Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/PMf6xeVr2x8PPkeHfdQEnvAluGE.roa
File: PMf6xeVr2x8PPkeHfdQEnvAluGE.roa (raw, json)
Hash identifier: RVSg0f0MDtLMJHwsU/7FF2a+tRzGneV+9jSnp6KOAOc=
Subject key identifier: 3C:C7:FA:C5:E5:6B:DB:1F:0F:3E:47:87:7D:D4:04:9E:F0:25:B8:61
Certificate issuer: /CN=3ee5a1dd0cee874c06e1ea1f72827d97cbc67187
Certificate serial: 092A5732
Authority key identifier: 3E:E5:A1:DD:0C:EE:87:4C:06:E1:EA:1F:72:82:7D:97:CB:C6:71:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/PMf6xeVr2x8PPkeHfdQEnvAluGE.roa
Signing time: Sat 01 Jan 2022 15:59:58 +0000
ROA not before: Sat 01 Jan 2022 15:59:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198611
IP address blocks: 91.237.70.0/24 maxlen: 24
91.231.205.0/24 maxlen: 24
91.237.68.0/24 maxlen: 24
91.237.71.0/24 maxlen: 24
91.237.69.0/24 maxlen: 24
2001:67c:16f8::/48 maxlen: 48
2001:67c:2ad8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153769778 (0x92a5732)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee5a1dd0cee874c06e1ea1f72827d97cbc67187
Validity
Not Before: Jan 1 15:59:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3cc7fac5e56bdb1f0f3e47877dd4049ef025b861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:21:dc:2d:78:a2:0a:b3:7c:1e:8c:c6:56:27:
b6:63:e5:1b:e7:1a:92:2e:32:1b:3f:5e:6e:9c:60:
f3:a4:9f:25:b1:35:51:cb:9d:a0:80:36:25:d3:40:
4f:9c:fd:80:9a:42:c7:e7:ed:65:3f:fe:18:78:7f:
fe:9b:8d:54:52:3c:df:cf:10:17:fa:56:d9:e9:36:
80:8c:b7:bc:d1:73:85:f9:a1:1e:0e:9d:d7:4e:f5:
bf:f7:c1:ac:b4:b6:0e:ce:9b:ba:10:f8:07:2d:be:
a2:c4:32:85:c8:a0:6e:c5:d8:f1:b7:70:34:b7:ba:
57:62:df:7a:54:e8:20:80:0a:c1:df:88:74:76:31:
ff:c6:9c:91:88:54:f5:f3:e2:22:09:af:a2:d5:a1:
b3:83:32:61:88:d6:5b:b6:57:3b:21:3d:df:9c:9d:
73:02:21:0d:bc:1d:4a:4a:18:11:b7:e3:ba:0f:97:
5c:02:5a:3b:d7:33:f9:a3:3c:0a:33:cc:55:1a:83:
df:16:10:2b:3b:de:32:9c:b5:a0:48:cf:ad:8a:d8:
98:cb:65:94:b8:62:ab:9c:88:a7:7f:d2:e7:b2:41:
0b:fc:22:e0:f0:9d:79:46:98:82:69:fc:bb:6b:66:
d0:92:da:17:bc:a9:2e:70:bc:48:0a:bf:45:3d:75:
8b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C7:FA:C5:E5:6B:DB:1F:0F:3E:47:87:7D:D4:04:9E:F0:25:B8:61
X509v3 Authority Key Identifier:
keyid:3E:E5:A1:DD:0C:EE:87:4C:06:E1:EA:1F:72:82:7D:97:CB:C6:71:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/PMf6xeVr2x8PPkeHfdQEnvAluGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.205.0/24
91.237.68.0/22
IPv6:
2001:67c:16f8::/48
2001:67c:2ad8::/48
Signature Algorithm: sha256WithRSAEncryption
3a:83:22:f5:76:1b:32:29:e9:fa:02:c2:9f:90:dc:f1:f7:68:
