Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PUawtCNqdnGqb1NjRB7e1khZIZc.roa
File: PUawtCNqdnGqb1NjRB7e1khZIZc.roa (raw, json)
Hash identifier: 4XiGf2ipxbG4rsTEcWAZhEkaBoM43awgAl+TwuqtmzM=
Subject key identifier: 3D:46:B0:B4:23:6A:76:71:AA:6F:53:63:44:1E:DE:D6:48:59:21:97
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184AD945AEF897B61FE5947AE049C03CC60
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PUawtCNqdnGqb1NjRB7e1khZIZc.roa
Signing time: Fri 25 Nov 2022 06:58:11 +0000
ROA not before: Fri 25 Nov 2022 06:58:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
45.12.69.0/24 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ad:94:5a:ef:89:7b:61:fe:59:47:ae:04:9c:03:cc:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 25 06:58:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d46b0b4236a7671aa6f5363441eded648592197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d7:82:3c:18:ec:b7:17:9e:ee:3a:10:ef:78:
a2:ed:e4:6a:0c:47:64:b9:d3:96:a0:98:ab:90:3d:
12:db:e1:33:b0:8f:66:c7:71:bc:94:8f:26:56:7c:
85:22:c5:2e:3f:7a:cc:fe:c2:54:89:c1:88:06:eb:
a8:f7:d4:f2:4a:6f:2a:c3:ee:cc:ca:48:9f:79:6c:
71:b6:22:16:6c:51:e2:f9:36:74:79:05:60:3f:6f:
7a:5a:51:f5:38:b7:6f:9e:b9:61:5f:1a:ec:e0:4e:
d7:12:7c:46:ca:0f:e7:41:e2:11:a2:5a:66:f0:6e:
a7:9c:6b:26:30:e5:0a:e5:f1:1d:cf:40:82:e6:47:
a4:12:e3:67:3f:d8:94:3c:97:c7:89:c3:c3:14:da:
0a:14:70:61:2c:a8:1a:29:07:c0:7d:5e:c6:f6:06:
c2:93:ee:ce:87:36:74:d2:af:37:d0:2c:bd:8f:7d:
c1:5a:91:5d:bc:0d:c7:53:ca:52:fe:f1:59:02:1b:
3c:7e:44:ad:fc:f5:6b:cf:66:03:25:42:5a:5e:76:
a7:67:2f:80:9e:e9:78:52:45:c8:e7:62:64:f7:57:
de:38:7a:16:ae:0c:ca:11:54:0d:bb:0d:9f:dd:cf:
36:4a:bd:6c:00:5e:d6:64:3b:e6:5e:52:32:4d:de:
1e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:46:B0:B4:23:6A:76:71:AA:6F:53:63:44:1E:DE:D6:48:59:21:97
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PUawtCNqdnGqb1NjRB7e1khZIZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.69.0/24
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c4:100::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
07:d2:22:88:0a:53:2c:22:5c:2d:9a:78:e7:89:10:b4:a1:1d:
4b:a4:5e:46:76:64:12:37:6d:21:ab:ed:c7:89:8b:81:8b:e8:
09:02:17:72:01:56:58:df:09:78:26:5b:ea:cc:33:d4:0d:04:
87:51:05:93:5b:24:ac:29:a7:9d:c7:90:10:99:fd:68:9b:5d:
35:20:ad:71:0f:58:96:e4:f1:94:3f:a9:46:65:cf:a0:77:9a:
e9:e8:64:6b:92:10:2e:07:a4:d3:ae:e3:8a:d5:18:f0:d0:e7:
2e:35:92:25:e5:d4:06:c7:61:24:b9:ad:af:38:8c:ec:83:01:
04:22:2f:6d:fc:b0:e6:35:9b:9c:7f:24:b5:7a:54:cb:83:3d:
a0:28:da:01:a6:ab:78:5b:08:79:c9:cb:5c:dc:2b:9a:05:ad:
33:6e:c9:f2:30:e9:2d:a1:43:62:65:52:77:2d:ee:99:35:a6:
54:b7:62:73:64:2b:38:ee:fa:c3:d7:35:c6:b2:3e:bf:38:dc:
b2:7f:58:17:01:a6:e8:ee:2b:fc:c5:c0:75:83:85:07:36:ba:
77:e5:7c:e0:35:33:0e:7b:09:6d:b4:d1:56:e6:d4:ef:66:fa:
8c:46:18:70:74:60:31:5a:1d:3a:67:30:99:39:8e:fe:8a:47:
18:76:7f:b7
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYStlFrviXth/llHrgScA8xgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTI1MDY1ODExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDQ2YjBiNDIzNmE3NjcxYWE2ZjUzNjM0NDFlZGVkNjQ4NTkyMTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9eCPBjstxee7joQ73ii7eRqDEdk
udOWoJirkD0S2+EzsI9mx3G8lI8mVnyFIsUuP3rM/sJUicGIBuuo99TySm8qw+7M
ykifeWxxtiIWbFHi+TZ0eQVgP296WlH1OLdvnrlhXxrs4E7XEnxGyg/nQeIRolpm
8G6nnGsmMOUK5fEdz0CC5kekEuNnP9iUPJfHicPDFNoKFHBhLKgaKQfAfV7G9gbC
k+7OhzZ00q830Cy9j33BWpFdvA3HU8pS/vFZAhs8fkSt/PVrz2YDJUJaXnanZy+A
nul4UkXI52Jk91feOHoWrgzKEVQNuw2f3c82Sr1sAF7WZDvmXlIyTd4e+QIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFD1GsLQjanZxqm9TY0Qe3tZIWSGXMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUFVhd3RDTnFkbkdxYjFOalJCN2Uxa2haSVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjA2BAIAATAwAwQAHyq3
AwQALQxFAwQCLYiIAwQAVcrLAwQAXrF6AwQAwjJcAwQAwjJeAwQAwjJvMGwEAgAC
MGYDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwcEKg6XxAEAAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcAKg/kBAEC
AwYEKhDMRhAwDQYJKoZIhvcNAQELBQADggEBAAfSIogKUywiXC2aeOeJELShHUuk
XkZ2ZBI3bSGr7ceJi4GL6AkCF3IBVljfCXgmW+rMM9QNBIdRBZNbJKwpp53HkBCZ
/WibXTUgrXEPWJbk8ZQ/qUZlz6B3munoZGuSEC4HpNOu44rVGPDQ5y41kiXl1AbH
YSS5ra84jOyDAQQiL238sOY1m5x/JLV6VMuDPaAo2gGmq3hbCHnJy1zcK5oFrTNu
yfIw6S2hQ2JlUnct7pk1plS3YnNkKzju+sPXNcayPr843LJ/WBcBpujuK/zFwHWD
hQc2unflfOA1Mw57CW200Vbm1O9m+oxGGHB0YDFaHTpnMJk5jv6KRxh2f7c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org