Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/PtdZzsH22AO8rDUOimqiOvIypeI.roa
File: PtdZzsH22AO8rDUOimqiOvIypeI.roa (raw, json)
Hash identifier: vprJ4RvR8ThD0hAa9C5GsHl+0XSMTZbG8Y8Z6ZXNpsI=
Subject key identifier: 3E:D7:59:CE:C1:F6:D8:03:BC:AC:35:0E:8A:6A:A2:3A:F2:32:A5:E2
Certificate issuer: /CN=b15e3dc0ebfb10ebb94197454732ef786ac75b70
Certificate serial: 0184472752E4AE30FB1CA8C1020DAE4CA0D0
Authority key identifier: B1:5E:3D:C0:EB:FB:10:EB:B9:41:97:45:47:32:EF:78:6A:C7:5B:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sV49wOv7EOu5QZdFRzLveGrHW3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/PtdZzsH22AO8rDUOimqiOvIypeI.roa
Signing time: Sat 05 Nov 2022 09:37:50 +0000
ROA not before: Sat 05 Nov 2022 09:37:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42073
IP address blocks: 194.169.233.0/24 maxlen: 24
185.64.92.0/22 maxlen: 22
194.102.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:47:27:52:e4:ae:30:fb:1c:a8:c1:02:0d:ae:4c:a0:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b15e3dc0ebfb10ebb94197454732ef786ac75b70
Validity
Not Before: Nov 5 09:37:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ed759cec1f6d803bcac350e8a6aa23af232a5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:75:12:68:45:b2:3f:be:72:62:38:e2:6c:09:
3b:19:e3:16:31:26:82:83:47:b7:66:e8:c2:7a:ed:
a7:5d:d7:22:c4:31:1f:89:0f:c4:83:62:4f:03:53:
56:e1:52:97:11:72:17:c7:ad:c7:df:dc:56:e2:56:
74:77:35:b8:d1:65:81:3c:66:34:95:f2:dc:d3:f9:
19:3f:f2:e5:65:cb:13:67:19:49:68:49:2d:f2:c5:
1a:3a:34:83:04:40:51:c2:5b:3b:c0:99:96:3d:d7:
dd:a4:9b:fa:5d:06:28:36:79:e7:12:56:f3:6a:6d:
83:c9:0f:51:50:f1:a1:78:a2:a8:7c:1a:34:d0:c7:
a0:54:41:5c:1e:9a:48:82:c1:df:d7:26:9d:79:c7:
26:93:21:bd:b0:31:4c:ee:99:ab:e9:36:2c:5e:cd:
2f:01:24:6c:40:c4:62:69:ee:58:7e:c7:f3:8d:5a:
95:62:77:da:16:a5:58:00:13:73:8d:32:75:e4:10:
21:d6:70:37:29:e8:aa:7e:91:0b:14:e2:97:49:fb:
91:a5:b4:e3:b1:8c:f3:2c:e8:5e:9a:a3:1b:f0:8d:
6e:d5:c7:99:eb:3e:c6:4e:0b:af:e9:11:e6:8f:f6:
a8:6c:96:43:53:51:72:a0:c4:5e:4f:c2:40:21:ae:
8c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:D7:59:CE:C1:F6:D8:03:BC:AC:35:0E:8A:6A:A2:3A:F2:32:A5:E2
X509v3 Authority Key Identifier:
keyid:B1:5E:3D:C0:EB:FB:10:EB:B9:41:97:45:47:32:EF:78:6A:C7:5B:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sV49wOv7EOu5QZdFRzLveGrHW3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/PtdZzsH22AO8rDUOimqiOvIypeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/sV49wOv7EOu5QZdFRzLveGrHW3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.92.0/22
194.102.202.0/24
194.169.233.0/24
