Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/Pxp_wgPlOQXr5kwBe6jFTHcqL4k.roa
File: Pxp_wgPlOQXr5kwBe6jFTHcqL4k.roa (raw, json)
Hash identifier: jC2JbwVJPWJWtjaN5ixH4i+l5u2v4SRSA+SmuE0Didc=
Subject key identifier: 3F:1A:7F:C2:03:E5:39:05:EB:E6:4C:01:7B:A8:C5:4C:77:2A:2F:89
Certificate issuer: /CN=1232303d1638e0735240491aaa9e42b1887adaca
Certificate serial: 1B24AC08
Authority key identifier: 12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/Pxp_wgPlOQXr5kwBe6jFTHcqL4k.roa
Signing time: Sat 14 May 2022 08:30:41 +0000
ROA not before: Sat 14 May 2022 08:30:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51440
IP address blocks: 46.28.136.0/24 maxlen: 24
46.28.140.0/24 maxlen: 24
95.215.130.0/24 maxlen: 24
95.215.129.0/24 maxlen: 24
195.35.85.0/24 maxlen: 24
46.32.222.0/24 maxlen: 24
5.34.160.0/24 maxlen: 24
2a03:2940::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 455388168 (0x1b24ac08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1232303d1638e0735240491aaa9e42b1887adaca
Validity
Not Before: May 14 08:30:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f1a7fc203e53905ebe64c017ba8c54c772a2f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:53:03:6a:16:8f:2d:6c:a2:56:03:d3:db:ba:
4a:fa:c0:0d:0c:0f:2e:b0:01:82:76:68:12:f9:df:
2e:5f:70:35:9e:93:b5:fe:6d:c2:fe:8d:ce:45:94:
db:1b:dd:74:b1:15:ca:5d:cc:62:9e:ff:b3:b8:2f:
11:92:ea:e0:90:0e:25:c8:04:54:68:15:b7:6e:c7:
bd:73:d3:98:1d:67:54:58:1b:f6:c9:d9:83:ca:9a:
6f:5f:d1:07:5f:ba:5b:af:77:de:fc:21:15:fd:ce:
4e:13:61:92:3c:34:5b:de:75:a5:91:f1:b7:c2:08:
86:97:bf:36:db:8c:a3:5d:ba:b7:85:ea:d0:b7:3d:
bf:c7:c0:d0:3b:d8:58:04:c9:77:ac:c6:f0:ac:fa:
c3:de:39:bd:11:24:fc:96:2c:0b:ce:84:ab:c0:30:
9f:78:05:8d:3b:d2:66:62:4d:03:ef:92:31:87:47:
68:0c:7b:10:e5:8b:d6:d5:a6:88:73:db:4d:84:f6:
c7:c9:59:8c:06:84:60:1a:58:5a:2c:a7:e6:36:1e:
5c:ee:af:aa:dc:69:ab:bc:84:06:9c:4a:f4:b0:8a:
37:f5:24:0f:2c:bc:b6:91:9e:7c:35:b7:2e:33:e9:
8d:ad:d2:a1:3a:f1:e9:be:d4:c9:81:4c:e5:3f:d3:
8a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:1A:7F:C2:03:E5:39:05:EB:E6:4C:01:7B:A8:C5:4C:77:2A:2F:89
X509v3 Authority Key Identifier:
keyid:12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/Pxp_wgPlOQXr5kwBe6jFTHcqL4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/EjIwPRY44HNSQEkaqp5CsYh62so.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.160.0/24
46.28.136.0/24
46.28.140.0/24
46.32.222.0/24
95.215.129.0-95.215.130.255
195.35.85.0/24
IPv6:
2a03:2940::/32
Signature Algorithm: sha256WithRSAEncryption
93:75:1e:de:f3:cf:cd:f0:6a:a7:5e:f0:3b:ba:75:95:d6:3a:
0a:0f:40:96:0e:ee:ac:4e:2d:08:50:2e:0f:87:4b:d1:09:cf:
f0:b4:2b:58:dd:7b:b9:37:39:3c:8c:62:9b:ee:5d:ac:dd:21:
c4:be:c3:92:08:62:20:6d:4e:3a:fc:c8:a6:97:04:5f:66:d9:
61:b2:74:72:ba:c9:16:91:7c:22:1d:72:50:17:01:95:48:24:
4c:26:ec:7c:70:e1:cf:00:a8:00:4b:c7:a7:68:27:76:4d:10:
27:26:1f:53:20:c9:fd:64:a2:b1:20:ae:78:12:23:ae:74:98:
11:df:3f:1b:8c:01:f8:f3:a2:35:eb:c5:e3:0a:aa:d6:ad:b0:
61:93:36:40:7d:3b:7d:25:a8:46:ca:0e:1f:23:4d:0a:0c:86:
1b:93:0d:6d:f9:33:fe:d5:ff:0b:d9:d0:c2:db:ed:0c:80:f5:
d5:cc:ec:96:57:3e:cc:3e:1a:2c:b2:2a:dc:54:67:32:0e:40:
95:19:98:49:b6:67:f9:9d:4f:82:07:ee:f9:05:ea:7d:ac:48:
8a:d1:dd:28:5e:4b:a8:bb:5b:1a:4b:fe:73:ff:af:e2:3e:eb:
3c:c4:a2:1d:e3:00:2c:b4:8c:1d:15:cf:8e:1c:39:65:79:43:
c6:87:c2:ae
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEGySsCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MjMyMzAzZDE2MzhlMDczNTI0MDQ5MWFhYTllNDJiMTg4N2FkYWNhMB4XDTIyMDUx
NDA4MzA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2YxYTdmYzIwM2U1
MzkwNWViZTY0YzAxN2JhOGM1NGM3NzJhMmY4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBTA2oWjy1solYD09u6SvrADQwPLrABgnZoEvnfLl9wNZ6T
tf5twv6NzkWU2xvddLEVyl3MYp7/s7gvEZLq4JAOJcgEVGgVt27HvXPTmB1nVFgb
9snZg8qab1/RB1+6W6933vwhFf3OThNhkjw0W951pZHxt8IIhpe/NtuMo126t4Xq
0Lc9v8fA0DvYWATJd6zG8Kz6w945vREk/JYsC86Eq8Awn3gFjTvSZmJNA++SMYdH
aAx7EOWL1tWmiHPbTYT2x8lZjAaEYBpYWiyn5jYeXO6vqtxpq7yEBpxK9LCKN/Uk
Dyy8tpGefDW3LjPpja3SoTrx6b7UyYFM5T/Tio8CAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBQ/Gn/CA+U5BevmTAF7qMVMdyoviTAfBgNVHSMEGDAWgBQSMjA9Fjjgc1JA
SRqqnkKxiHrayjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VqSXdQUlk0NEhOU1FFa2FxcDVDc1loNjJzby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvMGFiMTY3LTMwOTQtNDEwMy04MTMxLTA2NDQxNGQwMzQwZi8x
L1B4cF93Z1BsT1FYcjVrd0JlNmpGVEhjcUw0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
MGFiMTY3LTMwOTQtNDEwMy04MTMxLTA2NDQxNGQwMzQwZi8xL0VqSXdQUlk0NEhO
U1FFa2FxcDVDc1loNjJzby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLAMEAAUioAMEAC4ciAMEAC4cjAMEAC4g
3jAMAwQAX9eBAwQAX9eCAwQAwyNVMA0EAgACMAcDBQAqAylAMA0GCSqGSIb3DQEB
CwUAA4IBAQCTdR7e88/N8GqnXvA7unWV1joKD0CWDu6sTi0IUC4Ph0vRCc/wtCtY
3Xu5Nzk8jGKb7l2s3SHEvsOSCGIgbU46/MimlwRfZtlhsnRyuskWkXwiHXJQFwGV
SCRMJux8cOHPAKgAS8enaCd2TRAnJh9TIMn9ZKKxIK54EiOudJgR3z8bjAH486I1
68XjCqrWrbBhkzZAfTt9JahGyg4fI00KDIYbkw1t+TP+1f8L2dDC2+0MgPXVzOyW
Vz7MPhossircVGcyDkCVGZhJtmf5nU+CB+75Bep9rEiK0d0oXkuou1saS/5z/6/i
Pus8xKId4wAstIwdFc+OHDlleUPGh8Ku
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:59 2024 by rpki-client on console-fra.rpki-client.org