Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/pcNgsdzncEmH9AtdIGrhg_0CunM.roa
File: pcNgsdzncEmH9AtdIGrhg_0CunM.roa (raw, json)
Hash identifier: EHOVWJISpZGQucJq23HiNGBnVkSF1Yj8CAljDJe5hk8=
Subject key identifier: A5:C3:60:B1:DC:E7:70:49:87:F4:0B:5D:20:6A:E1:83:FD:02:BA:73
Certificate issuer: /CN=77bc91f78a3350bacbbfbe376f8813212d149931
Certificate serial: 0185708CEF2CB1CC2FD8F2AD52887A632CA4
Authority key identifier: 77:BC:91:F7:8A:33:50:BA:CB:BF:BE:37:6F:88:13:21:2D:14:99:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7yR94ozULrLv743b4gTIS0UmTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/pcNgsdzncEmH9AtdIGrhg_0CunM.roa
Signing time: Mon 02 Jan 2023 03:36:02 +0000
ROA not before: Mon 02 Jan 2023 03:36:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203223
IP address blocks: 185.153.12.0/22 maxlen: 22
185.141.184.0/22 maxlen: 22
146.0.208.0/22 maxlen: 22
212.15.64.0/20 maxlen: 20
2a07:2580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:ef:2c:b1:cc:2f:d8:f2:ad:52:88:7a:63:2c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77bc91f78a3350bacbbfbe376f8813212d149931
Validity
Not Before: Jan 2 03:36:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5c360b1dce7704987f40b5d206ae183fd02ba73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:af:ae:d4:80:85:84:59:ef:b5:ae:69:84:d6:
de:0f:5c:2c:3f:67:c7:5d:3a:00:9e:ea:8b:07:fa:
91:62:ff:84:ca:07:02:d0:04:32:16:f0:4c:7b:de:
f4:a1:6e:31:d4:8b:84:fe:2d:fe:e6:67:42:a8:86:
50:01:d8:76:ec:4e:9b:bb:df:8b:84:7e:b9:ca:5c:
70:d1:9f:f1:6e:3a:7c:60:aa:54:d7:d5:97:c8:e9:
51:2f:75:70:c1:a1:c3:16:05:a5:45:3a:16:46:de:
20:94:50:40:e0:04:c4:a6:a1:e5:89:b7:6c:62:be:
e8:fb:c5:14:f0:33:11:56:f1:8b:8c:5c:b5:09:da:
db:b1:88:87:4b:ce:e6:eb:d2:aa:8d:37:c6:45:7e:
48:7b:f1:80:e5:bd:a2:fe:28:22:dc:f4:d7:71:d7:
f2:39:6c:e9:68:bd:e6:33:0c:7d:ec:da:20:e7:77:
49:22:10:3d:03:fb:30:82:e8:66:e2:12:73:da:87:
c2:06:72:37:40:a4:59:62:28:b0:70:7f:fa:18:fc:
58:28:00:b3:12:b4:80:38:41:a8:ce:20:59:cf:15:
8d:b1:db:ad:12:91:ca:dc:9e:ff:2c:c3:c0:90:99:
4d:9b:05:f9:98:5d:94:4a:e7:9a:0c:54:61:e0:ff:
e1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C3:60:B1:DC:E7:70:49:87:F4:0B:5D:20:6A:E1:83:FD:02:BA:73
X509v3 Authority Key Identifier:
keyid:77:BC:91:F7:8A:33:50:BA:CB:BF:BE:37:6F:88:13:21:2D:14:99:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7yR94ozULrLv743b4gTIS0UmTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/pcNgsdzncEmH9AtdIGrhg_0CunM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/d7yR94ozULrLv743b4gTIS0UmTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.208.0/22
185.141.184.0/22
185.153.12.0/22