Signature Algorithm: sha256WithRSAEncryption
27:53:6f:0a:d1:25:71:ca:03:82:9c:d5:67:8a:92:b3:94:26:
c8:e8:3f:d7:e0:38:b6:74:71:6e:fb:43:7e:e0:3d:0f:86:5f:
b8:36:88:c8:ab:12:8f:a9:69:10:db:c1:35:bb:18:a8:e0:b6:
3d:72:5d:09:ab:27:07:d6:f1:db:98:6a:d0:34:55:d6:f4:33:
ea:ed:ce:58:c9:43:97:05:56:5e:b5:ad:08:cf:0a:2e:20:2e:
f1:9d:ad:41:3e:3e:6a:87:5b:d9:7c:71:6b:90:b2:87:7b:86:
d3:04:73:df:68:6c:b1:37:67:61:d3:52:c3:17:5b:fd:10:bc:
46:3e:92:71:b9:5b:a9:53:44:ac:51:6d:a6:d5:ff:a1:61:be:
9b:7e:4a:fd:51:aa:db:b9:d0:5c:7c:66:3e:e1:ff:1a:28:fd:
ac:48:fb:ae:ff:12:32:dc:02:c5:72:a8:f1:7d:0a:e8:7b:3a:
94:43:61:26:ef:50:91:a0:63:7a:24:34:c0:73:05:13:11:0e:
06:76:51:37:eb:cc:95:36:28:1b:61:90:cb:08:e9:0f:27:40:
6f:5e:ab:aa:bd:0e:b6:16:0e:4b:b2:5f:e5:9e:61:61:14:ad:
61:30:2e:f7:09:46:1a:7c:1a:31:3b:0e:af:5b:7b:a6:f4:64:
03:75:fe:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRHJ1LkrjD7HKjBAg2uTKDQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNWUzZGMwZWJmYjEwZWJiOTQxOTc0NTQ3MzJlZjc4NmFj
NzViNzAwHhcNMjIxMTA1MDkzNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWQ3NTljZWMxZjZkODAzYmNhYzM1MGU4YTZhYTIzYWYyMzJhNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHUSaEWyP75yYjjibAk7GeMWMSaC
g0e3ZujCeu2nXdcixDEfiQ/Eg2JPA1NW4VKXEXIXx63H39xW4lZ0dzW40WWBPGY0
lfLc0/kZP/LlZcsTZxlJaEkt8sUaOjSDBEBRwls7wJmWPdfdpJv6XQYoNnnnElbz
am2DyQ9RUPGheKKofBo00MegVEFcHppIgsHf1yadeccmkyG9sDFM7pmr6TYsXs0v
ASRsQMRiae5YfsfzjVqVYnfaFqVYABNzjTJ15BAh1nA3KeiqfpELFOKXSfuRpbTj
sYzzLOhemqMb8I1u1ceZ6z7GTguv6RHmj/aobJZDU1FyoMReT8JAIa6MZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD7XWc7B9tgDvKw1DopqojryMqXiMB8GA1UdIwQY
MBaAFLFePcDr+xDruUGXRUcy73hqx1twMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1Y0OXdPdjdFT3U1UVpkRlJ6THZlR3JIVzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi80YWRjM2ItM2JkMy00NTQ3LTgwMDYt
MWQwMDdiZTljZGQ4LzEvUHRkWnpzSDIyQU84ckRVT2ltcWlPdkl5cGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi80YWRjM2ItM2JkMy00NTQ3LTgwMDYtMWQwMDdiZTljZGQ4
LzEvc1Y0OXdPdjdFT3U1UVpkRlJ6THZlR3JIVzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuUBcAwQA
wmbKAwQAwqnpMA0GCSqGSIb3DQEBCwUAA4IBAQAnU28K0SVxygOCnNVnipKzlCbI
6D/X4Di2dHFu+0N+4D0Phl+4NojIqxKPqWkQ28E1uxio4LY9cl0JqycH1vHbmGrQ
NFXW9DPq7c5YyUOXBVZeta0IzwouIC7xna1BPj5qh1vZfHFrkLKHe4bTBHPfaGyx
N2dh01LDF1v9ELxGPpJxuVupU0SsUW2m1f+hYb6bfkr9UarbudBcfGY+4f8aKP2s
SPuu/xIy3ALFcqjxfQroezqUQ2Em71CRoGN6JDTAcwUTEQ4GdlE368yVNigbYZDL
COkPJ0BvXquqvQ62Fg5Lsl/lnmFhFK1hMC73CUYafBoxOw6vW3um9GQDdf4A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:00 2023 by rpki-client on console-ams.rpki-client.org