Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/PXOUQpnpyjTKbYfhGFgWtSLcpOY.roa
File: PXOUQpnpyjTKbYfhGFgWtSLcpOY.roa (raw, json)
Hash identifier: hTpm77rINVWPSHx42tNd76tl5g2gtArqMNoH9HHCKe4=
Subject key identifier: 3D:73:94:42:99:E9:CA:34:CA:6D:87:E1:18:58:16:B5:22:DC:A4:E6
Certificate issuer: /CN=10771dd7dea22e35fdaf19b51b839f43721270ba
Certificate serial: 0899DB81
Authority key identifier: 10:77:1D:D7:DE:A2:2E:35:FD:AF:19:B5:1B:83:9F:43:72:12:70:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHcd196iLjX9rxm1G4OfQ3IScLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/PXOUQpnpyjTKbYfhGFgWtSLcpOY.roa
Signing time: Sun 24 Apr 2022 22:45:22 +0000
ROA not before: Sun 24 Apr 2022 22:45:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201863
IP address blocks: 212.146.132.0/24 maxlen: 24
212.146.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144300929 (0x899db81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10771dd7dea22e35fdaf19b51b839f43721270ba
Validity
Not Before: Apr 24 22:45:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d73944299e9ca34ca6d87e1185816b522dca4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cc:44:c2:9c:dc:6f:2d:ac:43:73:f2:d5:9b:
72:a7:14:ab:ed:68:fd:64:4f:37:4e:f9:0f:c6:a3:
03:b1:ac:ef:d4:a0:31:e6:4a:06:60:50:66:54:0e:
12:bc:98:05:62:15:51:65:a3:3c:7a:76:a5:4f:99:
d7:0f:10:82:0a:d6:fb:7b:3d:83:74:f7:71:dc:9b:
e3:98:42:1a:47:b3:3d:1d:e3:7e:dd:4e:9c:1d:02:
9d:d5:01:0b:4c:13:85:23:b7:bb:39:b5:11:0d:d1:
fd:2e:a1:67:8a:43:3e:d3:c9:5b:0c:23:2d:60:30:
5d:0c:62:3e:f2:12:71:17:4c:d1:23:7d:d5:33:ce:
1e:40:27:b6:a3:87:59:de:17:42:47:8c:e5:fe:76:
39:c7:78:3d:49:35:4f:36:b7:7e:5c:53:ad:b9:b0:
32:e3:64:55:63:f9:79:ce:0a:af:98:bf:b6:d8:38:
5c:f7:dc:be:9f:63:db:8c:0f:44:1a:31:0f:04:7e:
03:06:bd:e2:25:57:9e:f6:ce:f5:8f:79:6c:47:56:
81:8d:b3:84:b2:8d:2d:3d:46:33:88:48:e5:f5:6b:
5e:11:58:e0:ec:ce:dd:8a:84:77:52:a1:8e:59:0b:
3b:d9:af:06:6b:1f:7a:a4:c4:eb:15:4e:c2:fc:ab:
37:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:73:94:42:99:E9:CA:34:CA:6D:87:E1:18:58:16:B5:22:DC:A4:E6
X509v3 Authority Key Identifier:
keyid:10:77:1D:D7:DE:A2:2E:35:FD:AF:19:B5:1B:83:9F:43:72:12:70:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHcd196iLjX9rxm1G4OfQ3IScLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/PXOUQpnpyjTKbYfhGFgWtSLcpOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/EHcd196iLjX9rxm1G4OfQ3IScLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.146.132.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:f2:a3:2e:2b:4b:34:08:ef:08:61:ab:46:5c:b2:7c:40:f2:
31:23:5d:c5:fa:28:9e:7c:4a:f2:f4:de:6e:ae:48:a9:c0:70:
76:66:31:6c:2e:44:10:3f:cc:01:51:9e:b6:96:4c:19:8f:1a:
05:f9:e8:2f:ef:d0:4a:86:9a:50:0f:66:45:5d:93:ad:6b:f6:
4d:60:4b:88:cb:10:05:79:3c:8c:e3:59:ef:49:60:8c:9f:41:
fd:26:48:bc:0b:fb:88:5b:33:8d:0a:0c:e3:ee:53:48:45:f9:
96:3a:b5:31:49:cc:fb:c9:20:d5:fa:ec:ef:1d:24:ae:59:e7:
c6:c3:1d:fa:63:9f:4d:b5:36:d5:7d:a6:b3:99:28:0a:c3:12:
4e:3d:98:6a:92:9c:e5:01:54:25:0a:0b:35:86:5b:70:7a:0c:
10:82:17:3e:d2:2d:31:63:43:7e:f3:77:a3:f2:c8:16:88:f4:
da:c5:e8:3b:a1:23:61:64:40:d7:f2:a0:84:32:10:68:f6:38:
2e:2f:d9:7d:3c:ed:e8:1e:32:83:dd:a1:c6:dd:2b:41:64:24:
d0:27:61:14:b6:39:28:b7:64:d0:cc:04:d6:96:55:e8:74:7c:
49:8d:15:f0:e8:5c:2e:9a:b5:97:52:bc:dd:e3:ec:88:9a:f0:
a6:8c:9d:b0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECJnbgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDc3MWRkN2RlYTIyZTM1ZmRhZjE5YjUxYjgzOWY0MzcyMTI3MGJhMB4XDTIyMDQy
NDIyNDUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Q3Mzk0NDI5OWU5
Y2EzNGNhNmQ4N2UxMTg1ODE2YjUyMmRjYTRlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbMRMKc3G8trENz8tWbcqcUq+1o/WRPN075D8ajA7Gs79Sg
MeZKBmBQZlQOEryYBWIVUWWjPHp2pU+Z1w8QggrW+3s9g3T3cdyb45hCGkezPR3j
ft1OnB0CndUBC0wThSO3uzm1EQ3R/S6hZ4pDPtPJWwwjLWAwXQxiPvIScRdM0SN9
1TPOHkAntqOHWd4XQkeM5f52Ocd4PUk1Tza3flxTrbmwMuNkVWP5ec4Kr5i/ttg4
XPfcvp9j24wPRBoxDwR+Awa94iVXnvbO9Y95bEdWgY2zhLKNLT1GM4hI5fVrXhFY
4OzO3YqEd1KhjlkLO9mvBmsfeqTE6xVOwvyrNyUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ9c5RCmenKNMpth+EYWBa1Ityk5jAfBgNVHSMEGDAWgBQQdx3X3qIuNf2v
GbUbg59DchJwujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VIY2QxOTZpTGpYOXJ4bTFHNE9mUTNJU2NMby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvNzUxNDhhLWU0MGUtNDA5Zi04YTBiLWRhODUxYTcxNWZhNC8x
L1BYT1VRcG5weWpUS2JZZmhHRmdXdFNMY3BPWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
NzUxNDhhLWU0MGUtNDA5Zi04YTBiLWRhODUxYTcxNWZhNC8xL0VIY2QxOTZpTGpY
OXJ4bTFHNE9mUTNJU2NMby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdSShDANBgkqhkiG9w0BAQsFAAOC
AQEAHfKjLitLNAjvCGGrRlyyfEDyMSNdxfoonnxK8vTebq5IqcBwdmYxbC5EED/M
AVGetpZMGY8aBfnoL+/QSoaaUA9mRV2TrWv2TWBLiMsQBXk8jONZ70lgjJ9B/SZI
vAv7iFszjQoM4+5TSEX5ljq1MUnM+8kg1frs7x0krlnnxsMd+mOfTbU21X2ms5ko
CsMSTj2YapKc5QFUJQoLNYZbcHoMEIIXPtItMWNDfvN3o/LIFoj02sXoO6EjYWRA
1/KghDIQaPY4Li/ZfTzt6B4yg92hxt0rQWQk0CdhFLY5KLdk0MwE1pZV6HR8SY0V
8OhcLpq1l1K83ePsiJrwpoydsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:07 2024 by rpki-client on console-ams.rpki-client.org