Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/PNDgaBAh8y8cfdvTaPIrLJYmuwY.roa
File: PNDgaBAh8y8cfdvTaPIrLJYmuwY.roa (raw, json)
Hash identifier: 7upgzQkQ9LPzf8zQp0LiqYso2qlUWZEapprQWz9vAeg=
Subject key identifier: 3C:D0:E0:68:10:21:F3:2F:1C:7D:DB:D3:68:F2:2B:2C:96:26:BB:06
Certificate issuer: /CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Certificate serial: 018AE0451B2A282D2FF693E1BAB8098AD4CF
Authority key identifier: E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/PNDgaBAh8y8cfdvTaPIrLJYmuwY.roa
Signing time: Fri 29 Sep 2023 09:28:59 +0000
ROA not before: Fri 29 Sep 2023 09:28:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39835
IP address blocks: 81.20.112.0/20 maxlen: 20
5.34.224.0/21 maxlen: 21
5.34.226.0/24 maxlen: 24
188.74.32.0/22 maxlen: 22
188.74.32.0/20 maxlen: 24
188.74.36.0/24 maxlen: 24
188.74.37.0/24 maxlen: 24
188.74.38.0/24 maxlen: 24
188.74.44.0/22 maxlen: 22
185.75.150.0/24 maxlen: 24
185.75.148.0/24 maxlen: 24
185.75.149.0/24 maxlen: 24
2a03:4b20::/29 maxlen: 40
2a03:6880::/32 maxlen: 32
2a03:4b20:f000::/36 maxlen: 36
2a03:4b20::/32 maxlen: 32
2a03:4b21::/32 maxlen: 32
2a03:4b22::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e0:45:1b:2a:28:2d:2f:f6:93:e1:ba:b8:09:8a:d4:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Validity
Not Before: Sep 29 09:28:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cd0e0681021f32f1c7ddbd368f22b2c9626bb06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ec:7b:f4:19:b6:64:66:17:ee:5f:9e:79:4e:
5f:18:09:47:7a:25:dd:81:1e:59:45:62:dd:f6:20:
a1:d7:e9:7b:5a:f5:06:0b:84:12:5d:30:eb:f7:a5:
cc:b5:df:96:a0:fe:be:1e:6e:3d:52:84:b4:53:3e:
92:10:bd:c1:b0:4b:d1:76:ad:7b:68:84:4f:12:68:
9b:ea:92:37:a2:e4:18:e1:d9:7a:35:aa:cd:15:1c:
0f:e0:57:6a:92:fa:92:7d:8d:64:54:30:7a:19:cd:
f6:c3:5c:46:07:c5:a5:45:2f:e3:54:0c:65:ba:55:
5c:85:9b:cc:cd:8c:d6:28:95:8b:c5:21:67:fe:8c:
e3:25:f2:eb:d4:1f:03:35:97:39:cf:b4:3f:ac:1f:
7a:b5:3d:a1:4a:fd:36:98:43:b4:a9:7b:4f:eb:7d:
e7:47:5a:17:eb:e6:65:ef:55:3f:a0:91:d1:3f:f2:
8b:70:ed:a9:66:d8:4d:13:65:90:ee:9b:89:b0:28:
f8:8b:27:93:a6:01:0c:60:01:81:b2:ba:a9:f4:a4:
aa:e7:df:47:93:16:7b:3f:5e:d3:a9:fb:55:f2:4f:
87:87:c3:6a:5c:8a:af:be:28:fa:4d:01:1c:f1:36:
ba:87:25:81:87:6d:71:66:50:2a:fa:24:2d:b1:d2:
3c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D0:E0:68:10:21:F3:2F:1C:7D:DB:D3:68:F2:2B:2C:96:26:BB:06
X509v3 Authority Key Identifier:
keyid:E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/PNDgaBAh8y8cfdvTaPIrLJYmuwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/458aboTAJ378tW2UKw615FZHESk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.224.0/21
