Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/PmG07YkODI0FD8yX5PVlXlJ-tyU.roa
File: PmG07YkODI0FD8yX5PVlXlJ-tyU.roa (raw, json)
Hash identifier: FmzKEaNS0duk/UXA1So0TSGRybQ0peliom7GyzraBLI=
Subject key identifier: 3E:61:B4:ED:89:0E:0C:8D:05:0F:CC:97:E4:F5:65:5E:52:7E:B7:25
Certificate issuer: /CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Certificate serial: 41938431
Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/PmG07YkODI0FD8yX5PVlXlJ-tyU.roa
Signing time: Sat 01 Jan 2022 11:54:58 +0000
ROA not before: Sat 01 Jan 2022 11:54:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44574
IP address blocks: 95.172.224.0/19 maxlen: 24
37.252.32.0/19 maxlen: 24
31.13.0.0/21 maxlen: 24
212.105.160.0/19 maxlen: 24
5.153.96.0/21 maxlen: 24
185.196.80.0/22 maxlen: 24
141.138.224.0/19 maxlen: 24
159.20.32.0/19 maxlen: 24
5.153.192.0/19 maxlen: 24
91.199.78.0/24 maxlen: 24
31.12.96.0/19 maxlen: 24
151.249.0.0/18 maxlen: 24
93.121.0.0/17 maxlen: 24
2001:67c:2544::/48 maxlen: 48
2a00:10e8::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1100186673 (0x41938431)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Validity
Not Before: Jan 1 11:54:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e61b4ed890e0c8d050fcc97e4f5655e527eb725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3a:0a:cd:4e:71:5a:3f:43:3e:d4:c7:b4:92:
34:06:a5:26:07:d1:dd:f2:2f:46:dc:a3:08:8c:6b:
30:56:3b:1a:3b:7f:05:92:6d:65:09:91:6b:7a:b0:
d9:ea:80:06:7c:13:af:a7:e5:fe:8c:b7:f5:54:7e:
10:83:29:a7:a8:c5:85:70:59:5e:f1:b1:5e:c2:e3:
9f:d6:f4:44:fb:ca:3e:a2:3a:df:21:ab:bf:03:17:
c3:44:af:a7:f7:0d:e4:82:83:5a:c8:a7:0c:26:80:
87:f4:e7:01:88:76:27:76:f6:f2:bf:bc:b3:c5:44:
2b:a6:c2:94:69:dc:95:03:3d:3b:fd:7b:19:7a:d4:
92:19:fa:48:d3:46:6b:5d:71:08:b0:44:79:f6:9e:
a7:a5:cb:67:f7:77:5e:b2:1c:0a:f0:cf:b0:bb:e1:
f7:92:f3:06:35:bd:6d:74:e7:31:7a:e2:2d:5e:ae:
fb:d6:41:ab:db:5a:c7:11:0d:0f:30:3c:9d:d9:a5:
f8:4a:99:73:9b:c5:8c:34:b9:9d:0c:a1:78:74:0f:
3f:e2:32:1a:e9:eb:cb:ae:76:c2:3b:47:87:76:c8:
82:c2:6e:b9:ca:7f:e4:94:90:79:ff:6b:ae:90:af:
8a:f0:a6:67:6e:fe:f8:db:7c:f6:c6:9d:eb:48:61:
0d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:61:B4:ED:89:0E:0C:8D:05:0F:CC:97:E4:F5:65:5E:52:7E:B7:25
X509v3 Authority Key Identifier:
keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/PmG07YkODI0FD8yX5PVlXlJ-tyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.96.0/21
5.153.192.0/19
31.12.96.0/19
31.13.0.0/21
37.252.32.0/19
91.199.78.0/24
93.121.0.0/17
95.172.224.0/19
141.138.224.0/19
151.249.0.0/18
159.20.32.0/19
185.196.80.0/22
212.105.160.0/19
IPv6:
2001:67c:2544::/48
2a00:10e8::/29
Signature Algorithm: sha256WithRSAEncryption
