Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/PCAC6F3p2WkeoaB-hffGlakCEP0.roa
File: PCAC6F3p2WkeoaB-hffGlakCEP0.roa (raw, json)
Hash identifier: jZ9dCSbon9kXhgLlxAwzXHddSgDLy+JhrpUQGcOKWWc=
Subject key identifier: 3C:20:02:E8:5D:E9:D9:69:1E:A1:A0:7E:85:F7:C6:95:A9:02:10:FD
Certificate issuer: /CN=764928a97be955377013d382c62940e950dd212b
Certificate serial: 020196F3
Authority key identifier: 76:49:28:A9:7B:E9:55:37:70:13:D3:82:C6:29:40:E9:50:DD:21:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/PCAC6F3p2WkeoaB-hffGlakCEP0.roa
Signing time: Sat 01 Jan 2022 05:02:57 +0000
ROA not before: Sat 01 Jan 2022 05:02:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50629
IP address blocks: 87.253.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33658611 (0x20196f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=764928a97be955377013d382c62940e950dd212b
Validity
Not Before: Jan 1 05:02:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c2002e85de9d9691ea1a07e85f7c695a90210fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d1:97:de:42:41:43:1b:9a:51:f0:fe:20:86:
da:4f:2f:90:41:f8:b4:90:74:ff:2e:49:07:08:ca:
f8:c5:45:3c:ea:ae:15:fc:3f:c2:fd:27:7b:b0:5b:
31:52:2e:60:84:56:8a:61:76:5f:f0:d0:44:50:cb:
11:ee:d3:4e:08:f4:af:29:8c:39:2e:2c:ed:70:43:
8f:09:23:02:3f:33:ac:2d:a9:e2:5b:21:6d:7f:b4:
9c:2f:fa:b7:98:c9:0c:21:0d:8a:73:3a:80:ef:6e:
82:d6:25:03:80:87:3a:74:86:f1:0b:ec:44:35:75:
10:44:1a:6b:50:a7:8a:22:cd:7d:9c:d1:eb:ae:f2:
51:ed:29:11:c8:d6:32:5b:26:c3:98:1b:8f:86:4d:
84:49:15:b0:03:9b:92:61:de:28:43:85:81:64:4b:
b4:f4:3a:ec:ae:d8:0c:d2:7d:eb:f5:f0:10:a2:8c:
cf:73:e6:86:53:f1:eb:20:98:d1:62:ab:9c:9f:4b:
07:66:82:bd:b8:61:19:31:46:5c:06:9d:12:51:76:
6d:f0:4c:00:a3:89:be:22:31:2a:bd:fa:8f:08:8c:
62:60:c3:32:ed:3a:14:b1:1a:bd:63:27:8a:e3:75:
bf:c4:23:0e:fe:e4:b5:98:0f:b2:17:6a:15:58:c7:
84:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:20:02:E8:5D:E9:D9:69:1E:A1:A0:7E:85:F7:C6:95:A9:02:10:FD
X509v3 Authority Key Identifier:
keyid:76:49:28:A9:7B:E9:55:37:70:13:D3:82:C6:29:40:E9:50:DD:21:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/PCAC6F3p2WkeoaB-hffGlakCEP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/dkkoqXvpVTdwE9OCxilA6VDdISs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.253.189.0/24
Signature Algorithm: sha256WithRSAEncryption
09:eb:0d:b7:8f:3f:4f:d5:30:30:56:57:14:38:9f:26:c7:de:
