Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/PHKTPXqThmdBxjS9zPHlWjKHbC8.roa
File: PHKTPXqThmdBxjS9zPHlWjKHbC8.roa (raw, json)
Hash identifier: wILTYKPToNKMWbvlCDkhZMe5dbpVkWutp0sYWGT/ll0=
Subject key identifier: 3C:72:93:3D:7A:93:86:67:41:C6:34:BD:CC:F1:E5:5A:32:87:6C:2F
Certificate issuer: /CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Certificate serial: 3825DA40
Authority key identifier: 05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/PHKTPXqThmdBxjS9zPHlWjKHbC8.roa
Signing time: Mon 28 Mar 2022 05:51:36 +0000
ROA not before: Mon 28 Mar 2022 05:51:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35625
IP address blocks: 195.74.80.0/24 maxlen: 24
45.138.192.0/22 maxlen: 22
185.161.44.0/22 maxlen: 22
185.252.156.0/22 maxlen: 22
37.235.88.0/21 maxlen: 21
46.29.120.0/21 maxlen: 21
185.75.140.0/22 maxlen: 22
2a02:21c8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 942004800 (0x3825da40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Validity
Not Before: Mar 28 05:51:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c72933d7a93866741c634bdccf1e55a32876c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:07:0c:1d:73:3f:cc:dd:3d:29:36:fd:58:6c:
ff:8b:93:c0:62:11:7a:db:94:26:26:8c:fe:bd:ff:
33:71:8f:ae:4d:a1:1b:ec:d8:ec:de:f6:62:e2:8d:
52:b5:a3:b1:fe:17:16:4e:2b:06:20:bd:92:31:dd:
13:9c:3d:d2:16:3a:56:a8:84:bc:81:c0:60:a7:87:
00:de:e1:8d:33:f9:8b:5d:07:dd:08:c3:f1:f9:86:
e3:81:61:23:db:ab:a2:cf:72:36:ec:17:42:03:90:
c5:ca:56:b0:96:1e:08:30:c0:af:0d:79:ed:1e:18:
34:b8:a5:96:b8:28:a2:cc:5c:75:d5:78:e6:d2:13:
8f:38:a3:c6:24:b7:88:c4:6d:d4:38:2c:d7:cf:d3:
4e:74:c4:40:be:eb:ab:0b:9e:2c:71:7f:a5:a4:de:
5e:87:bf:98:1b:f4:52:1e:3f:a5:92:b2:cf:6c:2b:
8c:3f:43:27:76:a5:a4:f9:ef:67:c8:a9:84:e7:ef:
a0:66:c6:77:98:36:fd:a0:e5:3f:78:c6:1e:d4:ae:
01:9b:db:a9:7b:3e:a2:c5:a4:de:f5:32:a0:b1:e3:
74:3c:7f:cb:f4:56:b3:6b:96:70:95:1e:61:d7:1f:
5f:27:e7:35:ea:65:94:20:d4:01:98:0e:6e:6e:0e:
fb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:72:93:3D:7A:93:86:67:41:C6:34:BD:CC:F1:E5:5A:32:87:6C:2F
X509v3 Authority Key Identifier:
keyid:05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/PHKTPXqThmdBxjS9zPHlWjKHbC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/BdZYWUtlNkssLlampF67BoR7OEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.88.0/21
45.138.192.0/22
46.29.120.0/21
185.75.140.0/22
185.161.44.0/22
185.252.156.0/22
195.74.80.0/24
IPv6:
2a02:21c8::/32
Signature Algorithm: sha256WithRSAEncryption
d2:6f:3d:92:19:a1:f5:b8:e9:2b:3e:94:f8:a5:cb:03:b0:94:
f0:bf:0c:89:0c:e5:df:b4:06:0b:8c:aa:9a:ff:cc:17:28:a0:
61:0a:2c:d4:00:06:74:c2:f1:21:8d:4a:78:49:96:7d:9b:ad:
60:d1:85:32:b1:66:26:b0:ca:4d:1c:96:d9:0f:f1:5a:68:19:
d9:3e:ad:3f:4d:75:58:41:a7:cd:71:5c:d0:2f:02:00:91:b7:
cf:68:36:09:b8:31:ab:b7:ca:ad:fe:b0:a8:21:be:dc:3d:33:
36:03:e2:9a:68:42:46:a2:f2:22:8e:48:43:43:59:ca:cd:90:
e0:65:fb:b3:98:19:20:d3:2e:9e:98:f0:71:50:20:59:8f:1f:
ec:39:89:0d:3d:47:eb:4c:ae:38:5e:2e:4b:e7:1a:39:e7:91:
fa:3f:69:fe:6c:d4:47:10:11:25:e5:55:4f:19:25:5f:5c:cd:
30:e2:8a:70:4b:b2:da:2e:10:e1:fe:46:f5:f3:b6:57:62:bd:
31:b7:45:8b:61:4b:e4:05:53:af:58:c1:68:a8:17:30:e2:1a:
cc:e0:06:e9:7a:6e:8b:a2:e0:73:b4:46:02:1c:d3:d5:c8:27:
32:8a:4e:44:24:76:d1:dd:1c:c6:bf:5f:dd:6e:b2:d9:63:86:
fd:d1:f8:ba
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEOCXaQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWQ2NTg1OTRiNjUzNjRiMmMyZTU2YTZhNDVlYmIwNjg0N2IzODQ5MB4XDTIyMDMy
ODA1NTEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2M3MjkzM2Q3YTkz
ODY2NzQxYzYzNGJkY2NmMWU1NWEzMjg3NmMyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkHDB1zP8zdPSk2/Vhs/4uTwGIRetuUJiaM/r3/M3GPrk2h
G+zY7N72YuKNUrWjsf4XFk4rBiC9kjHdE5w90hY6VqiEvIHAYKeHAN7hjTP5i10H
3QjD8fmG44FhI9uros9yNuwXQgOQxcpWsJYeCDDArw157R4YNLillrgoosxcddV4
5tITjzijxiS3iMRt1Dgs18/TTnTEQL7rqwueLHF/paTeXoe/mBv0Uh4/pZKyz2wr
jD9DJ3alpPnvZ8iphOfvoGbGd5g2/aDlP3jGHtSuAZvbqXs+osWk3vUyoLHjdDx/
y/RWs2uWcJUeYdcfXyfnNepllCDUAZgObm4O+3UCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBQ8cpM9epOGZ0HGNL3M8eVaModsLzAfBgNVHSMEGDAWgBQF1lhZS2U2Sywu
VqakXrsGhHs4STAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JkWllXVXRsTmtzc0xsYW1wRjY3Qm9SN09Fay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvOWIxZjk1LTNiMTgtNDgxMi05MjRlLTdiZmRhNjI1NDRjZS8x
L1BIS1RQWHFUaG1kQnhqUzl6UEhsV2pLSGJDOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
OWIxZjk1LTNiMTgtNDgxMi05MjRlLTdiZmRhNjI1NDRjZS8xL0JkWllXVXRsTmtz
c0xsYW1wRjY3Qm9SN09Fay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAyXrWAMEAi2KwAMEAy4deAMEArlL
jAMEArmhLAMEArn8nAMEAMNKUDANBAIAAjAHAwUAKgIhyDANBgkqhkiG9w0BAQsF
AAOCAQEA0m89khmh9bjpKz6U+KXLA7CU8L8MiQzl37QGC4yqmv/MFyigYQos1AAG
dMLxIY1KeEmWfZutYNGFMrFmJrDKTRyW2Q/xWmgZ2T6tP011WEGnzXFc0C8CAJG3
z2g2Cbgxq7fKrf6wqCG+3D0zNgPimmhCRqLyIo5IQ0NZys2Q4GX7s5gZINMunpjw
cVAgWY8f7DmJDT1H60yuOF4uS+caOeeR+j9p/mzURxARJeVVTxklX1zNMOKKcEuy
2i4Q4f5G9fO2V2K9MbdFi2FL5AVTr1jBaKgXMOIazOAG6Xpui6Lgc7RGAhzT1cgn
MopORCR20d0cxr9f3W6y2WOG/dH4ug==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:20 2023 by rpki-client on console-ams.rpki-client.org