8c:eb:68:60:d3:88:ae:5d:a0:97:73:14:f4:7a:63:21:a5:ce:
fe:4a:3a:b3:3c:b0:6c:2d:61:72:e0:9d:6f:9a:f6:3f:88:87:
4b:88:9a:0a:29:41:b9:3f:55:64:87:a9:9b:d3:e7:67:75:8a:
60:5a:a2:84:d3:90:a6:a7:35:c1:a5:02:d6:a4:4f:e7:ef:a1:
da:76:ba:a1:9c:34:b8:a2:2b:3c:66:d3:52:2a:9a:d6:da:5e:
61:73:b7:dc:db:85:d7:32:78:54:6d:aa:7f:72:cf:b3:17:d2:
40:46:ef:cd:76:d2:67:c9:33:b7:c1:58:73:75:bc:cc:0a:1c:
c1:f1:80:ff:88:0d:ef:36:da:0a:68:5c:81:77:e7:a3:7d:d0:
00:f7:0e:72:16:f4:94:ca:a5:28:c6:71:a2:74:8b:6f:b9:ed:
1d:a5:66:bd:32:12:5f:4c:77:62:b7:ef:61:d8:8e:ab:86:1f:
3e:71:39:ba:3e:04:16:ca:e8:d5:ab:64:5d:e2:a9:f9:de:f9:
03:5a:0c:f7:6e:0a:4c:ea:a9:7b:fd:22:28:23:e3:92:85:b3:
4f:ec:3e:af:38:e1:1f:46:9b:96:73:37:b7:fc:ad:bb:d8:40:
30:6c:f4:70:9d:15:79:55:0b:ed:1d:5c:cd:62:40:85:57:53:
fa:8e:3a:01
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEQZOEMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGE5NmQwMmE4MjJmNDYyNTNjMmFlZTY4MDQ0MWQ1YWMyN2MzZGY1MB4XDTIyMDEw
MTExNTQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U2MWI0ZWQ4OTBl
MGM4ZDA1MGZjYzk3ZTRmNTY1NWU1MjdlYjcyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMg6Cs1OcVo/Qz7Ux7SSNAalJgfR3fIvRtyjCIxrMFY7Gjt/
BZJtZQmRa3qw2eqABnwTr6fl/oy39VR+EIMpp6jFhXBZXvGxXsLjn9b0RPvKPqI6
3yGrvwMXw0Svp/cN5IKDWsinDCaAh/TnAYh2J3b28r+8s8VEK6bClGnclQM9O/17
GXrUkhn6SNNGa11xCLBEefaep6XLZ/d3XrIcCvDPsLvh95LzBjW9bXTnMXriLV6u
+9ZBq9taxxENDzA8ndml+EqZc5vFjDS5nQyheHQPP+IyGunry652wjtHh3bIgsJu
ucp/5JSQef9rrpCvivCmZ27++Nt89sad60hhDSkCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBQ+YbTtiQ4MjQUPzJfk9WVeUn63JTAfBgNVHSMEGDAWgBS9qW0CqCL0YlPC
ruaARB1awnw99TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZhbHRBcWdpOUdKVHdxN21nRVFkV3NKOFBmVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvYTI3YjM5LTgwMTEtNDE0Mi04NmMyLWNmODNkNmU0MDU1OC8x
L1BtRzA3WWtPREkwRkQ4eVg1UFZsWGxKLXR5VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
YTI3YjM5LTgwMTEtNDE0Mi04NmMyLWNmODNkNmU0MDU1OC8xL3ZhbHRBcWdpOUdK
VHdxN21nRVFkV3NKOFBmVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wVAQCAAEwTgMEAwWZYAMEBQWZwAMEBR8MYAMEAx8N
AAMEBSX8IAMEAFvHTgMEB115AAMEBV+s4AMEBY2K4AMEBpf5AAMEBZ8UIAMEArnE
UAMEBdRpoDAWBAIAAjAQAwcAIAEGfCVEAwUDKgAQ6DANBgkqhkiG9w0BAQsFAAOC
AQEAjOtoYNOIrl2gl3MU9HpjIaXO/ko6szywbC1hcuCdb5r2P4iHS4iaCilBuT9V
ZIepm9PnZ3WKYFqihNOQpqc1waUC1qRP5++h2na6oZw0uKIrPGbTUiqa1tpeYXO3
3NuF1zJ4VG2qf3LPsxfSQEbvzXbSZ8kzt8FYc3W8zAocwfGA/4gN7zbaCmhcgXfn
o33QAPcOchb0lMqlKMZxonSLb7ntHaVmvTISX0x3YrfvYdiOq4YfPnE5uj4EFsro
1atkXeKp+d75A1oM924KTOqpe/0iKCPjkoWzT+w+rzjhH0ablnM3t/ytu9hAMGz0
cJ0VeVUL7R1czWJAhVdT+o46AQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:34 2024 by rpki-client on console-fra.rpki-client.org