01:43:07:6c:27:2b:bb:fb:29:a1:a4:a0:fc:a2:f8:8e:30:df:
8a:b6:71:cf:ef:f5:3e:9b:d3:59:0b:7b:eb:26:62:ff:8a:af:
71:99:c1:ca:e9:ff:ac:af:51:7a:46:31:d3:c7:56:96:40:11:
b4:4c:e9:0c:4b:6d:3e:cc:b4:29:f5:77:f9:ac:41:4b:ab:d1:
54:ea:1c:1d:5a:1d:7c:5f:86:b6:23:b6:b1:26:04:a7:3e:c9:
77:40:f7:b5:b8:de:71:82:45:af:e5:56:d9:47:f0:ad:5b:85:
43:48:5b:3e:00:3e:77:20:ed:e4:1b:1c:ec:d3:d7:7b:73:f5:
79:5f:bd:0c:dc:d1:aa:51:14:fc:24:fa:39:74:7d:bf:50:2d:
17:f4:28:13:10:6b:10:8b:3b:0e:0c:1e:15:42:16:60:65:7b:
0e:00:be:b8:bd:f2:b7:bb:01:5b:b7:80:65:ec:79:10:24:c0:
02:d4:42:ce:8d:51:87:2e:5a:0d:53:83:cc:6c:13:73:67:62:
41:cb:3e:6d:56:57:0b:e3:89:e2:78:62:7c:e1:1d:ea:77:d3:
31:8a:8b:07:89:f6:3c:9b:1a:2f:53:0c:e4:18:5c:11:f2:a5:
68:22:8c:41
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAgGW8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NjQ5MjhhOTdiZTk1NTM3NzAxM2QzODJjNjI5NDBlOTUwZGQyMTJiMB4XDTIyMDEw
MTA1MDI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MyMDAyZTg1ZGU5
ZDk2OTFlYTFhMDdlODVmN2M2OTVhOTAyMTBmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIvRl95CQUMbmlHw/iCG2k8vkEH4tJB0/y5JBwjK+MVFPOqu
Ffw/wv0ne7BbMVIuYIRWimF2X/DQRFDLEe7TTgj0rymMOS4s7XBDjwkjAj8zrC2p
4lshbX+0nC/6t5jJDCENinM6gO9ugtYlA4CHOnSG8QvsRDV1EEQaa1CniiLNfZzR
667yUe0pEcjWMlsmw5gbj4ZNhEkVsAObkmHeKEOFgWRLtPQ67K7YDNJ96/XwEKKM
z3PmhlPx6yCY0WKrnJ9LB2aCvbhhGTFGXAadElF2bfBMAKOJviIxKr36jwiMYmDD
Mu06FLEavWMniuN1v8QjDv7ktZgPshdqFVjHhCkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ8IALoXenZaR6hoH6F98aVqQIQ/TAfBgNVHSMEGDAWgBR2SSipe+lVN3AT
04LGKUDpUN0hKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Rra29xWHZwVlRkd0U5T0N4aWxBNlZEZElTcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvOTUzNmY1LWY1NjYtNGM4MC1hN2Q5LWJjMTUyMjc4OWQzYi8x
L1BDQUM2RjNwMldrZW9hQi1oZmZHbGFrQ0VQMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
OTUzNmY1LWY1NjYtNGM4MC1hN2Q5LWJjMTUyMjc4OWQzYi8xL2Rra29xWHZwVlRk
d0U5T0N4aWxBNlZEZElTcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFf9vTANBgkqhkiG9w0BAQsFAAOC
AQEACesNt48/T9UwMFZXFDifJsfeAUMHbCcru/spoaSg/KL4jjDfirZxz+/1PpvT
WQt76yZi/4qvcZnByun/rK9RekYx08dWlkARtEzpDEttPsy0KfV3+axBS6vRVOoc
HVodfF+GtiO2sSYEpz7Jd0D3tbjecYJFr+VW2UfwrVuFQ0hbPgA+dyDt5Bsc7NPX
e3P1eV+9DNzRqlEU/CT6OXR9v1AtF/QoExBrEIs7DgweFUIWYGV7DgC+uL3yt7sB
W7eAZex5ECTAAtRCzo1Rhy5aDVODzGwTc2diQcs+bVZXC+OJ4nhifOEd6nfTMYqL
B4n2PJsaL1MM5BhcEfKlaCKMQQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:03 2025 by rpki-client