db:a2:f0:b0:44:bd:c4:2d:c6:ac:71:e7:8f:0d:bf:a5:46:8d:
22:cf:22:bf:54:91:d6:d2:b5:fd:93:e9:9a:1e:c6:d7:56:32:
93:76:7c:cb:69:5e:f4:7e:22:1f:26:81:1c:9f:fa:14:81:79:
fa:77:4d:24:b3:50:d2:57:e0:9d:c1:d4:ca:b8:3b:92:d7:df:
c7:66:82:c8:43:7a:9c:21:ba:34:d4:f4:ba:59:e5:b0:38:81:
37:a2:30:0b:c2:f1:99:d7:a4:2c:b3:ec:7f:5d:00:ec:be:f8:
7a:88:2f:08:00:c4:b7:f3:20:f0:8c:a6:fd:2e:47:6b:1a:5f:
bc:ad:9c:a9:3e:46:78:7f:bc:e1:43:e6:fb:a6:72:f8:4e:7b:
50:6e:ce:42:07:e4:7c:ed:62:c3:b4:56:eb:0f:7b:65:73:cb:
eb:10:97:09:a4:a2:12:9d:4f:fa:27:3c:9d:56:ba:64:ea:b4:
1a:2b:5f:86:09:bc:d1:cc:78:2f:31:0e:92:32:0b:c5:e0:48:
bc:a5:40:8a:20:6e:bd:0f:9f:35:b8:29:2d:a3:e2:7b:b2:57:
4e:4a:b2:7a:7d:a8:8a:ba:f4:4e:4a:25:ad:c1:a8:36:ca:19:
03:63:82:1f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIECSpXMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWU1YTFkZDBjZWU4NzRjMDZlMWVhMWY3MjgyN2Q5N2NiYzY3MTg3MB4XDTIyMDEw
MTE1NTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2NjN2ZhYzVlNTZi
ZGIxZjBmM2U0Nzg3N2RkNDA0OWVmMDI1Yjg2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgh3C14ogqzfB6MxlYntmPlG+caki4yGz9ebpxg86SfJbE1
UcudoIA2JdNAT5z9gJpCx+ftZT/+GHh//puNVFI8388QF/pW2ek2gIy3vNFzhfmh
Hg6d1071v/fBrLS2Ds6buhD4By2+osQyhcigbsXY8bdwNLe6V2LfelToIIAKwd+I
dHYx/8ackYhU9fPiIgmvotWhs4MyYYjWW7ZXOyE935ydcwIhDbwdSkoYEbfjug+X
XAJaO9cz+aM8CjPMVRqD3xYQKzveMpy1oEjPrYrYmMtllLhiq5yIp3/S57JBC/wi
4PCdeUaYgmn8u2tm0JLaF7ypLnC8SAq/RT11i50CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBQ8x/rF5WvbHw8+R4d91ASe8CW4YTAfBgNVHSMEGDAWgBQ+5aHdDO6HTAbh
6h9ygn2Xy8ZxhzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1B1V2gzUXp1aDB3RzRlb2Zjb0o5bDh2R2NZYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvOTVmZmQ5LTE5ZDMtNDUxNy04YzQ3LWM2MTY2MWQxYjcxYi8x
L1BNZjZ4ZVZyMng4UFBrZUhmZFFFbnZBbHVHRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
OTVmZmQ5LTE5ZDMtNDUxNy04YzQ3LWM2MTY2MWQxYjcxYi8xL1B1V2gzUXp1aDB3
RzRlb2Zjb0o5bDh2R2NZYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEAFvnzQMEAlvtRDAYBAIAAjASAwcA
IAEGfBb4AwcAIAEGfCrYMA0GCSqGSIb3DQEBCwUAA4IBAQA6gyL1dhsyKen6AsKf
kNzx92jbovCwRL3ELcasceePDb+lRo0izyK/VJHW0rX9k+maHsbXVjKTdnzLaV70
fiIfJoEcn/oUgXn6d00ks1DSV+CdwdTKuDuS19/HZoLIQ3qcIbo01PS6WeWwOIE3
ojALwvGZ16Qss+x/XQDsvvh6iC8IAMS38yDwjKb9LkdrGl+8rZypPkZ4f7zhQ+b7
pnL4TntQbs5CB+R87WLDtFbrD3tlc8vrEJcJpKISnU/6JzydVrpk6rQaK1+GCbzR
zHgvMQ6SMgvF4Ei8pUCKIG69D581uCkto+J7sldOSrJ6faiKuvROSiWtwag2yhkD
Y4If
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:49 2025 by rpki-client