Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PJEZfzoRv1cPgipnthzRXKzKVuQ.roa
File: PJEZfzoRv1cPgipnthzRXKzKVuQ.roa (raw, json)
Hash identifier: liBTlExKua8WSBWCGXR9btm/TNvjYVLSrnqtLvdKg3A=
Subject key identifier: 3C:91:19:7F:3A:11:BF:57:0F:82:2A:67:B6:1C:D1:5C:AC:CA:56:E4
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01851BED4E5D3B44E8098FAD25150EDBA0B5
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PJEZfzoRv1cPgipnthzRXKzKVuQ.roa
Signing time: Fri 16 Dec 2022 17:13:34 +0000
ROA not before: Fri 16 Dec 2022 17:13:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207083
IP address blocks: 193.30.241.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1b:ed:4e:5d:3b:44:e8:09:8f:ad:25:15:0e:db:a0:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 16 17:13:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c91197f3a11bf570f822a67b61cd15cacca56e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:19:c1:77:2c:90:b9:67:8f:2c:f4:e2:8e:f8:
fd:7f:d6:d1:73:c2:54:09:89:bd:04:da:01:52:87:
a8:31:f9:ee:cf:1e:d5:26:1c:86:dc:82:7c:b4:f8:
e7:ed:5d:60:f0:77:95:5d:e7:d7:84:ff:08:08:00:
d9:e5:b8:eb:76:87:24:5a:1d:c9:e3:bd:5c:07:77:
b4:6e:31:96:60:41:b7:04:a0:47:14:29:4c:e9:be:
af:9d:d2:cc:5d:97:99:1c:dd:1f:22:28:d1:6c:15:
62:ad:31:3e:18:51:0c:24:58:55:d0:31:9f:18:2b:
ef:93:f3:43:ec:eb:9a:2a:8d:42:5e:88:6e:ed:e2:
87:3a:30:fa:bf:ec:88:6e:cc:ee:1d:e5:73:f9:f6:
d9:d3:0e:7f:85:fe:cc:73:d1:2e:e7:e6:0f:6f:be:
38:62:49:e1:7b:ac:91:d3:0b:4e:5d:93:49:12:74:
e9:6c:bb:9c:0f:c8:e9:45:9a:c0:3d:e1:4e:de:4d:
42:31:9f:1e:a5:1a:2d:2a:d5:c9:b1:cb:6f:fa:c1:
62:4e:6a:ff:7f:fe:f3:4c:8d:5d:30:58:b2:48:c6:
1a:5a:2c:17:85:f3:48:0e:83:86:ef:0a:4e:02:8d:
fc:37:f0:73:5a:e0:7a:18:4e:6e:4a:ce:e0:d7:76:
32:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:91:19:7F:3A:11:BF:57:0F:82:2A:67:B6:1C:D1:5C:AC:CA:56:E4
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PJEZfzoRv1cPgipnthzRXKzKVuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.30.241.0/24
195.62.24.0/24
195.177.93.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
67:49:16:0c:43:2b:81:ab:ce:9c:2c:dd:72:56:78:64:b6:f9:
e7:39:c3:bf:d2:b3:7e:d4:85:49:d9:b2:03:32:98:d2:eb:2a:
54:de:94:81:c8:85:d5:11:8a:67:a9:27:37:6c:c2:a9:39:75:
c3:e6:d1:5f:c0:20:21:95:3f:86:c5:06:2d:02:f4:6f:5a:23:
a3:f7:2b:ca:af:47:d6:21:5b:18:8b:66:e7:44:dd:ca:bc:f6:
b2:7e:61:8e:e0:2b:33:f5:8d:38:3f:a5:ef:e6:4c:d4:a7:8d:
01:88:be:67:d3:7d:7d:b0:12:9c:df:e6:34:f9:e9:af:33:42:
53:b9:ae:1c:a7:0e:c6:f6:29:30:bd:2d:68:f9:17:94:09:4c:
5b:09:f2:72:b5:57:16:35:db:74:a9:7b:a5:94:29:bb:62:c5:
34:28:7c:81:3e:76:78:84:27:37:15:32:88:c6:be:0c:fe:92:
19:61:d2:ca:45:ef:f0:6b:68:f4:49:6d:48:0d:b0:d3:d9:55:
bb:e5:0f:fc:b9:99:ab:8c:dc:d2:5a:f2:cb:cb:e8:9f:5b:10:
b9:e8:ff:b0:1a:e1:d8:9a:47:7d:03:fe:11:07:da:d3:54:4f:
0f:7f:0f:97:ea:70:83:95:92:6d:45:fc:a1:3d:e8:bf:61:fb:
68:a0:a8:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUb7U5dO0ToCY+tJRUO26C1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjE2MTcxMzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzkxMTk3ZjNhMTFiZjU3MGY4MjJhNjdiNjFjZDE1Y2FjY2E1NmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxnBdyyQuWePLPTijvj9f9bRc8JU
CYm9BNoBUoeoMfnuzx7VJhyG3IJ8tPjn7V1g8HeVXefXhP8ICADZ5bjrdockWh3J
471cB3e0bjGWYEG3BKBHFClM6b6vndLMXZeZHN0fIijRbBVirTE+GFEMJFhV0DGf
GCvvk/ND7OuaKo1CXohu7eKHOjD6v+yIbszuHeVz+fbZ0w5/hf7Mc9Eu5+YPb744
Yknhe6yR0wtOXZNJEnTpbLucD8jpRZrAPeFO3k1CMZ8epRotKtXJsctv+sFiTmr/
f/7zTI1dMFiySMYaWiwXhfNIDoOG7wpOAo38N/BzWuB6GE5uSs7g13Yy+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDyRGX86Eb9XD4IqZ7Yc0VysylbkMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUEpFWmZ6b1J2MWNQZ2lwbnRoelJYS3pLVnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwR7xAwQA
wz4YAwQAw7FdAwQAw7FfMA0GCSqGSIb3DQEBCwUAA4IBAQBnSRYMQyuBq86cLN1y
VnhktvnnOcO/0rN+1IVJ2bIDMpjS6ypU3pSByIXVEYpnqSc3bMKpOXXD5tFfwCAh
lT+GxQYtAvRvWiOj9yvKr0fWIVsYi2bnRN3KvPayfmGO4Csz9Y04P6Xv5kzUp40B
iL5n0319sBKc3+Y0+emvM0JTua4cpw7G9ikwvS1o+ReUCUxbCfJytVcWNdt0qXul
lCm7YsU0KHyBPnZ4hCc3FTKIxr4M/pIZYdLKRe/wa2j0SW1IDbDT2VW75Q/8uZmr
jNzSWvLLy+ifWxC56P+wGuHYmkd9A/4RB9rTVE8Pfw+X6nCDlZJtRfyhPei/Yfto
oKh6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org