Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/PnO0vog1E3c29bbZOWZucqwCtEQ.roa
File: PnO0vog1E3c29bbZOWZucqwCtEQ.roa (raw, json)
Hash identifier: BsBZInkO5bhvQbzcgJ5XIubASHYfWdQ29RCMRO9GnlE=
Subject key identifier: 3E:73:B4:BE:88:35:13:77:36:F5:B6:D9:39:66:6E:72:AC:02:B4:44
Certificate issuer: /CN=f7aa039b886b226578bdb6a42781bf59044bb138
Certificate serial: 3780CFD1
Authority key identifier: F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/PnO0vog1E3c29bbZOWZucqwCtEQ.roa
Signing time: Sat 01 Jan 2022 10:04:38 +0000
ROA not before: Sat 01 Jan 2022 10:04:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203703
IP address blocks: 185.124.188.0/22 maxlen: 25
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 931188689 (0x3780cfd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7aa039b886b226578bdb6a42781bf59044bb138
Validity
Not Before: Jan 1 10:04:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e73b4be8835137736f5b6d939666e72ac02b444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8e:e6:a3:43:43:a8:30:6d:77:91:c5:78:a2:
c8:21:67:b8:09:22:84:e0:45:c8:81:f8:2c:41:d6:
ca:61:a4:b4:45:3a:70:88:9e:19:b7:36:40:e2:4b:
9f:d6:13:69:97:74:d5:f0:6b:44:e7:5b:7e:fe:4b:
81:90:2f:e5:6e:98:8b:60:55:28:c3:e5:82:64:80:
ad:b8:d8:95:40:f2:42:3a:d1:e0:2a:f9:cb:f6:ab:
e2:13:64:b9:ee:f2:e1:15:13:1c:21:3f:97:19:b7:
d6:d7:94:6f:2e:e5:f7:86:2f:3c:d4:ee:e9:08:57:
56:ef:c0:be:20:db:84:a7:3c:98:20:f3:bc:54:98:
fe:9c:83:ec:ba:c4:9e:00:38:4a:50:38:37:44:ef:
bd:04:67:6f:5d:7d:98:51:63:ad:ab:eb:81:32:f0:
57:a5:f8:f6:2f:0e:ab:7d:2e:67:12:38:8e:f4:16:
8c:da:c5:c1:ed:b9:22:be:54:73:3b:da:9e:37:86:
c3:93:d8:af:37:b3:9d:f8:21:ac:7e:45:0a:00:b2:
56:54:72:34:fd:ff:12:65:db:85:60:f1:d8:c2:54:
34:49:8f:b8:98:d8:c8:72:83:6c:85:f5:43:d7:85:
33:8a:10:f6:9e:f1:ae:65:99:a1:8e:72:77:8e:d2:
e6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:73:B4:BE:88:35:13:77:36:F5:B6:D9:39:66:6E:72:AC:02:B4:44
X509v3 Authority Key Identifier:
keyid:F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/PnO0vog1E3c29bbZOWZucqwCtEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/96oDm4hrImV4vbakJ4G_WQRLsTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.188.0/22
Signature Algorithm: sha256WithRSAEncryption
32:ef:a8:97:16:ac:cf:41:60:d3:1c:bd:22:ea:58:4a:27:c7:
19:b1:ff:2d:81:0d:27:13:1f:de:56:bc:cf:f6:4a:e6:40:2a:
b5:68:03:11:b3:e5:42:95:fb:3f:ba:50:67:c3:50:8c:07:ed:
7c:3c:64:36:58:1a:ba:0d:9a:c0:fe:28:4e:79:8d:23:f6:ed:
60:3c:ce:58:b3:01:b2:6d:aa:85:a3:12:c6:3a:16:09:59:5b:
ae:c8:36:aa:94:7d:d8:f2:4e:b9:a3:30:29:4d:72:af:73:a3:
b0:18:e2:7c:20:68:8d:f2:6a:c1:89:a7:90:25:bd:3a:e8:21:
77:ab:b2:7b:cb:72:c1:73:87:2c:05:ad:4f:f3:80:06:25:50:
20:5a:ef:c0:2b:0a:5b:9a:09:4a:83:70:97:03:22:cc:14:30:
06:0d:42:f3:d2:37:bc:16:68:70:28:8c:52:34:18:52:c5:1c:
63:74:e0:83:10:e0:0d:1a:26:27:67:12:c0:b0:f5:58:fd:af:
68:cc:a3:58:c3:b6:b2:39:a5:71:f3:f3:5c:72:0a:a4:ee:dd:
c4:8a:ac:a0:b3:50:43:77:f9:38:82:db:02:21:54:62:35:e3:
28:2f:3a:18:a4:fb:d8:bf:df:c6:aa:a8:3e:12:a1:1f:63:d9:
cc:45:42:0e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN4DP0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
N2FhMDM5Yjg4NmIyMjY1NzhiZGI2YTQyNzgxYmY1OTA0NGJiMTM4MB4XDTIyMDEw
MTEwMDQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U3M2I0YmU4ODM1
MTM3NzM2ZjViNmQ5Mzk2NjZlNzJhYzAyYjQ0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOeO5qNDQ6gwbXeRxXiiyCFnuAkihOBFyIH4LEHWymGktEU6
cIieGbc2QOJLn9YTaZd01fBrROdbfv5LgZAv5W6Yi2BVKMPlgmSArbjYlUDyQjrR
4Cr5y/ar4hNkue7y4RUTHCE/lxm31teUby7l94YvPNTu6QhXVu/AviDbhKc8mCDz
vFSY/pyD7LrEngA4SlA4N0TvvQRnb119mFFjravrgTLwV6X49i8Oq30uZxI4jvQW
jNrFwe25Ir5UczvanjeGw5PYrzeznfghrH5FCgCyVlRyNP3/EmXbhWDx2MJUNEmP
uJjYyHKDbIX1Q9eFM4oQ9p7xrmWZoY5yd47S5u0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+c7S+iDUTdzb1ttk5Zm5yrAK0RDAfBgNVHSMEGDAWgBT3qgObiGsiZXi9
tqQngb9ZBEuxODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzk2b0RtNGhySW1WNHZiYWtKNEdfV1FSTHNUZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNGJiZDZjLTkxZWYtNDQ2MS04MjFiLTZmNjIxZDczNmFmZi8x
L1BuTzB2b2cxRTNjMjliYlpPV1p1Y3F3Q3RFUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NGJiZDZjLTkxZWYtNDQ2MS04MjFiLTZmNjIxZDczNmFmZi8xLzk2b0RtNGhySW1W
NHZiYWtKNEdfV1FSTHNUZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl8vDANBgkqhkiG9w0BAQsFAAOC
AQEAMu+olxasz0Fg0xy9IupYSifHGbH/LYENJxMf3la8z/ZK5kAqtWgDEbPlQpX7
P7pQZ8NQjAftfDxkNlgaug2awP4oTnmNI/btYDzOWLMBsm2qhaMSxjoWCVlbrsg2
qpR92PJOuaMwKU1yr3OjsBjifCBojfJqwYmnkCW9Oughd6uye8tywXOHLAWtT/OA
BiVQIFrvwCsKW5oJSoNwlwMizBQwBg1C89I3vBZocCiMUjQYUsUcY3TggxDgDRom
J2cSwLD1WP2vaMyjWMO2sjmlcfPzXHIKpO7dxIqsoLNQQ3f5OILbAiFUYjXjKC86
GKT72L/fxqqoPhKhH2PZzEVCDg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:06 2025 by rpki-client