Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7a4ffb-0289-466c-a2f5-30207773f760/1/PCka4sKAHIlp9FSy0P2v4bm8mtI.roa
File: PCka4sKAHIlp9FSy0P2v4bm8mtI.roa (raw, json)
Hash identifier: lnMGxQQlTWjR+481wAhKjpFhfItO0UY8v9wdKvw7FZ8=
Subject key identifier: 3C:29:1A:E2:C2:80:1C:89:69:F4:54:B2:D0:FD:AF:E1:B9:BC:9A:D2
Certificate issuer: /CN=ff017f878432b2fe31f58153b44a81659d50ba20
Certificate serial: 03A8BB47
Authority key identifier: FF:01:7F:87:84:32:B2:FE:31:F5:81:53:B4:4A:81:65:9D:50:BA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_wF_h4Qysv4x9YFTtEqBZZ1QuiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7a4ffb-0289-466c-a2f5-30207773f760/1/PCka4sKAHIlp9FSy0P2v4bm8mtI.roa
Signing time: Sat 01 Jan 2022 14:01:24 +0000
ROA not before: Sat 01 Jan 2022 14:01:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42546
IP address blocks: 178.214.192.0/19 maxlen: 19
178.214.192.0/24 maxlen: 24
178.214.197.0/24 maxlen: 24
178.214.198.0/24 maxlen: 24
178.214.199.0/24 maxlen: 24
178.214.193.0/24 maxlen: 24
178.214.194.0/24 maxlen: 24
178.214.195.0/24 maxlen: 24
178.214.196.0/24 maxlen: 24
178.214.200.0/24 maxlen: 24
178.214.201.0/24 maxlen: 24
178.214.202.0/24 maxlen: 24
178.214.203.0/24 maxlen: 24
178.214.204.0/24 maxlen: 24
178.214.205.0/24 maxlen: 24
178.214.206.0/24 maxlen: 24
178.214.211.0/24 maxlen: 24
178.214.212.0/24 maxlen: 24
178.214.213.0/24 maxlen: 24
178.214.207.0/24 maxlen: 24
178.214.208.0/24 maxlen: 24
178.214.209.0/24 maxlen: 24
178.214.210.0/24 maxlen: 24
178.214.214.0/24 maxlen: 24
178.214.215.0/24 maxlen: 24
178.214.216.0/24 maxlen: 24
178.214.217.0/24 maxlen: 24
178.214.218.0/24 maxlen: 24
178.214.219.0/24 maxlen: 24
178.214.220.0/24 maxlen: 24
178.214.221.0/24 maxlen: 24
178.214.222.0/24 maxlen: 24
178.214.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61389639 (0x3a8bb47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff017f878432b2fe31f58153b44a81659d50ba20
Validity
Not Before: Jan 1 14:01:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c291ae2c2801c8969f454b2d0fdafe1b9bc9ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e7:9c:06:3c:df:9c:9f:ed:53:b9:31:bf:28:
4d:04:fb:4f:85:ab:79:ec:bc:7e:37:03:a4:7c:13:
6e:62:0f:84:95:d8:43:0c:69:2b:1b:89:f5:91:18:
49:12:14:6a:ae:ff:f7:eb:50:78:71:f3:d4:05:fd:
14:21:bf:0a:88:1a:26:c2:64:8b:f2:da:ec:c8:df:
52:01:db:c2:cd:a3:f0:f6:aa:4b:d6:4a:74:7f:b6:
20:0d:2e:6b:a1:0c:de:72:06:ed:5e:5b:21:ee:4a:
a7:e8:8d:5d:c5:21:f8:74:1b:d8:bf:7a:64:95:3d:
2b:09:d5:4a:9b:c6:da:c9:81:59:ba:0c:d8:71:7e:
fa:0f:83:ed:ec:9e:06:30:5c:cb:24:18:ff:55:d3:
b4:3f:7b:42:53:a9:f3:d9:88:ae:a9:80:a1:a8:76:
1b:4c:42:46:fa:23:9b:d2:de:5d:14:b5:de:48:79:
78:89:a3:64:00:e3:87:0a:32:a2:f1:2f:26:66:ca:
72:5a:d8:84:d6:88:d7:c4:6a:ed:71:78:de:5f:aa:
fb:ad:ec:aa:a0:6d:98:7f:5f:01:62:8b:0b:50:19:
3a:d2:57:b4:f8:27:af:02:4f:12:0e:af:1a:b3:ed:
fd:00:30:6f:5d:f4:bc:dc:54:b9:91:68:3e:cd:3b:
9e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:29:1A:E2:C2:80:1C:89:69:F4:54:B2:D0:FD:AF:E1:B9:BC:9A:D2
