Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/pGnJHt_Hbu9kpFQJD3Epy1YwLB4.roa
File: pGnJHt_Hbu9kpFQJD3Epy1YwLB4.roa (raw, json)
Hash identifier: RwEhlCZamA1NSNs2uMs7NswO/JWtxRxIT6EOOKk//Yc=
Subject key identifier: A4:69:C9:1E:DF:C7:6E:EF:64:A4:54:09:0F:71:29:CB:56:30:2C:1E
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 1A017F80
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/pGnJHt_Hbu9kpFQJD3Epy1YwLB4.roa
Signing time: Tue 15 Mar 2022 11:13:05 +0000
ROA not before: Tue 15 Mar 2022 11:13:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 138.12.128.0/17 maxlen: 24
37.98.232.0/21 maxlen: 24
148.139.104.0/24 maxlen: 24
163.120.128.0/17 maxlen: 24
2a04:37c0::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 436305792 (0x1a017f80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Mar 15 11:13:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a469c91edfc76eef64a454090f7129cb56302c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:22:69:b5:76:ac:82:ee:a5:f6:ba:1c:93:bd:
7b:dc:ac:b6:68:3b:b0:1f:9f:5c:2a:0e:86:b2:de:
21:30:f7:2f:f9:d1:fe:53:cb:92:ac:5d:b9:37:0b:
cb:46:76:f0:11:2c:a2:21:bf:19:d6:e3:12:7b:09:
00:2f:e7:d5:bd:5e:ca:cb:07:5e:3e:67:35:94:05:
5f:bf:e3:6b:08:ad:f4:c0:79:91:60:61:e3:1a:ac:
da:f5:ac:09:34:bf:b5:41:76:aa:c1:4b:fc:48:c4:
28:6f:88:33:67:b2:af:85:21:0c:95:41:46:d5:c8:
5c:9e:04:27:cf:bd:82:40:54:72:91:0e:f3:d7:31:
52:a4:0a:a5:6b:9a:a7:88:08:83:bf:a7:0c:07:9f:
b5:2a:f8:7d:de:13:15:de:4d:82:13:8e:2c:72:a7:
ab:97:42:3c:2d:7b:9d:69:d7:02:92:26:41:f5:ee:
76:29:d8:ab:7d:16:31:a1:da:2f:22:d6:64:18:1c:
02:79:41:a6:8e:72:6b:b7:7b:11:96:83:b0:00:53:
81:ce:54:d8:15:19:36:24:83:70:7f:16:c6:f4:be:
27:b5:09:f8:12:ea:69:4e:4e:43:d0:87:32:06:91:
ec:a0:16:ff:a9:b4:d8:df:32:b1:e8:16:ee:09:f8:
bd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:69:C9:1E:DF:C7:6E:EF:64:A4:54:09:0F:71:29:CB:56:30:2C:1E
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/pGnJHt_Hbu9kpFQJD3Epy1YwLB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
138.12.128.0/17
148.139.104.0/24
163.120.128.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
59:9c:6a:b0:8f:b3:3e:f6:a6:b4:1f:b1:b5:1b:ae:4b:94:18:
6c:be:34:51:7f:71:ef:4c:86:40:be:08:04:53:23:40:7d:c0:
c0:9d:93:e4:86:51:2a:50:46:ca:6e:bb:70:93:1f:88:d9:ff:
2c:63:29:d1:7b:43:e4:1a:88:94:b2:6b:83:56:1c:90:c3:2e:
fe:84:3a:ea:62:05:01:f7:b8:ff:18:99:fa:0e:08:87:60:94:
12:d7:1c:21:7e:03:02:a2:a4:59:df:ce:4d:4e:6e:19:73:4d:
6c:03:b8:99:e7:f0:e0:70:2e:7d:a3:d1:5b:d8:86:87:9e:2f:
7b:9e:86:e4:45:8e:df:84:5f:42:55:54:21:6f:56:91:9c:4e:
58:9f:c7:2d:cf:a6:08:d0:69:0b:56:39:67:7c:56:9d:f7:a5:
79:d9:f7:58:54:8a:13:f2:d5:2f:91:34:fa:82:48:fa:0f:6d:
d0:b3:7f:09:b3:9f:e4:84:cc:2d:3a:dd:8b:27:bb:cc:1f:43:
e6:5e:44:0c:09:db:7d:9b:ac:f8:26:12:e1:b4:17:a3:a6:7e:
df:3b:e3:01:15:9c:27:96:99:95:be:68:3b:fb:17:20:ae:fd:
24:a7:61:cb:67:5b:5c:3d:a8:b5:e4:aa:e3:5d:98:a2:ad:4a:
a1:77:f7:22
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEGgF/gDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWMzOGEwNmEzOWIyMGI4ZGE0MDAwOTIzN2Q3NmFjZGQyOGU3MWE1MB4XDTIyMDMx
NTExMTMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ2OWM5MWVkZmM3
NmVlZjY0YTQ1NDA5MGY3MTI5Y2I1NjMwMmMxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwiabV2rILupfa6HJO9e9ystmg7sB+fXCoOhrLeITD3L/nR
/lPLkqxduTcLy0Z28BEsoiG/GdbjEnsJAC/n1b1eyssHXj5nNZQFX7/jawit9MB5
kWBh4xqs2vWsCTS/tUF2qsFL/EjEKG+IM2eyr4UhDJVBRtXIXJ4EJ8+9gkBUcpEO
89cxUqQKpWuap4gIg7+nDAeftSr4fd4TFd5NghOOLHKnq5dCPC17nWnXApImQfXu
dinYq30WMaHaLyLWZBgcAnlBpo5ya7d7EZaDsABTgc5U2BUZNiSDcH8WxvS+J7UJ
+BLqaU5OQ9CHMgaR7KAW/6m02N8ysegW7gn4vWkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSkacke38du72SkVAkPcSnLVjAsHjAfBgNVHSMEGDAWgBQBw4oGo5sguNpA
AJI312rN0o5xpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FjT0tCcU9iSUxqYVFBQ1NOOWRxemRLT2NhVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNmE4ZTVlLTM5YjYtNDdlMy1iYmIwLWIyOWYxMGNjMDMyOC8x
L3BHbkpIdF9IYnU5a3BGUUpEM0VweTFZd0xCNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NmE4ZTVlLTM5YjYtNDdlMy1iYmIwLWIyOWYxMGNjMDMyOC8xL0FjT0tCcU9iSUxq
YVFBQ1NOOWRxemRLT2NhVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAyVi6AMEB4oMgAMEAJSLaAMEB6N4
gDANBAIAAjAHAwUDKgQ3wDANBgkqhkiG9w0BAQsFAAOCAQEAWZxqsI+zPvamtB+x
tRuuS5QYbL40UX9x70yGQL4IBFMjQH3AwJ2T5IZRKlBGym67cJMfiNn/LGMp0XtD
5BqIlLJrg1YckMMu/oQ66mIFAfe4/xiZ+g4Ih2CUEtccIX4DAqKkWd/OTU5uGXNN
bAO4mefw4HAufaPRW9iGh54ve56G5EWO34RfQlVUIW9WkZxOWJ/HLc+mCNBpC1Y5
Z3xWnfeledn3WFSKE/LVL5E0+oJI+g9t0LN/CbOf5ITMLTrdiye7zB9D5l5EDAnb
fZus+CYS4bQXo6Z+3zvjARWcJ5aZlb5oO/sXIK79JKdhy2dbXD2oteSq412Yoq1K
oXf3Ig==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org