Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/PkhY-f2xVCAJj2JOyZd81h8bUeo.roa
File: PkhY-f2xVCAJj2JOyZd81h8bUeo.roa (raw, json)
Hash identifier: yeavS0LJIF8YC9zDemc4cTJ7m8CWIY1niP3wN1wdlQo=
Subject key identifier: 3E:48:58:F9:FD:B1:54:20:09:8F:62:4E:C9:97:7C:D6:1F:1B:51:EA
Certificate issuer: /CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Certificate serial: 143C5AD5
Authority key identifier: 34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/PkhY-f2xVCAJj2JOyZd81h8bUeo.roa
Signing time: Tue 15 Feb 2022 12:49:07 +0000
ROA not before: Tue 15 Feb 2022 12:49:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.120.172.0/24 maxlen: 24
185.120.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 339499733 (0x143c5ad5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Validity
Not Before: Feb 15 12:49:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e4858f9fdb15420098f624ec9977cd61f1b51ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:34:c2:0b:24:ba:69:56:06:53:44:19:51:c8:
1c:41:95:ab:1f:9f:25:0d:b5:fc:4a:71:42:6f:01:
1a:36:77:98:c5:1f:f1:8c:31:92:f8:f2:83:5c:81:
6c:e9:24:9d:e3:8d:99:fa:45:99:32:77:de:0c:d0:
ce:24:cd:21:6c:c9:a3:0b:e7:76:c0:27:60:22:87:
7f:bc:76:eb:58:2a:1b:3a:e4:42:b1:86:82:4a:19:
e7:fa:77:3a:8b:33:cd:2d:f2:fc:fb:98:6e:d6:13:
d6:cd:02:35:f9:36:45:7b:c7:92:6e:8c:0a:83:72:
78:eb:e6:77:45:1a:eb:34:1e:9f:ff:a0:85:92:28:
11:17:85:f7:bc:4a:99:c0:75:d4:21:2b:e2:38:db:
88:90:65:cc:07:4d:3d:5e:a4:97:b0:12:fd:76:c0:
c7:a3:63:d6:72:02:ce:da:b0:5b:3f:eb:19:b3:12:
5f:0c:66:a0:2b:0c:19:95:b3:4c:56:06:17:20:1c:
98:d8:8a:45:7d:84:4d:ad:aa:3b:5f:5e:1c:97:9d:
5b:6d:33:88:8a:12:25:c7:50:ee:da:63:dc:cc:32:
3a:88:fb:8f:0c:a4:a3:68:e4:11:05:8e:84:d1:2d:
ef:c2:a2:1f:32:48:0b:f2:c1:94:60:f1:fc:ea:9d:
d9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:48:58:F9:FD:B1:54:20:09:8F:62:4E:C9:97:7C:D6:1F:1B:51:EA
X509v3 Authority Key Identifier:
keyid:34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/PkhY-f2xVCAJj2JOyZd81h8bUeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.172.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:eb:65:96:ea:98:0e:59:ce:b9:2c:93:a5:19:9d:69:42:e5:
62:05:0a:8f:96:e7:21:7f:ff:7c:14:8d:aa:a0:24:df:f4:01:
c3:51:ed:be:9b:7f:a2:b1:ee:ea:94:75:37:bd:6c:37:39:51:
28:88:2e:b4:94:21:b4:2e:2e:dd:2a:e4:74:64:74:04:e4:27:
ba:f9:2e:89:f0:de:19:37:f3:bb:32:38:71:33:30:c6:07:f9:
ca:49:28:73:f8:11:52:21:bc:17:ec:d1:e8:fd:ff:0c:5c:47:
66:65:76:36:4b:11:2e:77:11:1a:e4:86:65:7c:a7:38:ca:35:
4a:eb:fa:d6:6e:3e:4e:11:4d:98:51:a2:19:44:be:e8:3f:72:
32:28:ed:ec:30:ce:55:fb:3b:e8:59:a2:49:b4:27:72:3f:8e:
70:17:df:c7:69:03:20:01:f9:1e:df:3d:d4:92:ac:ef:cb:03:
c2:eb:8f:2c:a0:63:21:71:41:16:a5:49:ec:74:5d:24:32:e6:
d8:52:6d:51:95:27:35:3d:a3:78:97:3d:01:f7:3c:21:70:4b:
64:b6:79:64:9b:c1:3d:19:f2:b9:4d:ef:ef:97:32:6d:28:ac:
d1:ec:57:0c:f0:22:ab:f4:77:a9:b1:fc:4d:86:0a:2a:05:03:
5c:c8:f0:1f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFDxa1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDVhZTY0NmVhMzRhZDI2ODhhY2EyZmRkMWE2ZjMzNDAzNTY0OTVlMB4XDTIyMDIx
NTEyNDkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U0ODU4ZjlmZGIx
NTQyMDA5OGY2MjRlYzk5NzdjZDYxZjFiNTFlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJM0wgskumlWBlNEGVHIHEGVqx+fJQ21/EpxQm8BGjZ3mMUf
8Ywxkvjyg1yBbOkkneONmfpFmTJ33gzQziTNIWzJowvndsAnYCKHf7x261gqGzrk
QrGGgkoZ5/p3OoszzS3y/PuYbtYT1s0CNfk2RXvHkm6MCoNyeOvmd0Ua6zQen/+g
hZIoEReF97xKmcB11CEr4jjbiJBlzAdNPV6kl7AS/XbAx6Nj1nICztqwWz/rGbMS
XwxmoCsMGZWzTFYGFyAcmNiKRX2ETa2qO19eHJedW20ziIoSJcdQ7tpj3MwyOoj7
jwyko2jkEQWOhNEt78KiHzJIC/LBlGDx/Oqd2XECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+SFj5/bFUIAmPYk7Jl3zWHxtR6jAfBgNVHSMEGDAWgBQ0WuZG6jStJois
ov3RpvM0A1ZJXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Gcm1SdW8wclNhSXJLTDkwYWJ6TkFOV1NWNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvM2NjMTM1LWYxNjYtNDJlYi04MjAzLWY0OTEyMGJlZDUxYy8x
L1BraFktZjJ4VkNBSmoySk95WmQ4MWg4YlVlby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
M2NjMTM1LWYxNjYtNDJlYi04MjAzLWY0OTEyMGJlZDUxYy8xL05Gcm1SdW8wclNh
SXJLTDkwYWJ6TkFOV1NWNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbl4rDANBgkqhkiG9w0BAQsFAAOC
AQEAuutlluqYDlnOuSyTpRmdaULlYgUKj5bnIX//fBSNqqAk3/QBw1Htvpt/orHu
6pR1N71sNzlRKIgutJQhtC4u3SrkdGR0BOQnuvkuifDeGTfzuzI4cTMwxgf5ykko
c/gRUiG8F+zR6P3/DFxHZmV2NksRLncRGuSGZXynOMo1Suv61m4+ThFNmFGiGUS+
6D9yMijt7DDOVfs76FmiSbQncj+OcBffx2kDIAH5Ht891JKs78sDwuuPLKBjIXFB
FqVJ7HRdJDLm2FJtUZUnNT2jeJc9Afc8IXBLZLZ5ZJvBPRnyuU3v75cybSis0exX
DPAiq/R3qbH8TYYKKgUDXMjwHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:33 2024 by rpki-client on console-ams.rpki-client.org