X509v3 Authority Key Identifier:
keyid:FF:01:7F:87:84:32:B2:FE:31:F5:81:53:B4:4A:81:65:9D:50:BA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_wF_h4Qysv4x9YFTtEqBZZ1QuiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7a4ffb-0289-466c-a2f5-30207773f760/1/PCka4sKAHIlp9FSy0P2v4bm8mtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7a4ffb-0289-466c-a2f5-30207773f760/1/_wF_h4Qysv4x9YFTtEqBZZ1QuiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.214.192.0/19
Signature Algorithm: sha256WithRSAEncryption
25:c1:f4:30:54:9c:2f:ff:e2:d3:5e:a7:91:6d:e7:0e:a6:7f:
b5:bc:00:60:74:c5:da:ba:1c:42:67:07:d0:37:b6:3e:b5:87:
f4:2a:70:7f:76:f4:ff:64:b3:e1:a8:1b:ea:16:1b:5f:1d:c8:
24:08:ee:bb:06:bf:22:8d:80:d4:2e:85:58:fb:cb:10:e1:11:
cb:02:ca:41:ca:08:e3:ff:42:cb:6b:4d:a1:ef:00:04:85:7d:
43:f0:36:d6:96:35:79:2c:84:b9:81:58:5c:d9:54:3a:4f:71:
52:59:e6:c4:82:19:76:3d:99:bc:89:59:db:46:0d:df:9f:1a:
3b:7d:f1:69:ee:e6:dd:07:ce:1c:e3:53:28:c8:2b:77:eb:55:
dc:45:f3:a3:5c:ec:f5:5d:cd:5d:b0:ca:6f:d2:96:0f:1d:08:
0a:84:f3:2b:a6:6c:50:6b:bd:20:12:9a:23:eb:a2:87:9d:c4:
a3:c2:72:86:9e:81:8a:5f:85:87:3c:60:81:9a:ae:50:33:37:
eb:df:bd:4e:02:d9:20:9f:f2:34:4e:af:91:9d:60:eb:88:28:
1e:0d:f6:ff:ca:29:92:37:53:ba:92:43:e9:1f:2d:d6:91:c4:
f8:22:fe:2b:73:50:75:39:4e:8c:eb:ca:f9:3a:59:3c:dd:a2:
9a:2a:8c:78
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA6i7RzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjAxN2Y4Nzg0MzJiMmZlMzFmNTgxNTNiNDRhODE2NTlkNTBiYTIwMB4XDTIyMDEw
MTE0MDEyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MyOTFhZTJjMjgw
MWM4OTY5ZjQ1NGIyZDBmZGFmZTFiOWJjOWFkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvnnAY835yf7VO5Mb8oTQT7T4Wreey8fjcDpHwTbmIPhJXY
QwxpKxuJ9ZEYSRIUaq7/9+tQeHHz1AX9FCG/CogaJsJki/La7MjfUgHbws2j8Paq
S9ZKdH+2IA0ua6EM3nIG7V5bIe5Kp+iNXcUh+HQb2L96ZJU9KwnVSpvG2smBWboM
2HF++g+D7eyeBjBcyyQY/1XTtD97QlOp89mIrqmAoah2G0xCRvojm9LeXRS13kh5
eImjZADjhwoyovEvJmbKclrYhNaI18Rq7XF43l+q+63sqqBtmH9fAWKLC1AZOtJX
tPgnrwJPEg6vGrPt/QAwb130vNxUuZFoPs07nucCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ8KRriwoAciWn0VLLQ/a/hubya0jAfBgNVHSMEGDAWgBT/AX+HhDKy/jH1
gVO0SoFlnVC6IDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L193Rl9oNFF5c3Y0eDlZRlR0RXFCWloxUXVpQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvN2E0ZmZiLTAyODktNDY2Yy1hMmY1LTMwMjA3NzczZjc2MC8x
L1BDa2E0c0tBSElscDlGU3kwUDJ2NGJtOG10SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
N2E0ZmZiLTAyODktNDY2Yy1hMmY1LTMwMjA3NzczZjc2MC8xL193Rl9oNFF5c3Y0
eDlZRlR0RXFCWloxUXVpQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbLWwDANBgkqhkiG9w0BAQsFAAOC
AQEAJcH0MFScL//i016nkW3nDqZ/tbwAYHTF2rocQmcH0De2PrWH9Cpwf3b0/2Sz
4agb6hYbXx3IJAjuuwa/Io2A1C6FWPvLEOERywLKQcoI4/9Cy2tNoe8ABIV9Q/A2
1pY1eSyEuYFYXNlUOk9xUlnmxIIZdj2ZvIlZ20YN358aO33xae7m3QfOHONTKMgr
d+tV3EXzo1zs9V3NXbDKb9KWDx0ICoTzK6ZsUGu9IBKaI+uih53Eo8Jyhp6Bil+F
hzxggZquUDM369+9TgLZIJ/yNE6vkZ1g64goHg32/8opkjdTupJD6R8t1pHE+CL+
K3NQdTlOjOvK+TpZPN2imiqMeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:51 2024 by rpki-client on console-ams.rpki-client.org