Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/PpEV3cG0QJIsIJJuiqs8MbqW8qg.roa
File: PpEV3cG0QJIsIJJuiqs8MbqW8qg.roa (raw, json)
Hash identifier: h9DmMotBPjfNgeO5+sqOXNpAb3Qluo2OrX5NIg/4j84=
Subject key identifier: 3E:91:15:DD:C1:B4:40:92:2C:20:92:6E:8A:AB:3C:31:BA:96:F2:A8
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018530842B13E2DF3ACB0DAAF7F50C4975AA
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/PpEV3cG0QJIsIJJuiqs8MbqW8qg.roa
Signing time: Tue 20 Dec 2022 17:10:46 +0000
ROA not before: Tue 20 Dec 2022 17:10:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205262
IP address blocks: 89.40.74.0/24 maxlen: 24
37.122.216.0/22 maxlen: 24
185.205.252.0/22 maxlen: 22
185.84.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:84:2b:13:e2:df:3a:cb:0d:aa:f7:f5:0c:49:75:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Dec 20 17:10:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e9115ddc1b440922c20926e8aab3c31ba96f2a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f6:31:8a:7b:4d:1b:b5:03:1e:21:55:4b:db:
5a:3f:00:c7:57:e7:c4:e1:ab:38:bc:06:40:4a:3e:
e2:9b:6f:9f:f9:50:fa:90:00:45:58:a8:45:90:4b:
e5:1e:d8:15:1e:bb:bc:b0:23:a9:58:93:a2:05:78:
66:b4:ac:0b:ab:3d:e5:d5:ac:9e:4d:58:5e:0d:1b:
3a:e5:df:19:84:90:51:db:ed:37:90:9b:a4:a4:58:
eb:90:ce:5f:ca:67:1f:a3:8a:63:7a:51:19:71:a7:
5e:fd:47:d4:c5:ec:e4:33:cc:6e:0b:52:44:49:a7:
6f:8a:14:16:df:a9:fd:f0:3f:b9:b8:cb:be:bc:b3:
90:94:bc:9d:cd:ba:ea:3b:51:4e:c8:9f:e9:8c:fa:
76:15:60:da:c7:a1:ce:8e:d8:d9:81:7b:36:05:b0:
25:e7:cc:ee:c1:ea:7c:07:82:b3:43:9d:ad:77:69:
2c:1f:24:cd:21:4a:3d:7b:04:1e:ef:93:54:99:78:
1e:8e:11:18:5b:e7:8c:81:4c:da:71:6d:25:be:58:
3b:81:19:18:56:41:58:c1:01:5e:aa:db:1c:d5:65:
db:f4:9d:a0:19:b0:65:78:6b:e0:8d:a7:5a:36:d3:
07:c6:54:e8:a5:4b:d4:62:50:55:05:1c:83:68:df:
6b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:91:15:DD:C1:B4:40:92:2C:20:92:6E:8A:AB:3C:31:BA:96:F2:A8
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/PpEV3cG0QJIsIJJuiqs8MbqW8qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.216.0/22
89.40.74.0/24
185.84.204.0/22
185.205.252.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:12:58:d6:42:fb:8b:1e:48:07:f4:f0:2d:99:84:23:c4:29:
c7:ea:97:f3:83:30:11:41:5f:04:b8:41:08:c0:35:56:2a:b3:
32:87:4c:f9:50:30:50:fb:2e:14:6c:fd:75:12:3a:30:10:ab:
45:1f:76:74:10:89:71:16:d3:1b:d7:c5:09:80:b8:25:16:8e:
1b:af:17:22:9a:df:f8:ee:1d:1f:cf:82:0f:ef:b4:2a:55:28:
c2:c0:4e:7f:0b:45:78:92:94:18:4f:fe:43:ee:5a:32:83:4e:
f9:1a:5b:08:f0:36:ad:c2:a7:3d:de:bf:a6:01:79:46:1e:69:
d1:08:fd:b3:e8:85:17:7d:5b:f6:6e:63:d6:ee:a8:62:d6:a6:
91:20:c7:0b:08:de:56:fe:bd:7e:56:be:ff:f1:80:2d:51:4d:
64:4b:d3:b7:ac:3f:b1:44:de:33:73:8f:12:74:c1:e4:b5:3f:
56:f6:06:6d:2e:85:bf:fa:23:01:62:b2:d5:1a:35:45:32:50:
51:94:a3:35:16:0e:29:20:78:1f:1d:71:df:1f:5d:ea:b0:65:
6d:2a:db:a7:c0:b6:0c:56:92:49:74:18:a4:31:67:85:43:de:
75:51:64:78:ef:8e:66:39:a1:b4:17:65:b1:18:51:b9:8c:97:
37:e1:0b:07
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUwhCsT4t86yw2q9/UMSXWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMjIwMTcxMDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTkxMTVkZGMxYjQ0MDkyMmMyMDkyNmU4YWFiM2MzMWJhOTZmMmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPYxintNG7UDHiFVS9taPwDHV+fE
4as4vAZASj7im2+f+VD6kABFWKhFkEvlHtgVHru8sCOpWJOiBXhmtKwLqz3l1aye
TVheDRs65d8ZhJBR2+03kJukpFjrkM5fymcfo4pjelEZcade/UfUxezkM8xuC1JE
SadvihQW36n98D+5uMu+vLOQlLydzbrqO1FOyJ/pjPp2FWDax6HOjtjZgXs2BbAl
58zuwep8B4KzQ52td2ksHyTNIUo9ewQe75NUmXgejhEYW+eMgUzacW0lvlg7gRkY
VkFYwQFeqtsc1WXb9J2gGbBleGvgjadaNtMHxlTopUvUYlBVBRyDaN9rOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD6RFd3BtECSLCCSboqrPDG6lvKoMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvUHBFVjNjRzBRSklzSUpKdWlxczhNYnFXOHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJXrYAwQA
WShKAwQCuVTMAwQCuc38MA0GCSqGSIb3DQEBCwUAA4IBAQC3EljWQvuLHkgH9PAt
mYQjxCnH6pfzgzARQV8EuEEIwDVWKrMyh0z5UDBQ+y4UbP11EjowEKtFH3Z0EIlx
FtMb18UJgLglFo4brxcimt/47h0fz4IP77QqVSjCwE5/C0V4kpQYT/5D7loyg075
GlsI8Datwqc93r+mAXlGHmnRCP2z6IUXfVv2bmPW7qhi1qaRIMcLCN5W/r1+Vr7/
8YAtUU1kS9O3rD+xRN4zc48SdMHktT9W9gZtLoW/+iMBYrLVGjVFMlBRlKM1Fg4p
IHgfHXHfH13qsGVtKtunwLYMVpJJdBikMWeFQ951UWR4745mOaG0F2WxGFG5jJc3
4QsH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org