Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/P3rcshtSkO4PM26vf5hyXIEbbSA.roa
File: P3rcshtSkO4PM26vf5hyXIEbbSA.roa (raw, json)
Hash identifier: bMDkmApGW9szq1w/w5RxjQeRo8/adUnepyAgEuW23sA=
Subject key identifier: 3F:7A:DC:B2:1B:52:90:EE:0F:33:6E:AF:7F:98:72:5C:81:1B:6D:20
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0C64816C
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/P3rcshtSkO4PM26vf5hyXIEbbSA.roa
Signing time: Fri 04 Mar 2022 09:11:21 +0000
ROA not before: Fri 04 Mar 2022 09:11:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61157
IP address blocks: 46.23.208.0/20 maxlen: 20
212.1.32.0/19 maxlen: 19
188.64.192.0/21 maxlen: 21
62.75.174.0/24 maxlen: 24
185.209.64.0/22 maxlen: 22
195.244.96.0/19 maxlen: 19
2a02:ad0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 207913324 (0xc64816c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Mar 4 09:11:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f7adcb21b5290ee0f336eaf7f98725c811b6d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:36:06:fd:7a:b2:1a:8f:af:5d:41:35:14:a3:
e7:5d:d3:1c:3c:d7:b2:fe:14:a6:9f:1c:c3:27:82:
d6:a7:6c:bd:9c:ee:16:45:a1:65:52:78:a6:a9:e8:
38:01:39:df:73:67:44:62:57:45:f2:83:42:3d:d1:
e9:80:df:80:97:ce:1a:54:aa:c2:9f:23:b7:83:ff:
3d:31:35:10:a0:43:c0:c9:27:c1:a8:ef:e3:76:6b:
90:cb:4d:f3:da:d3:9c:87:c9:59:ff:e6:ca:33:e2:
d9:e1:f2:b7:7b:8e:b4:d7:26:94:eb:b5:77:a0:bd:
54:87:44:05:aa:17:d4:32:36:16:79:25:be:aa:24:
95:dc:56:3f:c3:c9:59:b0:c3:39:2c:66:52:1d:86:
f1:d5:99:d8:16:7e:bd:fa:07:62:80:84:74:7d:b4:
d6:20:5f:f0:d5:7a:8f:09:e0:72:55:91:8a:b9:83:
3a:d8:60:63:4d:eb:1d:ba:2f:55:1e:6e:01:33:c2:
53:2c:a1:c8:66:7a:e6:9e:e1:4b:3c:e5:6e:87:2e:
d4:99:98:44:c2:98:ce:ca:47:35:40:ac:38:7c:4c:
a0:db:69:7a:19:a5:80:70:54:e9:a7:d3:fe:4d:ba:
c9:cd:a8:58:27:c6:da:16:a0:3f:cf:b1:49:e5:e2:
e8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:7A:DC:B2:1B:52:90:EE:0F:33:6E:AF:7F:98:72:5C:81:1B:6D:20
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/P3rcshtSkO4PM26vf5hyXIEbbSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.208.0/20
62.75.174.0/24
185.209.64.0/22
188.64.192.0/21
195.244.96.0/19
212.1.32.0/19
IPv6:
2a02:ad0::/29
Signature Algorithm: sha256WithRSAEncryption
ae:71:0d:51:0e:59:c6:2e:8a:93:0a:87:af:cd:73:f7:07:e1:
ef:15:14:4f:3a:2f:c1:1c:39:b3:ac:82:7e:91:26:b9:f1:e2:
62:c9:90:89:1c:37:d9:09:85:20:2e:21:4d:78:d5:22:89:c5:
c5:17:31:47:41:cb:2b:fa:b8:f6:df:de:30:40:64:cd:6d:65:
2c:22:fd:57:31:13:a6:30:fa:76:c3:6f:6f:cd:04:6a:f8:dc:
3d:9f:2a:0a:58:2b:e3:db:76:9f:fc:7d:9f:20:cf:a6:32:0c:
50:3b:f6:d4:9a:3c:33:8d:f9:5d:87:38:1d:79:65:8e:2e:ed:
93:49:03:d2:ce:61:da:dd:ae:88:86:4a:6e:0e:c0:bd:f7:99:
27:bc:de:33:3e:d8:87:41:aa:7c:21:09:59:98:57:f9:f3:8d:
0b:42:e8:96:8e:9f:f7:02:a7:2c:b2:c9:56:1f:fa:69:59:c6:
57:be:0f:6b:1f:f9:07:95:45:b6:2e:0a:40:32:67:53:7a:6f:
d6:b4:5f:04:44:c7:b6:db:78:c9:91:c5:d8:27:12:1d:30:9c:
50:0c:82:61:4c:5f:dd:81:31:7a:a5:5f:aa:e5:46:06:f5:b0:
d7:56:6c:6a:35:c1:f1:15:44:f4:b9:a8:42:71:3b:ea:2f:b3:
9c:e9:2f:a1
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEDGSBbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDMw
NDA5MTEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Y3YWRjYjIxYjUy
OTBlZTBmMzM2ZWFmN2Y5ODcyNWM4MTFiNmQyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALc2Bv16shqPr11BNRSj513THDzXsv4Upp8cwyeC1qdsvZzu
FkWhZVJ4pqnoOAE533NnRGJXRfKDQj3R6YDfgJfOGlSqwp8jt4P/PTE1EKBDwMkn
wajv43ZrkMtN89rTnIfJWf/myjPi2eHyt3uOtNcmlOu1d6C9VIdEBaoX1DI2Fnkl
vqokldxWP8PJWbDDOSxmUh2G8dWZ2BZ+vfoHYoCEdH201iBf8NV6jwngclWRirmD
OthgY03rHbovVR5uATPCUyyhyGZ65p7hSzzlbocu1JmYRMKYzspHNUCsOHxMoNtp
ehmlgHBU6afT/k26yc2oWCfG2hagP8+xSeXi6KECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQ/etyyG1KQ7g8zbq9/mHJcgRttIDAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L1AzcmNzaHRTa080UE0yNnZmNWh5WElFYmJTQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBC4X0AMEAD5LrgMEArnRQAMEA7xA
wAMEBcP0YAMEBdQBIDANBAIAAjAHAwUDKgIK0DANBgkqhkiG9w0BAQsFAAOCAQEA
rnENUQ5Zxi6KkwqHr81z9wfh7xUUTzovwRw5s6yCfpEmufHiYsmQiRw32QmFIC4h
TXjVIonFxRcxR0HLK/q49t/eMEBkzW1lLCL9VzETpjD6dsNvb80EavjcPZ8qClgr
49t2n/x9nyDPpjIMUDv21Jo8M435XYc4HXllji7tk0kD0s5h2t2uiIZKbg7AvfeZ
J7zeMz7Yh0GqfCEJWZhX+fONC0Lolo6f9wKnLLLJVh/6aVnGV74Pax/5B5VFti4K
QDJnU3pv1rRfBETHttt4yZHF2CcSHTCcUAyCYUxf3YExeqVfquVGBvWw11ZsajXB
8RVE9LmoQnE76i+znOkvoQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:29 2023 by rpki-client on console-ams.rpki-client.org