Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/267bf5-0220-48b1-b723-a5ae5b19939a/1/PHK0v2uMSxEPGLTWAn1qh7olUJM.roa
File: PHK0v2uMSxEPGLTWAn1qh7olUJM.roa (raw, json)
Hash identifier: t/lCV0dooXfFEpuW/2e3A9q7FuJL1D83tLeP8o+JwcQ=
Subject key identifier: 3C:72:B4:BF:6B:8C:4B:11:0F:18:B4:D6:02:7D:6A:87:BA:25:50:93
Certificate issuer: /CN=cb14d30f3b1e1137423c4b235957f3303064daff
Certificate serial: 01856CF87586D1EC6C9F06C5458BCF90B02C
Authority key identifier: CB:14:D3:0F:3B:1E:11:37:42:3C:4B:23:59:57:F3:30:30:64:DA:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxTTDzseETdCPEsjWVfzMDBk2v8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/267bf5-0220-48b1-b723-a5ae5b19939a/1/PHK0v2uMSxEPGLTWAn1qh7olUJM.roa
Signing time: Sun 01 Jan 2023 10:55:00 +0000
ROA not before: Sun 01 Jan 2023 10:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57710
IP address blocks: 185.235.200.0/22 maxlen: 24
37.61.160.0/20 maxlen: 24
2a00:9640::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:75:86:d1:ec:6c:9f:06:c5:45:8b:cf:90:b0:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb14d30f3b1e1137423c4b235957f3303064daff
Validity
Not Before: Jan 1 10:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c72b4bf6b8c4b110f18b4d6027d6a87ba255093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fd:58:f1:3e:6a:ba:6c:1f:a5:73:d1:0e:4b:
a1:30:44:fc:bf:80:10:0c:70:76:79:28:93:3f:f0:
56:52:b7:67:f7:70:bf:06:af:1c:f0:59:ee:a5:ac:
0a:2a:6b:4f:61:53:e4:87:fe:cb:21:92:3e:3a:ac:
42:0f:e4:a9:b1:6f:6f:00:53:22:24:f5:07:ac:1f:
56:0e:a5:27:4a:f7:c6:18:3d:bd:57:93:ca:ef:32:
d7:7b:86:cf:c5:39:92:ae:5c:25:a8:85:37:27:e7:
cf:27:ef:be:3e:50:d3:a8:f5:55:3c:05:0c:43:57:
40:d6:dd:15:d6:dd:6c:54:e4:ff:0f:70:c2:12:e8:
5a:9f:b6:8c:6d:b0:74:d8:af:7d:0a:b7:ad:07:85:
4e:c1:6e:6b:64:27:48:16:01:7c:16:a6:e0:c4:af:
77:97:ed:68:5c:b0:0a:04:24:f5:0a:c9:dd:07:dc:
40:ee:0a:16:93:d6:89:9d:e1:4c:b3:01:1c:fd:07:
62:82:e3:7b:d8:bd:36:46:25:44:85:b9:56:7d:a3:
11:e6:5d:45:91:ee:06:1f:69:26:68:98:03:78:b9:
a0:1a:e8:08:1e:92:76:59:da:99:ac:69:12:cf:ad:
72:b7:cc:e5:28:6b:ce:5c:f7:0a:cd:45:a0:de:ff:
70:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:72:B4:BF:6B:8C:4B:11:0F:18:B4:D6:02:7D:6A:87:BA:25:50:93
X509v3 Authority Key Identifier:
keyid:CB:14:D3:0F:3B:1E:11:37:42:3C:4B:23:59:57:F3:30:30:64:DA:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxTTDzseETdCPEsjWVfzMDBk2v8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/267bf5-0220-48b1-b723-a5ae5b19939a/1/PHK0v2uMSxEPGLTWAn1qh7olUJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/267bf5-0220-48b1-b723-a5ae5b19939a/1/yxTTDzseETdCPEsjWVfzMDBk2v8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.160.0/20
