Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/pm_t66AeLlGIbbULlLfOCGla6sQ.roa
File: pm_t66AeLlGIbbULlLfOCGla6sQ.roa (raw, json)
Hash identifier: 04dqsQT+cEsx0FK8KkFz7qLTn31XVLZy43esENx0ebw=
Subject key identifier: A6:6F:ED:EB:A0:1E:2E:51:88:6D:B5:0B:94:B7:CE:08:69:5A:EA:C4
Certificate issuer: /CN=6bba6d0f0f9b19f7f43ceb43e7359a3d84e99d99
Certificate serial: 018C3F09ED5CC0E0E514C166AAC5CF3CE36F
Authority key identifier: 6B:BA:6D:0F:0F:9B:19:F7:F4:3C:EB:43:E7:35:9A:3D:84:E9:9D:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a7ptDw-bGff0POtD5zWaPYTpnZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/pm_t66AeLlGIbbULlLfOCGla6sQ.roa
Signing time: Wed 06 Dec 2023 12:11:04 +0000
ROA not before: Wed 06 Dec 2023 12:11:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201502
IP address blocks: 185.25.139.0/24 maxlen: 24
185.25.138.0/24 maxlen: 24
185.25.137.0/24 maxlen: 24
185.25.136.0/24 maxlen: 24
185.13.220.0/22 maxlen: 24
188.208.19.0/24 maxlen: 24
176.124.114.0/24 maxlen: 24
185.253.80.0/22 maxlen: 24
185.203.172.0/24 maxlen: 24
185.203.175.0/24 maxlen: 24
185.203.174.0/24 maxlen: 24
185.203.173.0/24 maxlen: 24
46.255.240.0/24 maxlen: 24
46.255.246.0/24 maxlen: 24
46.255.245.0/24 maxlen: 24
46.255.244.0/24 maxlen: 24
46.255.243.0/24 maxlen: 24
46.255.242.0/24 maxlen: 24
46.255.241.0/24 maxlen: 24
46.255.247.0/24 maxlen: 24
188.214.82.0/24 maxlen: 24
188.214.83.0/24 maxlen: 24
185.220.80.0/24 maxlen: 24
2a03:a6c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:09:ed:5c:c0:e0:e5:14:c1:66:aa:c5:cf:3c:e3:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bba6d0f0f9b19f7f43ceb43e7359a3d84e99d99
Validity
Not Before: Dec 6 12:11:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a66fedeba01e2e51886db50b94b7ce08695aeac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9a:49:75:98:b2:0a:a8:f0:9b:9a:3f:ca:58:
20:7c:3e:bb:70:16:3d:79:ba:e1:53:19:7b:a3:00:
d2:2b:51:0d:6f:0d:87:1b:32:63:c2:5d:0d:cf:eb:
f6:ed:4b:fe:ea:c8:86:cf:19:3c:ed:49:5a:e3:c3:
a7:5c:6f:62:ff:87:11:01:42:41:32:44:d8:8d:75:
72:cb:3c:fb:47:1a:ba:cf:32:d5:85:3b:27:36:07:
0e:17:9c:7f:a5:68:ec:42:bf:a2:7c:3d:92:14:ff:
43:a2:8a:28:80:64:7e:cb:81:7b:3f:11:c9:dc:40:
13:bd:40:d7:0d:9a:2a:1f:ad:b0:70:e3:ac:43:03:
05:1b:27:f9:e4:94:1d:8b:a7:5c:cc:57:e4:c3:f9:
12:29:65:60:c7:3c:84:78:07:9a:2f:da:08:b9:40:
df:e3:cb:af:c7:02:2d:98:64:34:75:0a:f8:ae:4c:
62:51:29:ba:ab:0f:cf:6c:f2:00:b3:43:d0:34:de:
1a:cf:2f:fe:dd:28:46:25:37:f7:3c:d8:df:c5:39:
9c:d5:5a:3b:9c:aa:d7:d4:51:4a:5d:d7:24:2c:3b:
43:c3:5e:4a:63:90:78:af:4e:54:37:19:2d:c1:22:
cf:42:55:17:80:28:4d:c0:68:4c:6a:cf:ac:04:33:
55:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6F:ED:EB:A0:1E:2E:51:88:6D:B5:0B:94:B7:CE:08:69:5A:EA:C4
X509v3 Authority Key Identifier:
keyid:6B:BA:6D:0F:0F:9B:19:F7:F4:3C:EB:43:E7:35:9A:3D:84:E9:9D:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7ptDw-bGff0POtD5zWaPYTpnZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/pm_t66AeLlGIbbULlLfOCGla6sQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/a7ptDw-bGff0POtD5zWaPYTpnZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.240.0/21
