Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/pTgQNJLRtqn8vI9Gha5ngJ3x-HY.roa
File: pTgQNJLRtqn8vI9Gha5ngJ3x-HY.roa (raw, json)
Hash identifier: GzAWGzB1Es5C53m+4UcUMPNlP1s/6lNwK9hlI3KyB2k=
Subject key identifier: A5:38:10:34:92:D1:B6:A9:FC:BC:8F:46:85:AE:67:80:9D:F1:F8:76
Certificate issuer: /CN=3f3195f47084c8b0c670d03f7ee7b516cf804c5c
Certificate serial: 195D20
Authority key identifier: 3F:31:95:F4:70:84:C8:B0:C6:70:D0:3F:7E:E7:B5:16:CF:80:4C:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PzGV9HCEyLDGcNA_fue1Fs-ATFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/pTgQNJLRtqn8vI9Gha5ngJ3x-HY.roa
Signing time: Mon 16 May 2022 17:48:31 +0000
ROA not before: Mon 16 May 2022 17:48:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60475
IP address blocks: 37.202.16.0/21 maxlen: 21
37.202.22.0/23 maxlen: 23
185.241.203.0/24 maxlen: 24
185.241.200.0/22 maxlen: 22
2a02:ff00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1662240 (0x195d20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f3195f47084c8b0c670d03f7ee7b516cf804c5c
Validity
Not Before: May 16 17:48:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a538103492d1b6a9fcbc8f4685ae67809df1f876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:62:55:f1:6f:1e:7f:94:17:3e:30:a0:2d:50:
4b:51:7a:d6:a0:f2:e8:db:49:c6:79:c2:50:b7:34:
a6:3d:19:49:3d:dd:0d:be:64:d7:21:ca:73:6a:b8:
67:15:55:af:61:36:e4:d0:2b:33:7d:e2:a8:0f:ed:
12:0f:cc:44:37:ca:bd:11:f7:b5:3a:b4:ec:e5:6a:
c6:8f:ff:87:ad:eb:dc:9e:e4:ca:4a:51:5a:07:68:
50:61:e4:87:34:67:63:d7:20:70:ed:a3:8a:00:19:
d5:68:ec:78:30:b2:43:93:27:0f:0b:e7:02:30:53:
d0:3a:59:26:f1:0f:d0:3e:cd:4c:88:da:a4:ec:46:
0f:80:63:36:3f:3b:3e:99:d1:62:57:7b:ea:c1:1e:
7d:20:24:ef:20:e3:36:d4:40:d1:7d:7a:b1:f6:34:
e5:55:d2:00:54:9a:89:a4:6b:89:64:86:1b:79:df:
7b:06:a3:aa:78:26:aa:95:77:5c:a3:3c:dc:ce:87:
97:26:7c:c3:02:34:8a:8c:a6:1a:e7:7f:5b:c5:f7:
92:ce:4d:38:07:a6:b3:57:fa:65:b2:5d:70:b2:b3:
29:d0:e1:03:9b:da:be:20:82:d1:66:d5:52:32:4c:
0a:1b:e6:42:6e:5c:75:e1:9a:f2:7d:87:40:98:7a:
72:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:38:10:34:92:D1:B6:A9:FC:BC:8F:46:85:AE:67:80:9D:F1:F8:76
X509v3 Authority Key Identifier:
keyid:3F:31:95:F4:70:84:C8:B0:C6:70:D0:3F:7E:E7:B5:16:CF:80:4C:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PzGV9HCEyLDGcNA_fue1Fs-ATFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/pTgQNJLRtqn8vI9Gha5ngJ3x-HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/PzGV9HCEyLDGcNA_fue1Fs-ATFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.16.0/21
185.241.200.0/22
IPv6:
2a02:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
40:b1:71:ba:68:54:78:b4:a5:2b:bf:80:f4:e4:50:23:d6:60:
29:de:21:32:4b:86:0b:9c:6c:3d:d5:be:66:84:19:30:3a:a0:
84:b0:77:35:65:0e:15:ff:c2:51:e8:0d:64:16:30:f0:77:35:
05:6d:99:35:a7:b5:6e:ee:65:64:3f:cc:69:35:a9:a9:63:43:
02:3c:03:bb:55:4d:2b:33:0f:08:1a:23:a3:ab:ab:29:2e:bc:
1e:c8:1f:02:62:c1:85:db:51:0e:56:0b:54:63:58:94:dc:25:
b3:20:3d:48:35:f8:5d:80:c5:38:a0:c4:3d:8d:91:58:6e:19:
e7:b4:cc:ec:68:ae:5a:09:1c:c7:70:e8:92:0d:b6:4d:7e:32:
ca:1f:c8:78:6e:31:99:35:56:2f:1a:38:64:a7:52:e3:2a:a4:
5d:f5:04:9c:71:7d:86:99:fb:d8:8b:f3:7d:ad:51:48:c8:f0:
e1:3c:25:3e:dc:11:b4:32:32:f0:f4:d7:f4:03:49:a5:9c:21:
b6:be:ba:81:1e:45:c1:90:1a:2f:70:e7:93:34:cf:7a:a4:64:
26:0f:a4:99:e5:65:fc:d4:09:cf:9e:04:63:62:9b:c7:7e:52:
d8:f5:c4:26:d7:c0:5c:8e:db:61:64:f7:c1:1d:84:4d:9c:80:
16:1f:cd:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDGV0gMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNm
MzE5NWY0NzA4NGM4YjBjNjcwZDAzZjdlZTdiNTE2Y2Y4MDRjNWMwHhcNMjIwNTE2
MTc0ODMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhNTM4MTAzNDkyZDFi
NmE5ZmNiYzhmNDY4NWFlNjc4MDlkZjFmODc2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA42JV8W8ef5QXPjCgLVBLUXrWoPLo20nGecJQtzSmPRlJPd0N
vmTXIcpzarhnFVWvYTbk0CszfeKoD+0SD8xEN8q9Efe1OrTs5WrGj/+HrevcnuTK
SlFaB2hQYeSHNGdj1yBw7aOKABnVaOx4MLJDkycPC+cCMFPQOlkm8Q/QPs1MiNqk
7EYPgGM2Pzs+mdFiV3vqwR59ICTvIOM21EDRfXqx9jTlVdIAVJqJpGuJZIYbed97
BqOqeCaqlXdcozzczoeXJnzDAjSKjKYa539bxfeSzk04B6azV/plsl1wsrMp0OED
m9q+IILRZtVSMkwKG+ZCblx14ZryfYdAmHpyvwIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFKU4EDSS0bap/LyPRoWuZ4Cd8fh2MB8GA1UdIwQYMBaAFD8xlfRwhMiwxnDQ
P37ntRbPgExcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UHpHVjlIQ0V5TERHY05BX2Z1ZTFGcy1BVEZ3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82Mi9hYjRmODctNzU2OS00N2UxLTkwMDYtNjA0Mzc4ZTcxNzNmLzEv
cFRnUU5KTFJ0cW44dkk5R2hhNW5nSjN4LUhZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9h
YjRmODctNzU2OS00N2UxLTkwMDYtNjA0Mzc4ZTcxNzNmLzEvUHpHVjlIQ0V5TERH
Y05BX2Z1ZTFGcy1BVEZ3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJcoQAwQCufHIMA0EAgACMAcDBQMq
Av8AMA0GCSqGSIb3DQEBCwUAA4IBAQBAsXG6aFR4tKUrv4D05FAj1mAp3iEyS4YL
nGw91b5mhBkwOqCEsHc1ZQ4V/8JR6A1kFjDwdzUFbZk1p7Vu7mVkP8xpNampY0MC
PAO7VU0rMw8IGiOjq6spLrweyB8CYsGF21EOVgtUY1iU3CWzID1INfhdgMU4oMQ9
jZFYbhnntMzsaK5aCRzHcOiSDbZNfjLKH8h4bjGZNVYvGjhkp1LjKqRd9QSccX2G
mfvYi/N9rVFIyPDhPCU+3BG0MjLw9Nf0A0mlnCG2vrqBHkXBkBovcOeTNM96pGQm
D6SZ5WX81AnPngRjYpvHflLY9cQm18BcjtthZPfBHYRNnIAWH83O
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org