Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/162186-50d1-4761-aaf0-a542589799bc/1/pnWEyut7xbTzbzckXHtdZtnXA4I.roa
File: pnWEyut7xbTzbzckXHtdZtnXA4I.roa (raw, json)
Hash identifier: Fb+rXuxl1uFQe5WtE/ZsWN8Fsw/6yRHzIVPFDFBKD9c=
Subject key identifier: A6:75:84:CA:EB:7B:C5:B4:F3:6F:37:24:5C:7B:5D:66:D9:D7:03:82
Certificate issuer: /CN=b35a20a86939c8de8aedc305243b0fd4ad8654d0
Certificate serial: 01844DA32C2935EE2B43588077EA6E05D5EB
Authority key identifier: B3:5A:20:A8:69:39:C8:DE:8A:ED:C3:05:24:3B:0F:D4:AD:86:54:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ogqGk5yN6K7cMFJDsP1K2GVNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/162186-50d1-4761-aaf0-a542589799bc/1/pnWEyut7xbTzbzckXHtdZtnXA4I.roa
Signing time: Sun 06 Nov 2022 15:50:50 +0000
ROA not before: Sun 06 Nov 2022 15:50:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210558
IP address blocks: 194.26.192.0/24 maxlen: 24
2.58.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:4d:a3:2c:29:35:ee:2b:43:58:80:77:ea:6e:05:d5:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35a20a86939c8de8aedc305243b0fd4ad8654d0
Validity
Not Before: Nov 6 15:50:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a67584caeb7bc5b4f36f37245c7b5d66d9d70382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:14:f6:26:0e:49:b3:63:41:29:d1:b6:75:e3:
92:0c:1a:2b:e3:da:4a:a3:9f:57:e5:73:5e:8c:b6:
09:00:88:38:40:43:4f:9f:ea:c3:58:bd:92:0e:1f:
62:02:9d:26:10:7d:c6:c1:29:52:bf:ba:1f:10:1d:
39:a5:3c:62:bc:2e:4f:2c:4c:6c:98:a8:f3:7d:4c:
ec:a4:0f:46:62:04:38:2e:f7:37:9f:9e:78:58:5f:
14:ad:60:90:a6:b9:95:f1:fc:cb:f7:0e:ff:1d:5e:
03:91:12:b6:cc:46:00:8d:fe:dc:5d:38:78:9e:b1:
e7:30:b3:69:f7:0e:5f:86:37:eb:e8:c1:b3:b9:0c:
af:4b:53:a4:ad:95:25:47:00:8c:cd:43:35:75:49:
4c:cb:ba:69:50:c5:28:0d:18:72:af:83:3a:b6:3c:
00:d7:fb:72:25:47:a0:9b:02:ec:5f:fe:3c:90:0f:
5d:9c:41:f6:6d:c9:0e:6e:b7:a3:fe:35:3d:de:f6:
9f:08:c4:b0:f6:67:7c:b4:12:bc:ce:03:05:df:0c:
7e:6d:51:f3:5a:90:32:96:d0:d7:40:ff:b0:57:7a:
88:99:06:f5:7c:c3:ec:37:f0:e6:93:ec:61:0b:d0:
58:e3:47:64:e7:b4:ae:58:43:45:f0:d8:65:37:3a:
2a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:75:84:CA:EB:7B:C5:B4:F3:6F:37:24:5C:7B:5D:66:D9:D7:03:82
X509v3 Authority Key Identifier:
keyid:B3:5A:20:A8:69:39:C8:DE:8A:ED:C3:05:24:3B:0F:D4:AD:86:54:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ogqGk5yN6K7cMFJDsP1K2GVNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/162186-50d1-4761-aaf0-a542589799bc/1/pnWEyut7xbTzbzckXHtdZtnXA4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/162186-50d1-4761-aaf0-a542589799bc/1/s1ogqGk5yN6K7cMFJDsP1K2GVNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.56.0/24