176.124.114.0/24
185.13.220.0/22
185.25.136.0/22
185.203.172.0/22
185.220.80.0/24
185.253.80.0/22
188.208.19.0/24
188.214.82.0/23
IPv6:
2a03:a6c0::/32
Signature Algorithm: sha256WithRSAEncryption
06:97:7c:3b:87:fd:58:ff:a0:ad:29:36:43:b0:a6:9a:10:f1:
05:6e:f3:35:7f:8b:b0:83:3e:97:bf:62:7d:85:37:83:43:40:
71:bf:18:78:37:ba:13:00:48:2e:68:12:08:1a:cd:d9:01:98:
47:42:bb:64:ed:c2:e5:61:60:6e:cb:9e:16:94:9e:d3:32:f1:
6f:48:40:eb:a3:d9:2f:84:7f:49:9f:4c:f6:61:60:b6:25:72:
5d:0a:42:b1:25:e8:a4:d0:e0:6d:ec:b2:a3:e6:ab:46:84:ba:
8e:a5:9d:bc:10:16:59:1f:a4:ea:ce:a4:9c:c1:c3:90:b0:38:
a5:57:c1:45:a4:39:93:cf:d7:79:ef:5f:f9:d8:be:4f:0c:55:
5f:c1:41:65:e5:21:59:84:0f:93:00:a7:4c:b2:89:77:f1:a3:
36:6e:41:3d:38:61:5c:5a:4a:77:38:16:36:70:89:02:9e:d8:
41:7f:da:42:da:2a:0e:39:17:b6:eb:0b:26:e9:ef:d0:32:89:
f3:42:ba:78:f1:02:82:5e:99:ec:48:53:ea:79:c7:8c:a0:d8:
d3:41:63:a1:1d:61:27:64:d8:1e:d5:a0:59:d1:6a:fe:b1:5a:
5a:bb:b9:80:86:6e:bb:10:e6:ad:37:a4:b4:e5:af:cb:b7:44:
58:62:84:91
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYw/Ce1cwODlFMFmqsXPPONvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYmE2ZDBmMGY5YjE5ZjdmNDNjZWI0M2U3MzU5YTNkODRl
OTlkOTkwHhcNMjMxMjA2MTIxMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjZmZWRlYmEwMWUyZTUxODg2ZGI1MGI5NGI3Y2UwODY5NWFlYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZpJdZiyCqjwm5o/ylggfD67cBY9
ebrhUxl7owDSK1ENbw2HGzJjwl0Nz+v27Uv+6siGzxk87Ula48OnXG9i/4cRAUJB
MkTYjXVyyzz7Rxq6zzLVhTsnNgcOF5x/pWjsQr+ifD2SFP9DoooogGR+y4F7PxHJ
3EATvUDXDZoqH62wcOOsQwMFGyf55JQdi6dczFfkw/kSKWVgxzyEeAeaL9oIuUDf
48uvxwItmGQ0dQr4rkxiUSm6qw/PbPIAs0PQNN4azy/+3ShGJTf3PNjfxTmc1Vo7
nKrX1FFKXdckLDtDw15KY5B4r05UNxktwSLPQlUXgChNwGhMas+sBDNVAwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKZv7eugHi5RiG21C5S3zghpWurEMB8GA1UdIwQY
MBaAFGu6bQ8Pmxn39DzrQ+c1mj2E6Z2ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTdwdER3LWJHZmYwUE90RDV6V2FQWVRwblprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MzJlODktODg0Mi00OGIxLTlkY2Yt
MmFlYWRiOTY2Yjc2LzEvcG1fdDY2QWVMbEdJYmJVTGxMZk9DR2xhNnNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MzJlODktODg0Mi00OGIxLTlkY2YtMmFlYWRiOTY2Yjc2
LzEvYTdwdER3LWJHZmYwUE90RDV6V2FQWVRwblprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDLv/wAwQA
sHxyAwQCuQ3cAwQCuRmIAwQCucusAwQAudxQAwQCuf1QAwQAvNATAwQBvNZSMA0E
AgACMAcDBQAqA6bAMA0GCSqGSIb3DQEBCwUAA4IBAQAGl3w7h/1Y/6CtKTZDsKaa
EPEFbvM1f4uwgz6Xv2J9hTeDQ0Bxvxh4N7oTAEguaBIIGs3ZAZhHQrtk7cLlYWBu
y54WlJ7TMvFvSEDro9kvhH9Jn0z2YWC2JXJdCkKxJeik0OBt7LKj5qtGhLqOpZ28
EBZZH6TqzqScwcOQsDilV8FFpDmTz9d571/52L5PDFVfwUFl5SFZhA+TAKdMsol3
8aM2bkE9OGFcWkp3OBY2cIkCnthBf9pC2ioOORe26wsm6e/QMonzQrp48QKCXpns
SFPqeceMoNjTQWOhHWEnZNge1aBZ0Wr+sVpau7mAhm67EOatN6S05a/Lt0RYYoSR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:58 2025 by rpki-client