Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/pujxrVuPc0pnOgro3hRznzLdmYM.roa
File: pujxrVuPc0pnOgro3hRznzLdmYM.roa (raw, json)
Hash identifier: FnU0EpYUnFbTj3OQmy/iIocJvGQYHhRjQQmXD43CRVo=
Subject key identifier: A6:E8:F1:AD:5B:8F:73:4A:67:3A:0A:E8:DE:14:73:9F:32:DD:99:83
Certificate issuer: /CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Certificate serial: 168255B8
Authority key identifier: 5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/pujxrVuPc0pnOgro3hRznzLdmYM.roa
Signing time: Fri 03 Jun 2022 10:03:20 +0000
ROA not before: Fri 03 Jun 2022 10:03:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34373
IP address blocks: 185.56.52.0/22 maxlen: 22
185.97.228.0/22 maxlen: 22
193.105.233.0/24 maxlen: 24
185.165.68.0/22 maxlen: 22
86.48.68.0/22 maxlen: 22
185.69.204.0/22 maxlen: 22
91.219.76.0/22 maxlen: 22
185.116.40.0/22 maxlen: 23
217.61.253.0/24 maxlen: 24
2a0b:ec00::/29 maxlen: 29
2a06:7bc0::/29 maxlen: 29
2a06:900::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 377640376 (0x168255b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Validity
Not Before: Jun 3 10:03:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6e8f1ad5b8f734a673a0ae8de14739f32dd9983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:18:b8:e2:8e:8a:1d:7f:f2:11:5a:73:46:5a:
5f:a2:40:e6:24:5a:00:32:62:0a:65:00:29:ac:06:
ff:ca:ae:c7:06:63:c9:5e:9c:67:b2:87:22:12:99:
c7:14:3f:d9:bf:4a:ca:e9:9b:10:cd:13:10:cd:f5:
ff:72:fc:34:89:79:b4:52:94:bd:f1:8b:d0:5f:9c:
e2:30:24:c5:26:cf:ed:39:07:da:80:ce:bb:b6:3e:
05:d9:33:68:c2:0a:6c:34:12:2c:c6:a6:64:f0:d4:
d9:8b:38:ec:b4:19:6f:a0:eb:e5:a8:80:1a:68:5e:
42:e7:06:aa:d0:51:6b:cb:9e:c2:d7:07:83:93:b1:
be:94:2e:df:ef:30:1d:c4:61:9a:60:26:4a:e7:9a:
43:1a:bc:7e:40:ad:b4:1c:ec:96:e4:b8:28:0d:69:
d2:7b:38:fc:dc:a5:28:93:2c:6b:69:93:8d:a8:f8:
24:78:a2:f8:6f:1e:43:67:1c:3e:50:7a:df:50:bd:
cc:35:ff:60:4b:d1:fb:7c:dd:62:46:61:68:0d:7b:
d4:3d:dd:23:71:75:39:3c:81:f9:eb:10:c6:a5:b6:
51:8c:81:7d:78:b4:9a:50:fc:fd:fc:78:a9:74:77:
d0:7c:d6:eb:3e:73:7b:f7:c1:f5:82:c8:7b:14:b7:
b4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E8:F1:AD:5B:8F:73:4A:67:3A:0A:E8:DE:14:73:9F:32:DD:99:83
X509v3 Authority Key Identifier:
keyid:5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/pujxrVuPc0pnOgro3hRznzLdmYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.48.68.0/22
91.219.76.0/22
185.56.52.0/22
185.69.204.0/22
185.97.228.0/22
185.116.40.0/22
185.165.68.0/22
193.105.233.0/24
217.61.253.0/24
IPv6:
2a06:900::/29
2a06:7bc0::/29
2a0b:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
29:37:89:c7:4e:32:a7:f6:15:10:85:0a:09:55:5e:54:a7:67:
22:9a:19:75:e1:65:9a:24:d8:6b:b9:16:eb:c0:14:db:e2:37:
ea:a5:7e:82:25:42:32:42:33:44:6c:55:56:77:fa:b8:f5:92:
2a:0c:3b:b0:cb:03:0d:66:8d:e1:a6:44:3b:cb:ce:f0:98:46:
64:c5:a5:f0:0b:e1:ba:17:d4:d9:91:05:cb:a4:f0:3e:3d:d9:
09:26:aa:c4:06:5f:28:b2:17:04:3a:2d:87:1d:e0:a8:b6:e1:
70:b8:2f:57:be:8c:c9:06:01:8c:c2:a4:3a:ea:0d:11:92:08:
80:ca:33:0f:65:8e:e4:2a:e5:bb:af:58:5c:06:c6:99:41:68:
a4:f7:85:52:23:fb:31:5e:c1:71:22:c8:61:09:50:82:31:1d:
62:9e:50:75:eb:ee:9e:af:0e:a8:f9:5e:79:c1:ed:45:33:b4:
46:ac:d0:ac:28:72:b7:37:89:d3:1c:72:a6:3c:a6:d6:b3:fb:
e3:6b:9a:58:56:95:fc:73:fb:fa:dc:b0:6e:73:d5:04:27:da:
cb:9f:6e:d4:3f:9f:b2:d0:a1:00:0f:a2:bb:48:35:f9:ee:87:
e1:b3:a1:6d:37:e0:b9:42:d6:3f:37:f9:5f:f1:76:87:c6:6a:
ef:46:66:86
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIEFoJVuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YmVhODFhYTliMjE5N2Q5MTI3YjQ0MjUyNTEwMGZmYWEzNmUwZDUyMB4XDTIyMDYw
MzEwMDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZlOGYxYWQ1Yjhm
NzM0YTY3M2EwYWU4ZGUxNDczOWYzMmRkOTk4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0YuOKOih1/8hFac0ZaX6JA5iRaADJiCmUAKawG/8quxwZj
yV6cZ7KHIhKZxxQ/2b9KyumbEM0TEM31/3L8NIl5tFKUvfGL0F+c4jAkxSbP7TkH
2oDOu7Y+BdkzaMIKbDQSLMamZPDU2Ys47LQZb6Dr5aiAGmheQucGqtBRa8uewtcH
g5OxvpQu3+8wHcRhmmAmSueaQxq8fkCttBzsluS4KA1p0ns4/NylKJMsa2mTjaj4
JHii+G8eQ2ccPlB631C9zDX/YEvR+3zdYkZhaA171D3dI3F1OTyB+esQxqW2UYyB
fXi0mlD8/fx4qXR30HzW6z5ze/fB9YLIexS3tHsCAwEAAaOCAlYwggJSMB0GA1Ud
DgQWBBSm6PGtW49zSmc6CujeFHOfMt2ZgzAfBgNVHSMEGDAWgBRb6oGqmyGX2RJ7
RCUlEA/6o24NUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ctcUJxcHNobDlrU2UwUWxKUkFQLXFOdURWSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMjI0MTU1LTNjYTQtNGZmNy1hOTY0LWZjMGRkOTI1MmM5YS8x
L3B1anhyVnVQYzBwbk9ncm8zaFJ6bnpMZG1ZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MjI0MTU1LTNjYTQtNGZmNy1hOTY0LWZjMGRkOTI1MmM5YS8xL1ctcUJxcHNobDlr
U2UwUWxKUkFQLXFOdURWSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBs
BggrBgEFBQcBBwEB/wRdMFswPAQCAAEwNgMEAlYwRAMEAlvbTAMEArk4NAMEArlF
zAMEArlh5AMEArl0KAMEArmlRAMEAMFp6QMEANk9/TAbBAIAAjAVAwUDKgYJAAMF
AyoGe8ADBQMqC+wAMA0GCSqGSIb3DQEBCwUAA4IBAQApN4nHTjKn9hUQhQoJVV5U
p2cimhl14WWaJNhruRbrwBTb4jfqpX6CJUIyQjNEbFVWd/q49ZIqDDuwywMNZo3h
pkQ7y87wmEZkxaXwC+G6F9TZkQXLpPA+PdkJJqrEBl8oshcEOi2HHeCotuFwuC9X
vozJBgGMwqQ66g0RkgiAyjMPZY7kKuW7r1hcBsaZQWik94VSI/sxXsFxIshhCVCC
MR1inlB16+6erw6o+V55we1FM7RGrNCsKHK3N4nTHHKmPKbWs/vja5pYVpX8c/v6
3LBuc9UEJ9rLn27UP5+y0KEAD6K7SDX57ofhs6FtN+C5QtY/N/lf8XaHxmrvRmaG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:26 2024 by rpki-client on console-fra.rpki-client.org