0EAgACMAcDBQMqBAsAMA0GCSqGSIb3DQEBCwUAA4IBAQAW5eMh
qjWvBlHdIHPlAY/VvjowQa8xzLayTqhb8sSCSqb3OVlvhEntWF6RuBHmPS5m2awy
nK5TamN/mckaTETk14lZptsyhhbukQXhq5j3DDqk4xDagabkRY3bsXK8ZenP729C
qNv91XS5dELjClDUnUh82I3/asg1nbNlwMsY1rig6hRLV714QRu3p4craKKoVRxy
vGumxUZNMi2tT5lwA3pnjN4a5TUJJhmBoMRHiJHuAQfGOlMJgiekKOQM6rNlEqBB
dhjOmvzoZExntv2aVb4KutxaTILGcHvChmuRa9u9eUN9NR1oPEKaxtClh24jzi3R
GOeIkixXFQuLlPBM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:39 2025 by rpki-client