Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/PPClTdtGOhIdrvFm7qwth9mXOQg.roa
File: PPClTdtGOhIdrvFm7qwth9mXOQg.roa (raw, json)
Hash identifier: KVmPrPIPA1xZi699JJnzKTJq1QMu/FhTQo5RpuYHREA=
Subject key identifier: 3C:F0:A5:4D:DB:46:3A:12:1D:AE:F1:66:EE:AC:2D:87:D9:97:39:08
Certificate issuer: /CN=0321bfea0305c48e949e6c249f4810b46905c886
Certificate serial: 01843319F503D4A1C4E8E7A2BDECF6B22718
Authority key identifier: 03:21:BF:EA:03:05:C4:8E:94:9E:6C:24:9F:48:10:B4:69:05:C8:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyG_6gMFxI6Unmwkn0gQtGkFyIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/PPClTdtGOhIdrvFm7qwth9mXOQg.roa
Signing time: Tue 01 Nov 2022 12:10:49 +0000
ROA not before: Tue 01 Nov 2022 12:10:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 393262
IP address blocks: 91.231.3.0/24 maxlen: 24
91.92.32.0/24 maxlen: 24
91.92.37.0/24 maxlen: 24
91.92.36.0/24 maxlen: 24
89.44.34.0/24 maxlen: 24
95.214.78.0/24 maxlen: 24
45.10.131.0/24 maxlen: 24
95.214.77.0/24 maxlen: 24
95.214.76.0/24 maxlen: 24
77.81.141.0/24 maxlen: 24
194.147.64.0/24 maxlen: 24
194.147.65.0/24 maxlen: 24
95.214.79.0/24 maxlen: 24
78.159.151.0/24 maxlen: 24
212.11.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:19:f5:03:d4:a1:c4:e8:e7:a2:bd:ec:f6:b2:27:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0321bfea0305c48e949e6c249f4810b46905c886
Validity
Not Before: Nov 1 12:10:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3cf0a54ddb463a121daef166eeac2d87d9973908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e0:5e:51:54:30:25:fd:99:82:d8:2b:b5:4d:
de:b9:23:25:4b:2e:bf:83:90:4f:b2:d4:5d:30:fc:
65:0c:5b:21:ff:0c:8c:86:f1:04:9c:10:30:48:52:
9a:f9:e4:22:fc:5c:01:00:3d:f8:04:b0:3f:e9:68:
2f:7b:0d:87:dc:8c:7c:bf:bd:01:96:5d:68:f7:2d:
30:22:d4:07:3e:33:1e:7b:9a:19:b3:95:38:44:a8:
fd:a8:eb:d1:55:9b:ef:49:8e:94:f5:e9:3c:5e:42:
28:44:e9:33:42:ba:51:d9:1b:57:80:58:4a:fd:4b:
f8:20:30:ab:11:58:3f:c2:85:35:d9:47:77:f9:e5:
98:cc:08:5c:d9:4e:df:8b:c1:87:55:54:24:c0:7e:
19:2f:6d:57:25:3c:db:37:b2:a4:96:93:88:06:44:
99:9b:7d:1a:56:ab:46:7e:f6:45:c7:36:90:4c:a6:
18:b7:73:4b:3b:b7:29:7e:e4:85:e9:7b:a5:7b:fb:
58:e5:8d:9d:b7:99:01:aa:c0:06:21:8f:96:46:e6:
51:1b:5e:50:4a:89:72:f4:d1:80:97:5f:01:60:d0:
4b:c6:5b:39:04:57:93:0e:1c:29:99:08:09:f4:2c:
a9:a2:5b:16:5b:a2:c0:70:a6:46:2d:62:af:66:25:
6d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F0:A5:4D:DB:46:3A:12:1D:AE:F1:66:EE:AC:2D:87:D9:97:39:08
X509v3 Authority Key Identifier:
keyid:03:21:BF:EA:03:05:C4:8E:94:9E:6C:24:9F:48:10:B4:69:05:C8:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyG_6gMFxI6Unmwkn0gQtGkFyIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/PPClTdtGOhIdrvFm7qwth9mXOQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/AyG_6gMFxI6Unmwkn0gQtGkFyIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.131.0/24