185.235.200.0/22
IPv6:
2a00:9640::/32
Signature Algorithm: sha256WithRSAEncryption
45:f1:45:a8:00:21:71:2d:4e:44:2c:a2:88:f3:6b:e8:cb:3c:
24:3a:4f:3e:d9:eb:fe:b3:8b:76:bb:10:eb:64:f0:24:14:76:
93:e4:3a:28:46:42:95:99:9e:de:96:69:b1:b7:7a:72:44:db:
6d:c9:dc:02:15:81:95:85:0c:3b:7c:cf:8d:0b:3a:2e:c2:bd:
fb:69:63:98:ad:98:7b:f4:26:6e:ca:e1:ec:e0:ae:09:0b:15:
b7:71:71:e8:d1:39:b0:af:97:3d:4d:43:78:49:04:63:f5:7b:
50:9e:23:f0:09:4c:28:71:5c:17:06:04:f7:07:7d:78:f8:10:
df:43:f5:1e:14:d2:07:45:cd:88:60:81:47:37:32:25:c6:f4:
39:b6:cb:97:2a:78:82:52:b0:84:e1:01:29:2d:8d:9a:be:a0:
3e:85:a0:d8:ec:32:ce:fa:0f:43:f7:c1:08:58:3c:d9:ed:75:
48:4d:10:ec:6b:eb:f1:5a:d0:24:b5:37:86:45:be:97:d2:7f:
cf:64:32:b3:2b:67:b9:73:17:51:8b:da:26:d2:c0:07:bf:96:
c2:0b:94:7a:d1:57:33:36:b5:00:4e:27:12:57:97:78:7a:e6:
9f:54:68:ff:eb:80:47:64:22:1e:c1:2a:ec:7f:a8:b7:88:5f:
78:8f:e5:92
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVs+HWG0exsnwbFRYvPkLAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTRkMzBmM2IxZTExMzc0MjNjNGIyMzU5NTdmMzMwMzA2
NGRhZmYwHhcNMjMwMTAxMTA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzcyYjRiZjZiOGM0YjExMGYxOGI0ZDYwMjdkNmE4N2JhMjU1MDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArv1Y8T5qumwfpXPRDkuhMET8v4AQ
DHB2eSiTP/BWUrdn93C/Bq8c8FnupawKKmtPYVPkh/7LIZI+OqxCD+SpsW9vAFMi
JPUHrB9WDqUnSvfGGD29V5PK7zLXe4bPxTmSrlwlqIU3J+fPJ+++PlDTqPVVPAUM
Q1dA1t0V1t1sVOT/D3DCEuhan7aMbbB02K99CretB4VOwW5rZCdIFgF8FqbgxK93
l+1oXLAKBCT1CsndB9xA7goWk9aJneFMswEc/QdiguN72L02RiVEhblWfaMR5l1F
ke4GH2kmaJgDeLmgGugIHpJ2WdqZrGkSz61yt8zlKGvOXPcKzUWg3v9wbwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDxytL9rjEsRDxi01gJ9aoe6JVCTMB8GA1UdIwQY
MBaAFMsU0w87HhE3QjxLI1lX8zAwZNr/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhUVER6c2VFVGRDUEVzaldWZnpNREJrMnY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNjdiZjUtMDIyMC00OGIxLWI3MjMt
YTVhZTViMTk5MzlhLzEvUEhLMHYydU1TeEVQR0xUV0FuMXFoN29sVUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNjdiZjUtMDIyMC00OGIxLWI3MjMtYTVhZTViMTk5Mzlh
LzEveXhUVER6c2VFVGRDUEVzaldWZnpNREJrMnY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEJT2gAwQC
uevIMA0EAgACMAcDBQAqAJZAMA0GCSqGSIb3DQEBCwUAA4IBAQBF8UWoACFxLU5E
LKKI82voyzwkOk8+2ev+s4t2uxDrZPAkFHaT5DooRkKVmZ7elmmxt3pyRNttydwC
FYGVhQw7fM+NCzouwr37aWOYrZh79CZuyuHs4K4JCxW3cXHo0Tmwr5c9TUN4SQRj
9XtQniPwCUwocVwXBgT3B314+BDfQ/UeFNIHRc2IYIFHNzIlxvQ5tsuXKniCUrCE
4QEpLY2avqA+haDY7DLO+g9D98EIWDzZ7XVITRDsa+vxWtAktTeGRb6X0n/PZDKz
K2e5cxdRi9om0sAHv5bCC5R60VczNrUATicSV5d4euafVGj/64BHZCIewSrsf6i3
iF94j+WS
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:01 2025 by rpki-client