Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/PPkyn_JOhwPlUklS62YvkX7qWH8.roa
File: PPkyn_JOhwPlUklS62YvkX7qWH8.roa (raw, json)
Hash identifier: 7K/khBpd3/ZhAKVws2FZgUAy3JH8GbG5uPqYkIrJwyg=
Subject key identifier: 3C:F9:32:9F:F2:4E:87:03:E5:52:49:52:EB:66:2F:91:7E:EA:58:7F
Certificate issuer: /CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Certificate serial: 0529A4DF
Authority key identifier: D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/PPkyn_JOhwPlUklS62YvkX7qWH8.roa
Signing time: Sat 01 Jan 2022 09:53:08 +0000
ROA not before: Sat 01 Jan 2022 09:53:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 193.24.68.0/24 maxlen: 25
193.24.66.0/24 maxlen: 25
139.123.225.0/24 maxlen: 24
139.123.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86615263 (0x529a4df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Validity
Not Before: Jan 1 09:53:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3cf9329ff24e8703e5524952eb662f917eea587f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a2:7c:3d:e7:14:8a:69:20:04:55:5d:60:be:
ff:8c:f0:e5:4a:cd:fc:33:85:d9:33:e1:04:4b:b3:
af:17:2b:6a:c1:c4:01:05:cd:40:c8:dc:18:56:a2:
9a:c9:b1:00:2a:21:06:58:e1:86:03:f3:bd:45:c3:
71:4b:3b:c8:2a:5a:25:a9:18:7b:21:86:a6:44:14:
9d:2a:f2:ec:b1:41:2f:e8:05:a1:1a:4a:05:38:63:
34:b8:11:ed:14:81:37:55:30:4f:0f:ae:05:e2:c8:
26:32:bb:86:fb:5c:c3:07:5c:c5:22:c4:66:f9:42:
5c:61:54:a7:cc:02:30:9f:47:eb:c2:72:a5:27:f3:
14:2d:07:a1:33:ae:01:f2:9f:31:b7:ef:3d:cb:f6:
82:67:29:db:9b:6f:df:c0:6f:8d:9a:65:0f:fa:b0:
18:e4:36:24:d2:e1:e2:57:8d:0e:49:bc:84:92:55:
90:a0:54:55:22:23:12:ed:9d:56:ad:7a:50:b5:eb:
31:46:71:45:0e:de:07:88:56:67:70:75:0f:cc:fd:
da:aa:99:fb:f0:b1:7c:12:7e:05:0f:a9:f7:e6:84:
6b:50:af:ce:f3:fe:84:ad:38:bd:b4:99:a7:e0:2b:
7f:b3:9a:ad:49:9a:af:a3:b3:56:c6:4e:ce:cf:36:
7e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F9:32:9F:F2:4E:87:03:E5:52:49:52:EB:66:2F:91:7E:EA:58:7F
X509v3 Authority Key Identifier:
keyid:D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/PPkyn_JOhwPlUklS62YvkX7qWH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/2HcqrBtiuH1rAdV6GgCmpyuKfaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.123.225.0/24
139.123.228.0/24
193.24.66.0/24
193.24.68.0/24
Signature Algorithm: sha256WithRSAEncryption
42:07:d7:e4:a3:42:78:b5:2b:40:d8:e1:52:c7:09:ef:8b:be:
0d:70:60:8f:85:50:60:08:b7:f8:9a:2f:1d:ac:62:45:11:68:
95:05:ef:76:40:9a:52:50:99:37:ae:cb:f3:fc:97:ef:cf:ab:
96:19:fb:40:39:47:80:76:2c:3b:84:d3:ff:de:de:e8:3b:f7:
e3:3b:ca:4a:34:61:8c:58:f2:57:01:db:67:59:9b:60:bf:c7:
7f:b5:94:a5:3b:e7:43:43:cf:04:e1:39:3a:61:ef:50:d9:f7:
5c:69:69:dc:2d:17:41:d0:26:79:57:fe:69:ff:eb:15:88:ec:
09:41:48:3c:57:d1:bc:6c:32:3f:20:83:f2:54:01:56:61:62:
bd:f1:57:6e:a2:51:b1:66:bb:b5:d0:bc:3e:eb:41:89:aa:c0:
50:8e:31:29:dd:ac:34:e8:9f:dc:a4:c9:62:6f:40:a8:89:18:
a6:b2:7c:97:1c:1f:90:27:4c:ac:5a:2c:d0:ac:03:69:05:6d:
3a:70:90:76:0f:13:36:82:ff:1a:e3:68:8a:63:0b:14:f6:8b:
46:2b:59:5b:76:6a:7d:69:26:b1:d7:53:c1:f8:4f:e1:8a:f8:
9e:a8:93:10:63:f5:bf:48:a0:a6:08:14:7f:fd:69:fa:d7:aa:
79:05:b6:92
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBSmk3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ODc3MmFhYzFiNjJiODdkNmIwMWQ1N2ExYTAwYTZhNzJiOGE3ZGE2MB4XDTIyMDEw
MTA5NTMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2NmOTMyOWZmMjRl
ODcwM2U1NTI0OTUyZWI2NjJmOTE3ZWVhNTg3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSifD3nFIppIARVXWC+/4zw5UrN/DOF2TPhBEuzrxcrasHE
AQXNQMjcGFaimsmxACohBljhhgPzvUXDcUs7yCpaJakYeyGGpkQUnSry7LFBL+gF
oRpKBThjNLgR7RSBN1UwTw+uBeLIJjK7hvtcwwdcxSLEZvlCXGFUp8wCMJ9H68Jy
pSfzFC0HoTOuAfKfMbfvPcv2gmcp25tv38BvjZplD/qwGOQ2JNLh4leNDkm8hJJV
kKBUVSIjEu2dVq16ULXrMUZxRQ7eB4hWZ3B1D8z92qqZ+/CxfBJ+BQ+p9+aEa1Cv
zvP+hK04vbSZp+Arf7OarUmar6OzVsZOzs82fgUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ8+TKf8k6HA+VSSVLrZi+RfupYfzAfBgNVHSMEGDAWgBTYdyqsG2K4fWsB
1XoaAKanK4p9pjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJIY3FyQnRpdUgxckFkVjZHZ0NtcHl1S2ZhWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvNjE2YTU4LTUzNDItNDMyYy1hOWM1LTMzM2JlZWNmZjZmNC8x
L1BQa3luX0pPaHdQbFVrbFM2Mll2a1g3cVdIOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
NjE2YTU4LTUzNDItNDMyYy1hOWM1LTMzM2JlZWNmZjZmNC8xLzJIY3FyQnRpdUgx
ckFkVjZHZ0NtcHl1S2ZhWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAIt74QMEAIt75AMEAMEYQgMEAMEY
RDANBgkqhkiG9w0BAQsFAAOCAQEAQgfX5KNCeLUrQNjhUscJ74u+DXBgj4VQYAi3
+JovHaxiRRFolQXvdkCaUlCZN67L8/yX78+rlhn7QDlHgHYsO4TT/97e6Dv34zvK
SjRhjFjyVwHbZ1mbYL/Hf7WUpTvnQ0PPBOE5OmHvUNn3XGlp3C0XQdAmeVf+af/r
FYjsCUFIPFfRvGwyPyCD8lQBVmFivfFXbqJRsWa7tdC8PutBiarAUI4xKd2sNOif
3KTJYm9AqIkYprJ8lxwfkCdMrFos0KwDaQVtOnCQdg8TNoL/GuNoimMLFPaLRitZ
W3ZqfWkmsddTwfhP4Yr4nqiTEGP1v0igpggUf/1p+teqeQW2kg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:27 2023 by rpki-client on console-fra.rpki-client.org