77.81.141.0/24
78.159.151.0/24
89.44.34.0/24
91.92.32.0/24
91.92.36.0/23
91.231.3.0/24
95.214.76.0/22
194.147.64.0/23
212.11.95.0/24
Signature Algorithm: sha256WithRSAEncryption
47:d5:b6:e9:0a:d3:5e:32:de:21:4b:d1:66:c1:f7:d4:e3:1d:
2a:02:bb:3d:b0:5e:fe:7e:38:39:2d:90:c4:69:61:21:17:70:
4d:65:98:52:37:01:b8:7b:9a:67:8a:80:66:93:fe:df:8d:54:
94:6b:e7:72:c1:6b:9a:6d:7a:11:dc:43:bb:d5:34:9b:f7:1a:
89:10:bd:4a:4f:ab:de:4e:f0:a7:d9:7f:50:84:01:d7:68:37:
00:76:d5:e6:1a:b0:ce:3e:e6:10:e7:55:03:d9:cc:c5:02:60:
77:3a:a2:5e:0d:04:ea:59:2a:dd:62:df:c8:af:2f:c9:77:7f:
c3:14:08:d9:51:50:b7:f6:79:e5:7e:ab:06:64:e3:31:0d:5b:
6c:9c:a4:8f:44:a5:00:16:45:b3:8c:5f:eb:2b:48:26:02:48:
ce:4d:ab:fe:d8:e8:dc:7d:db:a3:1d:4b:d4:1e:a2:27:1e:30:
9e:0f:e7:d8:0d:c5:3e:98:f3:99:88:2a:86:24:59:bb:6f:27:
15:5e:71:ef:86:e8:c4:7a:86:54:4f:44:83:0f:3f:b6:be:66:
5a:41:c6:1c:64:03:59:7f:67:90:f0:6c:fc:03:59:e4:2d:28:
5b:69:b9:ef:b9:74:9c:c5:8d:ab:a1:0c:29:44:0d:44:48:e3:
c1:1a:ee:e1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYQzGfUD1KHE6Oeivez2sicYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjFiZmVhMDMwNWM0OGU5NDllNmMyNDlmNDgxMGI0Njkw
NWM4ODYwHhcNMjIxMTAxMTIxMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2YwYTU0ZGRiNDYzYTEyMWRhZWYxNjZlZWFjMmQ4N2Q5OTczOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouBeUVQwJf2ZgtgrtU3euSMlSy6/
g5BPstRdMPxlDFsh/wyMhvEEnBAwSFKa+eQi/FwBAD34BLA/6Wgvew2H3Ix8v70B
ll1o9y0wItQHPjMee5oZs5U4RKj9qOvRVZvvSY6U9ek8XkIoROkzQrpR2RtXgFhK
/Uv4IDCrEVg/woU12Ud3+eWYzAhc2U7fi8GHVVQkwH4ZL21XJTzbN7KklpOIBkSZ
m30aVqtGfvZFxzaQTKYYt3NLO7cpfuSF6Xule/tY5Y2dt5kBqsAGIY+WRuZRG15Q
Soly9NGAl18BYNBLxls5BFeTDhwpmQgJ9CypolsWW6LAcKZGLWKvZiVt8wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDzwpU3bRjoSHa7xZu6sLYfZlzkIMB8GA1UdIwQY
MBaAFAMhv+oDBcSOlJ5sJJ9IELRpBciGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlHXzZnTUZ4STZVbm13a24wZ1F0R2tGeUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xMWRhMmItNzdiZC00MWM3LWJiZjMt
NTYwYzllN2MwNzQ3LzEvUFBDbFRkdEdPaElkcnZGbTdxd3RoOW1YT1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xMWRhMmItNzdiZC00MWM3LWJiZjMtNTYwYzllN2MwNzQ3
LzEvQXlHXzZnTUZ4STZVbm13a24wZ1F0R2tGeUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQqDAwQA
TVGNAwQATp+XAwQAWSwiAwQAW1wgAwQBW1wkAwQAW+cDAwQCX9ZMAwQBwpNAAwQA
1AtfMA0GCSqGSIb3DQEBCwUAA4IBAQBH1bbpCtNeMt4hS9FmwffU4x0qArs9sF7+
fjg5LZDEaWEhF3BNZZhSNwG4e5pnioBmk/7fjVSUa+dywWuabXoR3EO71TSb9xqJ
EL1KT6veTvCn2X9QhAHXaDcAdtXmGrDOPuYQ51UD2czFAmB3OqJeDQTqWSrdYt/I
ry/Jd3/DFAjZUVC39nnlfqsGZOMxDVtsnKSPRKUAFkWzjF/rK0gmAkjOTav+2Ojc
fdujHUvUHqInHjCeD+fYDcU+mPOZiCqGJFm7bycVXnHvhujEeoZUT0SDDz+2vmZa
QcYcZANZf2eQ8Gz8A1nkLShbabnvuXScxY2roQwpRA1ESOPBGu7h
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:38 2023 by rpki-client on console-ams.rpki-client.org