Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/PYg3mupMmMdohhLIoMQMXgXGUtA.roa
File: PYg3mupMmMdohhLIoMQMXgXGUtA.roa (raw, json)
Hash identifier: /bvdzv/stwsONlU4FcX6a9rqVI3VrMfXo4uv7VR7d9s=
Subject key identifier: 3D:88:37:9A:EA:4C:98:C7:68:86:12:C8:A0:C4:0C:5E:05:C6:52:D0
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 018847967D65587F8BCC3B04EF2DD70474BF
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/PYg3mupMmMdohhLIoMQMXgXGUtA.roa
Signing time: Tue 23 May 2023 07:50:24 +0000
ROA not before: Tue 23 May 2023 07:50:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47694
IP address blocks: 176.124.0.0/19 maxlen: 24
178.217.160.0/21 maxlen: 24
91.211.16.0/22 maxlen: 24
91.211.19.0/24 maxlen: 24
81.163.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:47:96:7d:65:58:7f:8b:cc:3b:04:ef:2d:d7:04:74:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: May 23 07:50:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d88379aea4c98c7688612c8a0c40c5e05c652d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:75:95:98:9a:8d:10:79:9f:9e:87:dc:55:1f:
be:37:97:1e:f1:f1:94:e7:f9:5a:23:20:f3:f9:b8:
f8:95:c7:fc:ed:73:fe:40:12:4e:aa:ed:29:13:87:
6e:8c:4b:fc:d2:b2:46:b3:b4:fb:cc:f7:86:b4:7d:
1f:f6:b0:4c:e1:74:4c:38:7d:58:03:fa:9a:62:ef:
52:e5:d2:07:ee:d2:79:6f:87:3d:d0:fc:74:7c:b0:
63:1a:c0:d8:8a:28:d2:f7:79:51:bc:f5:60:4a:72:
9a:75:e4:f0:91:0d:47:aa:af:54:6b:08:37:b6:8d:
86:c1:c1:33:4e:43:28:40:04:82:3f:04:f0:02:b7:
2a:fa:e3:01:14:46:d7:36:0b:84:75:6a:d9:3d:83:
1a:7a:67:2e:74:5f:24:00:8e:6b:0a:b2:0b:7f:da:
e3:3d:0d:ff:da:e6:de:d5:01:00:2b:c2:12:c0:98:
2a:cf:38:16:1f:48:fe:d9:8f:e2:8c:56:35:f0:14:
17:7e:ca:24:31:6d:8b:39:8c:ba:1b:2c:96:39:d7:
c4:b7:71:94:bb:c6:2f:b8:ed:91:36:a4:cc:a2:c9:
5b:f9:e2:4e:73:2b:ef:dd:1d:31:c1:8b:b8:1b:4c:
8f:77:c5:95:a2:c7:13:49:6b:f6:cc:90:05:22:d2:
34:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:88:37:9A:EA:4C:98:C7:68:86:12:C8:A0:C4:0C:5E:05:C6:52:D0
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/PYg3mupMmMdohhLIoMQMXgXGUtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.163.128.0/19
91.211.16.0/22
176.124.0.0/19
178.217.160.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:c9:00:cb:d4:ba:04:d9:6e:b3:46:c8:a9:92:b1:c0:86:73:
4e:a6:00:f1:dc:9a:5e:c5:42:6e:ce:49:2f:65:91:0f:2b:07:
94:df:80:1e:cd:92:1c:11:98:84:8b:13:83:5d:59:d7:63:48:
b0:0d:28:19:43:d4:be:89:19:84:06:4b:cc:80:3d:36:a7:1e:
aa:d0:4c:1d:ec:80:3e:4d:cf:11:46:36:bc:f2:27:40:2b:15:
d1:74:89:0a:45:37:45:40:d3:98:1a:8f:01:35:ea:88:b6:af:
37:27:f5:7d:65:9e:bf:e4:9b:b3:44:16:36:84:df:56:55:98:
9c:77:0e:e5:80:84:ea:14:ab:56:a8:0e:30:e0:ab:39:57:9b:
b4:48:99:8b:73:fc:c7:f8:e2:9d:1e:9e:c9:37:af:79:09:0a:
95:85:61:f7:ad:61:d2:73:b3:c9:80:c1:61:5c:d1:8f:c8:89:
e4:c1:bf:d4:ea:d3:16:16:1a:64:8a:d3:f4:85:a4:1f:9e:3a:
17:6f:c9:bc:4d:0d:c9:c1:6a:9e:65:b7:1e:a9:65:cf:63:7a:
7f:07:d8:97:96:11:6c:00:bd:3b:f4:3b:e9:6d:a7:60:45:48:
86:2c:9d:93:ff:60:bc:fe:c3:c9:2a:63:be:4a:6b:20:36:27:
84:88:26:0e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhHln1lWH+LzDsE7y3XBHS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjMwNTIzMDc1MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDg4Mzc5YWVhNGM5OGM3Njg4NjEyYzhhMGM0MGM1ZTA1YzY1MmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznWVmJqNEHmfnofcVR++N5ce8fGU
5/laIyDz+bj4lcf87XP+QBJOqu0pE4dujEv80rJGs7T7zPeGtH0f9rBM4XRMOH1Y
A/qaYu9S5dIH7tJ5b4c90Px0fLBjGsDYiijS93lRvPVgSnKadeTwkQ1Hqq9Uawg3
to2GwcEzTkMoQASCPwTwArcq+uMBFEbXNguEdWrZPYMaemcudF8kAI5rCrILf9rj
PQ3/2ube1QEAK8ISwJgqzzgWH0j+2Y/ijFY18BQXfsokMW2LOYy6GyyWOdfEt3GU
u8YvuO2RNqTMoslb+eJOcyvv3R0xwYu4G0yPd8WVoscTSWv2zJAFItI0VwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD2IN5rqTJjHaIYSyKDEDF4FxlLQMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvUFlnM211cE1tTWRvaGhMSW9NUU1YZ1hHVXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUaOAAwQC
W9MQAwQFsHwAAwQDstmgMA0GCSqGSIb3DQEBCwUAA4IBAQCqyQDL1LoE2W6zRsip
krHAhnNOpgDx3JpexUJuzkkvZZEPKweU34AezZIcEZiEixODXVnXY0iwDSgZQ9S+
iRmEBkvMgD02px6q0Ewd7IA+Tc8RRja88idAKxXRdIkKRTdFQNOYGo8BNeqItq83
J/V9ZZ6/5JuzRBY2hN9WVZicdw7lgITqFKtWqA4w4Ks5V5u0SJmLc/zH+OKdHp7J
N695CQqVhWH3rWHSc7PJgMFhXNGPyInkwb/U6tMWFhpkitP0haQfnjoXb8m8TQ3J
wWqeZbceqWXPY3p/B9iXlhFsAL079DvpbadgRUiGLJ2T/2C8/sPJKmO+SmsgNieE
iCYO
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:58:57 2025 by rpki-client