Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/PsDAaPvvOflPU355mEBVUBOnz5g.roa
File: PsDAaPvvOflPU355mEBVUBOnz5g.roa (raw, json)
Hash identifier: Q3l2Wqb2RhfSIpfgAEE3VLKUjQkiBU/a49hiHYoKJ9o=
Subject key identifier: 3E:C0:C0:68:FB:EF:39:F9:4F:53:7E:79:98:40:55:50:13:A7:CF:98
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 09B2BD16
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/PsDAaPvvOflPU355mEBVUBOnz5g.roa
Signing time: Sat 01 Jan 2022 13:55:42 +0000
ROA not before: Sat 01 Jan 2022 13:55:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8468
IP address blocks: 93.95.8.0/21 maxlen: 24
151.236.208.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162708758 (0x9b2bd16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 13:55:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ec0c068fbef39f94f537e799840555013a7cf98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:10:64:85:04:76:7c:75:8a:ee:fa:ad:c5:ce:
13:9d:3a:d0:0a:7f:1d:d6:2a:b2:01:0f:84:19:40:
d3:64:cd:53:94:37:9a:71:bf:bb:d5:4c:a5:e2:83:
3b:57:19:03:5f:f1:b0:02:59:0d:de:c7:27:70:8d:
c6:56:ea:75:09:e6:68:7c:12:17:f1:85:aa:b0:f3:
df:e4:22:e1:5f:cd:7d:bf:fe:00:2b:58:b1:25:20:
83:c0:d9:1f:56:7d:9c:0c:5d:d3:d6:c3:a9:66:fd:
ad:0a:32:bb:bd:3a:da:08:90:30:84:a8:60:f5:f1:
52:11:c9:2b:ab:dc:3d:df:f2:80:3e:1c:9e:a1:58:
20:9f:a1:c8:61:d6:3a:d0:00:05:44:9a:74:ea:4a:
07:ec:ec:1f:dd:56:87:f6:18:6e:eb:29:c4:fe:81:
d1:4c:8b:68:5f:f9:f1:31:30:00:c1:ce:ac:46:b9:
67:6f:ea:ae:32:5d:de:c8:07:13:d0:34:22:df:e7:
7f:31:6a:a1:4e:6b:d2:53:c8:05:bd:0a:8a:5d:c7:
cb:20:ee:92:d7:d4:2a:f6:f8:49:9e:21:0c:ea:07:
92:7e:c6:ae:c6:67:ee:eb:f1:48:e1:fd:f4:a6:fe:
4d:9e:8a:c6:f5:d0:c4:b6:1e:1b:ee:04:19:84:c7:
45:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C0:C0:68:FB:EF:39:F9:4F:53:7E:79:98:40:55:50:13:A7:CF:98
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/PsDAaPvvOflPU355mEBVUBOnz5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.8.0/21
151.236.208.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:16:27:24:a5:ec:e9:8f:cd:bc:63:03:b3:1f:52:7e:50:7d:
14:08:77:3f:5e:7b:c9:94:45:e6:33:3d:ec:32:be:ae:15:70:
2c:59:37:1d:48:b4:d1:d6:57:ca:7b:f3:29:02:0b:2d:4f:d8:
6d:7c:a8:aa:20:45:a9:22:95:5c:b1:b7:94:ee:e8:9c:22:34:
1e:9c:a9:35:b6:26:c4:89:71:f7:ec:75:0b:a8:d6:da:02:9e:
ed:00:27:b0:20:5e:05:7c:ed:3b:88:5b:e5:8e:f1:49:b8:2c:
57:25:61:81:89:5a:0f:c5:94:c1:2c:48:8e:b4:88:4b:c4:62:
de:82:ab:2f:bc:93:f3:83:a7:d4:4c:4c:24:25:b8:52:09:81:
36:1d:bb:20:1d:3e:cf:de:c2:55:2e:85:6a:f4:59:68:29:80:
d4:2d:fd:3e:cd:f8:f9:c7:ec:84:27:b4:32:03:ba:4c:6f:d3:
27:c5:a4:e5:f8:c7:36:7b:ab:b8:dc:bf:cb:79:93:55:e2:7a:
e0:69:70:72:8f:04:00:ce:0b:45:1f:65:82:af:70:7f:cd:88:
32:29:65:81:77:e7:28:b4:f7:1d:59:d1:6c:3d:fd:09:21:e6:
92:86:00:f8:35:d7:9b:59:29:b4:f9:bf:5b:de:59:b0:a7:0b:
00:1b:2b:fa
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECbK9FjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ODRkNjFjZDE3ZWQ5MmU1NGJiMzM5N2YxZTVhNmIzOTA0YWM2ZjA1MB4XDTIyMDEw
MTEzNTU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VjMGMwNjhmYmVm
MzlmOTRmNTM3ZTc5OTg0MDU1NTAxM2E3Y2Y5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8QZIUEdnx1iu76rcXOE5060Ap/HdYqsgEPhBlA02TNU5Q3
mnG/u9VMpeKDO1cZA1/xsAJZDd7HJ3CNxlbqdQnmaHwSF/GFqrDz3+Qi4V/Nfb/+
ACtYsSUgg8DZH1Z9nAxd09bDqWb9rQoyu7062giQMISoYPXxUhHJK6vcPd/ygD4c
nqFYIJ+hyGHWOtAABUSadOpKB+zsH91Wh/YYbuspxP6B0UyLaF/58TEwAMHOrEa5
Z2/qrjJd3sgHE9A0It/nfzFqoU5r0lPIBb0Kil3HyyDuktfUKvb4SZ4hDOoHkn7G
rsZn7uvxSOH99Kb+TZ6KxvXQxLYeG+4EGYTHReUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ+wMBo++85+U9TfnmYQFVQE6fPmDAfBgNVHSMEGDAWgBTITWHNF+2S5Uuz
OX8eWms5BKxvBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lFMWh6UmZ0a3VWTHN6bF9IbHByT1FTc2J3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvODhlYWU4LTRiODYtNDM4OS1hYWRiLWMyNTc3OTJkYWRjNC8x
L1BzREFhUHZ2T2ZsUFUzNTVtRUJWVUJPbno1Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
ODhlYWU4LTRiODYtNDM4OS1hYWRiLWMyNTc3OTJkYWRjNC8xL3lFMWh6UmZ0a3VW
THN6bF9IbHByT1FTc2J3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA11fCAMEAZfs0DANBgkqhkiG9w0B
AQsFAAOCAQEAsBYnJKXs6Y/NvGMDsx9SflB9FAh3P157yZRF5jM97DK+rhVwLFk3
HUi00dZXynvzKQILLU/YbXyoqiBFqSKVXLG3lO7onCI0HpypNbYmxIlx9+x1C6jW
2gKe7QAnsCBeBXztO4hb5Y7xSbgsVyVhgYlaD8WUwSxIjrSIS8Ri3oKrL7yT84On
1ExMJCW4UgmBNh27IB0+z97CVS6FavRZaCmA1C39Ps34+cfshCe0MgO6TG/TJ8Wk
5fjHNnuruNy/y3mTVeJ64Glwco8EAM4LRR9lgq9wf82IMillgXfnKLT3HVnRbD39
CSHmkoYA+DXXm1kptPm/W95ZsKcLABsr+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:17 2024 by rpki-client on console-fra.rpki-client.org