81.20.112.0/20
185.75.148.0-185.75.150.255
188.74.32.0/20
IPv6:
2a03:4b20::/29
2a03:6880::/32
Signature Algorithm: sha256WithRSAEncryption
99:5f:8e:b0:0d:1a:03:7e:ec:33:8a:4d:fa:79:90:9d:85:71:
c3:2f:03:52:df:e2:0d:e2:4c:f8:89:8f:ad:64:1f:0c:51:4b:
82:b8:7e:5b:33:1b:78:ab:ba:ac:64:e1:0b:d5:14:28:a2:ef:
93:00:a5:38:c6:6b:7d:83:9b:eb:03:5d:d8:00:6b:67:00:0a:
64:91:dc:b4:eb:82:e4:5e:d6:8a:d9:4f:f4:47:64:5b:fe:b4:
c6:e9:92:ed:f6:c0:89:fd:3a:5f:e3:3c:52:6e:fd:1f:01:92:
e3:3b:5b:76:ad:df:8c:df:e8:0d:cb:45:f0:7f:36:d1:19:4e:
d4:8f:f9:03:d4:27:b8:c2:90:39:de:0d:f2:3b:62:04:cb:00:
8c:e5:9f:f8:be:0d:d8:72:22:37:00:71:ed:e0:78:d7:36:b1:
ad:21:2b:62:83:08:90:e2:51:96:eb:ee:fd:14:51:1c:d7:3c:
08:e1:82:2d:63:77:94:36:f9:69:6a:65:f5:2f:c4:b6:fd:20:
de:e3:2b:1c:d2:dc:a0:3e:d6:27:b8:92:8a:ee:7a:86:1b:19:
08:42:5f:10:c4:fb:33:3c:d0:04:b5:e9:9b:80:69:de:6b:18:
4d:ef:96:d0:b9:b7:64:92:60:18:7d:5f:92:3c:19:d3:f0:f0:
2b:7a:01:93
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYrgRRsqKC0v9pPhurgJitTPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOWYxYTZlODRjMDI3N2VmY2I1NmQ5NDJiMGViNWU0NTY0
NzExMjkwHhcNMjMwOTI5MDkyODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2QwZTA2ODEwMjFmMzJmMWM3ZGRiZDM2OGYyMmIyYzk2MjZiYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ex79Bm2ZGYX7l+eeU5fGAlHeiXd
gR5ZRWLd9iCh1+l7WvUGC4QSXTDr96XMtd+WoP6+Hm49UoS0Uz6SEL3BsEvRdq17
aIRPEmib6pI3ouQY4dl6NarNFRwP4FdqkvqSfY1kVDB6Gc32w1xGB8WlRS/jVAxl
ulVchZvMzYzWKJWLxSFn/ozjJfLr1B8DNZc5z7Q/rB96tT2hSv02mEO0qXtP633n
R1oX6+Zl71U/oJHRP/KLcO2pZthNE2WQ7puJsCj4iyeTpgEMYAGBsrqp9KSq599H
kxZ7P17TqftV8k+Hh8NqXIqvvij6TQEc8Ta6hyWBh21xZlAq+iQtsdI8bwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDzQ4GgQIfMvHH3b02jyKyyWJrsGMB8GA1UdIwQY
MBaAFOOfGm6EwCd+/LVtlCsOteRWRxEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMt
MGU1MzkyNzU3ZjgyLzEvUE5EZ2FCQWg4eThjZmR2VGFQSXJMSlltdXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMtMGU1MzkyNzU3Zjgy
LzEvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAmBAIAATAgAwQDBSLgAwQE
URRwMAwDBAK5S5QDBAC5S5YDBAS8SiAwFAQCAAIwDgMFAyoDSyADBQAqA2iAMA0G
CSqGSIb3DQEBCwUAA4IBAQCZX46wDRoDfuwzik36eZCdhXHDLwNS3+IN4kz4iY+t
ZB8MUUuCuH5bMxt4q7qsZOEL1RQoou+TAKU4xmt9g5vrA13YAGtnAApkkdy064Lk
XtaK2U/0R2Rb/rTG6ZLt9sCJ/Tpf4zxSbv0fAZLjO1t2rd+M3+gNy0XwfzbRGU7U
j/kD1Ce4wpA53g3yO2IEywCM5Z/4vg3YciI3AHHt4HjXNrGtIStigwiQ4lGW6+79
FFEc1zwI4YItY3eUNvlpamX1L8S2/SDe4ysc0tygPtYnuJKK7nqGGxkIQl8QxPsz
PNAEtembgGneaxhN75bQubdkkmAYfV+SPBnT8PAregGT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:46 2025 by rpki-client