212.15.64.0/20
IPv6:
2a07:2580::/29
Signature Algorithm: sha256WithRSAEncryption
80:b9:b2:62:2b:62:7e:e1:79:46:3a:d3:0c:39:67:55:07:cd:
69:9f:36:d9:3b:23:ce:5e:13:92:23:61:6e:61:75:11:23:8b:
a0:ae:47:e3:3f:a0:f7:86:de:22:67:4c:1e:77:ab:34:eb:b7:
c5:8b:44:5d:b7:f8:3c:58:cd:ed:5d:a3:51:f2:60:07:34:cf:
f6:fc:18:80:4c:ea:cd:a7:56:51:02:8e:9d:46:10:5c:52:43:
48:c7:59:e6:ee:69:04:4e:04:63:8e:0b:d6:2e:46:ef:cb:ee:
34:bb:45:e1:2e:5a:22:ac:3b:cb:f9:26:64:22:d2:24:63:11:
64:00:6b:a9:74:d8:e3:cf:55:09:68:f7:f6:d6:f5:2c:16:b0:
58:15:72:c4:cc:6e:49:6f:72:d4:69:7d:d7:59:7a:34:7c:9b:
30:1e:1c:a4:55:71:b8:fc:66:9c:78:30:6a:29:07:8c:a4:eb:
a9:b0:85:ac:4c:24:82:73:1a:46:ee:21:4e:93:48:41:9f:af:
64:30:41:78:9e:65:32:7f:ef:e3:22:c0:0c:6b:4d:5e:88:08:
62:80:d2:5a:95:ad:99:83:f6:7c:a7:ae:cc:fb:9a:ee:c6:e5:
28:cd:91:8c:8f:5d:96:53:3c:4d:ac:08:ea:ab:4b:0b:ea:90:
c5:3c:cd:10
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwjO8sscwv2PKtUoh6YyykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YmM5MWY3OGEzMzUwYmFjYmJmYmUzNzZmODgxMzIxMmQx
NDk5MzEwHhcNMjMwMTAyMDMzNjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWMzNjBiMWRjZTc3MDQ5ODdmNDBiNWQyMDZhZTE4M2ZkMDJiYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjK+u1ICFhFnvta5phNbeD1wsP2fH
XToAnuqLB/qRYv+EygcC0AQyFvBMe970oW4x1IuE/i3+5mdCqIZQAdh27E6bu9+L
hH65ylxw0Z/xbjp8YKpU19WXyOlRL3VwwaHDFgWlRToWRt4glFBA4ATEpqHlibds
Yr7o+8UU8DMRVvGLjFy1CdrbsYiHS87m69KqjTfGRX5Ie/GA5b2i/igi3PTXcdfy
OWzpaL3mMwx97Nog53dJIhA9A/swguhm4hJz2ofCBnI3QKRZYiiwcH/6GPxYKACz
ErSAOEGoziBZzxWNsdutEpHK3J7/LMPAkJlNmwX5mF2USueaDFRh4P/hEwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKXDYLHc53BJh/QLXSBq4YP9ArpzMB8GA1UdIwQY
MBaAFHe8kfeKM1C6y7++N2+IEyEtFJkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDd5Ujk0b3pVTHJMdjc0M2I0Z1RJUzBVbVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mOTJiOWYtNDc1OC00NDI4LWEyMmMt
OWRiNTdjM2ZlNDFkLzEvcGNOZ3Nkem5jRW1IOUF0ZElHcmhnXzBDdW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mOTJiOWYtNDc1OC00NDI4LWEyMmMtOWRiNTdjM2ZlNDFk
LzEvZDd5Ujk0b3pVTHJMdjc0M2I0Z1RJUzBVbVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCkgDQAwQC
uY24AwQCuZkMAwQE1A9AMA0EAgACMAcDBQMqByWAMA0GCSqGSIb3DQEBCwUAA4IB
AQCAubJiK2J+4XlGOtMMOWdVB81pnzbZOyPOXhOSI2FuYXURI4ugrkfjP6D3ht4i
Z0wed6s067fFi0Rdt/g8WM3tXaNR8mAHNM/2/BiATOrNp1ZRAo6dRhBcUkNIx1nm
7mkETgRjjgvWLkbvy+40u0XhLloirDvL+SZkItIkYxFkAGupdNjjz1UJaPf21vUs
FrBYFXLEzG5Jb3LUaX3XWXo0fJswHhykVXG4/GaceDBqKQeMpOupsIWsTCSCcxpG
7iFOk0hBn69kMEF4nmUyf+/jIsAMa01eiAhigNJala2Zg/Z8p67M+5ruxuUozZGM
j12WUzxNrAjqq0sL6pDFPM0Q
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:59 2025 by rpki-client