194.26.192.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:fe:51:ef:61:64:c5:66:d3:e7:1d:f3:08:d7:40:08:9a:ba:
7e:12:8b:45:24:a9:55:bb:0d:3f:e9:25:36:8f:70:86:ba:b4:
dc:35:c5:9d:3e:ce:e4:27:e7:7c:39:e8:a1:60:b7:74:15:21:
3a:87:e9:5d:0b:ac:76:c8:8e:51:4b:f0:db:9d:5c:50:c8:3e:
a3:4a:2f:34:ea:07:21:c0:51:c8:37:aa:e1:be:32:4c:37:79:
b9:3d:0d:cb:05:34:7c:d6:d5:94:35:63:2e:65:29:13:f3:8d:
66:71:ae:6f:ae:92:96:4c:e0:18:a9:c7:ec:04:cf:33:c3:a8:
5e:33:e3:99:9a:29:54:8e:93:30:7d:bb:e9:a5:30:67:41:6b:
2a:59:4d:ee:66:08:54:0a:1a:d5:37:41:5f:0b:34:99:3c:82:
a9:b1:75:62:97:22:15:a6:ed:09:0c:aa:10:e9:e5:ae:6e:38:
82:e0:21:61:63:e2:ec:23:77:52:70:bb:2a:9d:6c:8f:3a:ed:
6c:35:28:d0:fc:e9:da:64:71:08:38:9c:c0:be:bd:28:d6:6a:
b7:26:d4:dc:ac:d6:4c:44:04:5a:79:84:28:2d:11:ff:3b:b1:
40:ca:3f:eb:b8:5a:e3:22:06:8b:cc:ac:88:3a:7e:16:07:47:
8f:4b:8c:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRNoywpNe4rQ1iAd+puBdXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNWEyMGE4NjkzOWM4ZGU4YWVkYzMwNTI0M2IwZmQ0YWQ4
NjU0ZDAwHhcNMjIxMTA2MTU1MDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjc1ODRjYWViN2JjNWI0ZjM2ZjM3MjQ1YzdiNWQ2NmQ5ZDcwMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxT2Jg5Js2NBKdG2deOSDBor49pK
o59X5XNejLYJAIg4QENPn+rDWL2SDh9iAp0mEH3GwSlSv7ofEB05pTxivC5PLExs
mKjzfUzspA9GYgQ4Lvc3n554WF8UrWCQprmV8fzL9w7/HV4DkRK2zEYAjf7cXTh4
nrHnMLNp9w5fhjfr6MGzuQyvS1OkrZUlRwCMzUM1dUlMy7ppUMUoDRhyr4M6tjwA
1/tyJUegmwLsX/48kA9dnEH2bckObrej/jU93vafCMSw9md8tBK8zgMF3wx+bVHz
WpAyltDXQP+wV3qImQb1fMPsN/Dmk+xhC9BY40dk57SuWENF8NhlNzoqYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKZ1hMrre8W08283JFx7XWbZ1wOCMB8GA1UdIwQY
MBaAFLNaIKhpOcjeiu3DBSQ7D9SthlTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFvZ3FHazV5TjZLN2NNRkpEc1AxSzJHVk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8xNjIxODYtNTBkMS00NzYxLWFhZjAt
YTU0MjU4OTc5OWJjLzEvcG5XRXl1dDd4YlR6Ynpja1hIdGRadG5YQTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8xNjIxODYtNTBkMS00NzYxLWFhZjAtYTU0MjU4OTc5OWJj
LzEvczFvZ3FHazV5TjZLN2NNRkpEc1AxSzJHVk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjo4AwQA
whrAMA0GCSqGSIb3DQEBCwUAA4IBAQCb/lHvYWTFZtPnHfMI10AImrp+EotFJKlV
uw0/6SU2j3CGurTcNcWdPs7kJ+d8OeihYLd0FSE6h+ldC6x2yI5RS/DbnVxQyD6j
Si806gchwFHIN6rhvjJMN3m5PQ3LBTR81tWUNWMuZSkT841mca5vrpKWTOAYqcfs
BM8zw6heM+OZmilUjpMwfbvppTBnQWsqWU3uZghUChrVN0FfCzSZPIKpsXVilyIV
pu0JDKoQ6eWubjiC4CFhY+LsI3dScLsqnWyPOu1sNSjQ/OnaZHEIOJzAvr0o1mq3
JtTcrNZMRARaeYQoLRH/O7FAyj/ruFrjIgaLzKyIOn4WB0ePS4z7
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:12:06 2025 by rpki-client