Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/penNYVbDY1mjrTQH1lHFveiIIrc.roa
File: penNYVbDY1mjrTQH1lHFveiIIrc.roa (raw, json)
Hash identifier: eWK4nddp/GxZExr1yYIs8fBd3Z0mYtyDJ44J1OnUl0U=
Subject key identifier: A5:E9:CD:61:56:C3:63:59:A3:AD:34:07:D6:51:C5:BD:E8:88:22:B7
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01851A9B7C38C3CD0500CF0E6F5DF12AD455
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/penNYVbDY1mjrTQH1lHFveiIIrc.roa
Signing time: Fri 16 Dec 2022 11:04:35 +0000
ROA not before: Fri 16 Dec 2022 11:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5089
IP address blocks: 109.206.248.0/22 maxlen: 23
109.206.250.0/23 maxlen: 23
45.152.8.0/23 maxlen: 23
45.152.36.0/23 maxlen: 23
2a0c:9e06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:9b:7c:38:c3:cd:05:00:cf:0e:6f:5d:f1:2a:d4:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 16 11:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5e9cd6156c36359a3ad3407d651c5bde88822b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4d:fe:2d:e8:b2:38:59:6d:a2:4c:b0:96:6e:
fd:d6:22:03:57:7d:23:a1:2f:b7:f1:c6:1a:42:46:
bc:0d:25:05:2b:4c:c4:12:77:d7:fa:56:c0:29:77:
4d:60:f5:7f:ac:5a:05:fe:6f:37:6c:bb:df:73:98:
a8:b1:1f:37:4a:c9:19:82:ad:f5:34:ff:a9:32:69:
94:35:b1:3c:8d:06:58:56:74:09:31:e0:39:87:e1:
ec:d0:87:83:de:58:5e:1f:be:3d:02:54:f8:6f:84:
96:4c:ed:91:32:18:07:03:aa:05:8c:3a:ad:4f:91:
ed:72:c7:03:61:b3:b1:20:78:27:c0:44:09:42:e2:
ed:68:d0:dd:7c:f4:5e:c2:7f:8f:bd:0d:b9:40:c6:
70:fd:8c:91:39:ba:9c:b3:a9:eb:77:32:98:19:63:
42:f9:ae:4f:ed:a6:80:40:c6:94:0d:42:8b:c0:b6:
a4:74:b1:7b:e1:fc:5c:bb:38:1b:51:2f:b9:da:97:
4c:d1:4a:c0:49:f6:cd:19:71:af:56:c2:34:c9:48:
45:5e:db:b7:6a:02:1b:33:ed:96:3b:f2:bd:03:15:
79:ef:f5:e0:fb:a4:62:61:bf:49:06:ac:10:78:95:
35:46:7f:38:1e:a5:35:c8:25:43:c8:4d:31:74:8b:
83:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E9:CD:61:56:C3:63:59:A3:AD:34:07:D6:51:C5:BD:E8:88:22:B7
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/penNYVbDY1mjrTQH1lHFveiIIrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.8.0/23
45.152.36.0/23
109.206.248.0/22
IPv6:
2a0c:9e06::/32
Signature Algorithm: sha256WithRSAEncryption
66:a2:a6:5d:cb:0c:72:45:10:bd:fb:6e:2f:c7:73:c9:c9:dc:
de:24:4e:47:21:fb:42:ee:4b:a0:0b:c4:71:e4:c3:20:bc:4f:
4f:5b:59:62:1e:08:80:ff:4b:39:37:61:38:d3:4c:7c:8a:7d:
32:55:57:cc:5c:ae:26:b0:46:a8:88:f0:8e:a0:ed:ff:cd:21:
ef:0a:6c:a8:e4:9e:19:1a:3d:b2:5f:31:c9:2d:bb:08:df:04:
e3:07:e3:45:ec:e1:06:87:70:9d:32:81:e1:2e:7b:3a:e5:8f:
a2:15:e6:c3:52:5d:ce:47:d3:47:3d:54:ad:64:44:8d:bd:f5:
50:e9:41:19:f4:7f:77:f0:20:06:2a:94:22:ce:ac:d3:4a:65:
59:16:57:b3:af:57:ed:a2:1c:0f:17:22:e8:52:c1:50:d8:3a:
37:89:d8:0e:d9:03:77:ad:c3:ab:c3:83:96:21:9e:82:84:4b:
62:af:3c:9f:dc:56:8a:88:e2:8d:39:2c:3d:41:1d:d2:00:24:
d0:ef:7f:80:b2:25:40:0d:e8:04:89:09:f0:80:c5:c6:7a:1a:
3b:9b:23:c2:ed:c4:4e:b4:aa:f1:cc:8a:03:5e:ed:aa:ff:15:
18:48:76:fa:39:ec:96:22:00:47:e0:a6:bd:80:28:71:22:7e:
fb:04:d5:05
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYUam3w4w80FAM8Ob13xKtRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIxMjE2MTEwNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWU5Y2Q2MTU2YzM2MzU5YTNhZDM0MDdkNjUxYzViZGU4ODgyMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtk3+LeiyOFltokywlm791iIDV30j
oS+38cYaQka8DSUFK0zEEnfX+lbAKXdNYPV/rFoF/m83bLvfc5iosR83SskZgq31
NP+pMmmUNbE8jQZYVnQJMeA5h+Hs0IeD3lheH749AlT4b4SWTO2RMhgHA6oFjDqt
T5HtcscDYbOxIHgnwEQJQuLtaNDdfPRewn+PvQ25QMZw/YyRObqcs6nrdzKYGWNC
+a5P7aaAQMaUDUKLwLakdLF74fxcuzgbUS+52pdM0UrASfbNGXGvVsI0yUhFXtu3
agIbM+2WO/K9AxV57/Xg+6RiYb9JBqwQeJU1Rn84HqU1yCVDyE0xdIuDWwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKXpzWFWw2NZo600B9ZRxb3oiCK3MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvcGVuTllWYkRZMW1qclRRSDFsSEZ2ZWlJSXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBLZgIAwQB
LZgkAwQCbc74MA0EAgACMAcDBQAqDJ4GMA0GCSqGSIb3DQEBCwUAA4IBAQBmoqZd
ywxyRRC9+24vx3PJydzeJE5HIftC7kugC8Rx5MMgvE9PW1liHgiA/0s5N2E400x8
in0yVVfMXK4msEaoiPCOoO3/zSHvCmyo5J4ZGj2yXzHJLbsI3wTjB+NF7OEGh3Cd
MoHhLns65Y+iFebDUl3OR9NHPVStZESNvfVQ6UEZ9H938CAGKpQizqzTSmVZFlez
r1ftohwPFyLoUsFQ2Do3idgO2QN3rcOrw4OWIZ6ChEtirzyf3FaKiOKNOSw9QR3S
ACTQ73+AsiVADegEiQnwgMXGeho7myPC7cROtKrxzIoDXu2q/xUYSHb6OeyWIgBH
4Ka9gChxIn77BNUF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org