Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/PgwLQSEfVAuzwb09GthnPXQfirk.roa
File: PgwLQSEfVAuzwb09GthnPXQfirk.roa (raw, json)
Hash identifier: Xc23f3sufDjx+uGss47mWJ4ftUmkEjRClJTp65PEZr8=
Subject key identifier: 3E:0C:0B:41:21:1F:54:0B:B3:C1:BD:3D:1A:D8:67:3D:74:1F:8A:B9
Certificate issuer: /CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3
Certificate serial: 0A688B32
Authority key identifier: D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/PgwLQSEfVAuzwb09GthnPXQfirk.roa
Signing time: Sat 01 Jan 2022 16:06:09 +0000
ROA not before: Sat 01 Jan 2022 16:06:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202005
IP address blocks: 185.216.252.0/24 maxlen: 24
185.216.252.0/22 maxlen: 22
185.216.253.0/24 maxlen: 24
185.216.255.0/24 maxlen: 24
185.216.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174623538 (0xa688b32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3
Validity
Not Before: Jan 1 16:06:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e0c0b41211f540bb3c1bd3d1ad8673d741f8ab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:93:00:ec:48:2c:88:64:8d:ca:d8:76:10:71:
57:e5:d0:0f:18:7d:b1:c2:fe:e5:ce:9e:9f:cb:df:
8d:67:cb:30:4e:04:4c:8b:a1:f1:48:b7:df:d0:ed:
88:46:66:a5:ad:24:f2:ad:81:8b:92:8f:98:a7:ed:
67:98:e3:36:bd:78:0d:94:f2:1d:78:bd:e2:a0:8a:
ae:c2:d0:b2:30:93:f9:8d:57:28:db:ca:2e:84:a9:
7f:8b:57:28:78:9e:b4:b5:9d:c0:c8:09:c0:72:61:
d5:fe:b4:28:b2:f6:e6:1d:7b:15:d6:c3:24:84:2f:
7e:b2:fa:e1:9e:6c:cf:c0:67:e2:ba:f9:f0:6d:54:
e7:b3:5d:fe:49:2f:92:d1:fc:84:ef:64:f7:f9:81:
50:14:3a:4f:b2:11:06:f7:7c:5c:5f:d5:dd:46:5f:
1c:f5:45:f9:e1:10:51:76:b2:ab:73:d0:37:fd:ed:
11:40:44:57:d0:7d:1d:fa:f7:0a:8c:7f:1a:92:3e:
be:73:f8:f5:61:a5:61:76:90:c5:40:c2:56:12:90:
0c:a5:f3:b3:9f:cb:8b:08:71:a7:32:17:9d:ac:95:
56:8e:85:de:03:f3:65:03:a6:c2:c3:5b:5c:30:e1:
58:56:33:89:c3:15:28:6c:05:3a:f5:66:ea:c6:53:
43:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:0C:0B:41:21:1F:54:0B:B3:C1:BD:3D:1A:D8:67:3D:74:1F:8A:B9
X509v3 Authority Key Identifier:
keyid:D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/PgwLQSEfVAuzwb09GthnPXQfirk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:14:35:55:04:02:78:c3:69:05:3e:c7:03:b0:f3:3c:93:88:
a2:42:ea:aa:94:e6:cc:cf:63:00:ac:2a:02:aa:95:7b:9f:b2:
b2:af:e6:f9:45:aa:d9:f3:57:1b:f1:26:82:0d:42:d8:dd:c4:
4f:7f:a0:7b:3c:0f:e5:17:68:5b:96:ef:d1:35:30:74:71:da:
a1:59:0c:d6:62:92:5b:43:ab:60:79:0b:34:44:4d:f3:21:b3:
fd:79:59:4d:a6:6d:99:a0:30:dc:9d:65:82:55:a3:a9:e4:10:
ba:7d:c7:90:ec:8c:0a:1c:35:1a:98:a8:af:ff:20:f6:3a:4c:
a6:98:b6:8e:9c:a2:a7:30:f2:3a:a8:67:04:94:be:2e:eb:e1:
b1:52:ec:b2:95:37:e8:e3:54:29:7b:51:12:d6:e8:fa:ef:f7:
cb:d2:f1:8e:9b:57:3e:27:4a:0f:96:2b:25:2f:40:04:80:e3:
59:96:e9:18:b0:3e:1a:60:0a:b2:79:4e:e4:96:a3:e9:e2:e4:
bc:fe:02:f5:87:9d:7a:9a:30:6c:44:64:51:44:13:0a:7d:33:
c5:d5:fe:ed:0c:40:7c:1e:e4:87:8f:7a:51:1f:c8:dd:a2:31:
cc:81:db:f8:c8:1d:58:6c:ea:0d:3c:d2:a2:5d:64:54:8a:43:
2a:a9:4c:dd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECmiLMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGY1YTY2Y2ZkMjFhNWNhZDdhMjliOGViNWNkOTJhYTQ2MDMyMGMzMB4XDTIyMDEw
MTE2MDYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2UwYzBiNDEyMTFm
NTQwYmIzYzFiZDNkMWFkODY3M2Q3NDFmOGFiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeTAOxILIhkjcrYdhBxV+XQDxh9scL+5c6en8vfjWfLME4E
TIuh8Ui339DtiEZmpa0k8q2Bi5KPmKftZ5jjNr14DZTyHXi94qCKrsLQsjCT+Y1X
KNvKLoSpf4tXKHietLWdwMgJwHJh1f60KLL25h17FdbDJIQvfrL64Z5sz8Bn4rr5
8G1U57Nd/kkvktH8hO9k9/mBUBQ6T7IRBvd8XF/V3UZfHPVF+eEQUXayq3PQN/3t
EUBEV9B9Hfr3Cox/GpI+vnP49WGlYXaQxUDCVhKQDKXzs5/LiwhxpzIXnayVVo6F
3gPzZQOmwsNbXDDhWFYzicMVKGwFOvVm6sZTQ38CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+DAtBIR9UC7PBvT0a2Gc9dB+KuTAfBgNVHSMEGDAWgBTY9aZs/SGlytei
m461zZKqRgMgwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJQV21iUDBocGNyWG9wdU90YzJTcWtZRElNTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvZmUyMGZmLTY1OTAtNGZiMC1iNjU3LTgyMTBkYjcwNDliMS8x
L1Bnd0xRU0VmVkF1endiMDlHdGhuUFhRZmlyay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
ZmUyMGZmLTY1OTAtNGZiMC1iNjU3LTgyMTBkYjcwNDliMS8xLzJQV21iUDBocGNy
WG9wdU90YzJTcWtZRElNTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnY/DANBgkqhkiG9w0BAQsFAAOC
AQEApBQ1VQQCeMNpBT7HA7DzPJOIokLqqpTmzM9jAKwqAqqVe5+ysq/m+UWq2fNX
G/Emgg1C2N3ET3+gezwP5RdoW5bv0TUwdHHaoVkM1mKSW0OrYHkLNERN8yGz/XlZ
TaZtmaAw3J1lglWjqeQQun3HkOyMChw1Gpior/8g9jpMppi2jpyipzDyOqhnBJS+
LuvhsVLsspU36ONUKXtREtbo+u/3y9LxjptXPidKD5YrJS9ABIDjWZbpGLA+GmAK
snlO5Jaj6eLkvP4C9YedepowbERkUUQTCn0zxdX+7QxAfB7kh496UR/I3aIxzIHb
+MgdWGzqDTzSol1kVIpDKqlM3Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:37 2023 by rpki-client on console-ams.rpki-client.org