Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d502-c5d8-4b14-9836-a67f95f2de5e/1/PeDT4p2BOxIHhSEH0mmoS6MqQ-c.roa
File: PeDT4p2BOxIHhSEH0mmoS6MqQ-c.roa (raw, json)
Hash identifier: wTq9/hzW+Ds6eCVIIApPAPtRuK0oe/GCXjQrcc/PFLQ=
Subject key identifier: 3D:E0:D3:E2:9D:81:3B:12:07:85:21:07:D2:69:A8:4B:A3:2A:43:E7
Certificate issuer: /CN=536c4c94fed4fa8b903f6f6fb5340484c0e4a4d3
Certificate serial: 01856F42D3EA167B36F4448CA44618C4CDD3
Authority key identifier: 53:6C:4C:94:FE:D4:FA:8B:90:3F:6F:6F:B5:34:04:84:C0:E4:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U2xMlP7U-ouQP29vtTQEhMDkpNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d502-c5d8-4b14-9836-a67f95f2de5e/1/PeDT4p2BOxIHhSEH0mmoS6MqQ-c.roa
Signing time: Sun 01 Jan 2023 21:35:28 +0000
ROA not before: Sun 01 Jan 2023 21:35:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8859
IP address blocks: 193.17.21.0/24 maxlen: 24
213.241.128.0/18 maxlen: 24
185.181.188.0/22 maxlen: 24
194.45.27.0/24 maxlen: 24
212.114.64.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d3:ea:16:7b:36:f4:44:8c:a4:46:18:c4:cd:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=536c4c94fed4fa8b903f6f6fb5340484c0e4a4d3
Validity
Not Before: Jan 1 21:35:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3de0d3e29d813b1207852107d269a84ba32a43e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:34:4d:bd:9f:bf:4c:d9:da:8b:31:45:94:5e:
44:d4:57:ed:be:a4:38:bf:32:c2:8b:40:2d:3d:bf:
e5:36:1f:23:5d:7b:e1:4a:08:6e:5e:83:5b:7f:fa:
6b:a3:c2:67:e5:c9:5c:1c:5d:66:ad:e6:89:e2:7b:
d9:14:58:1c:65:ce:d1:22:87:cd:74:5a:04:a3:7a:
f4:87:d0:26:76:6f:39:98:ce:9f:80:69:8e:7b:cc:
47:e1:6a:3b:c6:f6:54:79:77:63:d5:b1:05:3a:1a:
3a:7b:87:01:23:02:41:6a:c3:f1:41:a0:19:e9:38:
52:1e:c1:87:a6:6f:d2:04:99:7c:2b:68:c6:27:38:
1d:c8:ac:f3:d3:89:5a:92:50:ff:db:24:a8:92:89:
32:3e:c6:95:3d:25:8f:7e:14:b9:04:7a:bd:22:c7:
3f:c7:0c:66:29:53:61:12:72:57:a1:41:8c:34:ae:
8d:2d:fc:1c:4e:16:b8:23:f3:90:9a:9a:52:6a:97:
cd:78:67:97:a4:0a:98:69:2b:73:87:95:1f:27:63:
6f:b7:24:0f:b7:fe:3a:5d:99:e1:0e:ff:1d:33:98:
94:7f:e5:9b:ab:32:8a:80:28:2a:d9:4c:34:25:a3:
f8:8f:3b:16:bd:81:31:54:85:18:84:ee:55:1f:b6:
0c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E0:D3:E2:9D:81:3B:12:07:85:21:07:D2:69:A8:4B:A3:2A:43:E7
X509v3 Authority Key Identifier:
keyid:53:6C:4C:94:FE:D4:FA:8B:90:3F:6F:6F:B5:34:04:84:C0:E4:A4:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U2xMlP7U-ouQP29vtTQEhMDkpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d502-c5d8-4b14-9836-a67f95f2de5e/1/PeDT4p2BOxIHhSEH0mmoS6MqQ-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d502-c5d8-4b14-9836-a67f95f2de5e/1/U2xMlP7U-ouQP29vtTQEhMDkpNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.188.0/22
193.17.21.0/24
194.45.27.0/24
212.114.64.0/19
213.241.128.0/18
Signature Algorithm: sha256WithRSAEncryption
57:f4:fa:d4:9d:8a:70:e5:1e:28:ff:88:f2:12:53:83:95:70:
11:6f:39:aa:2b:31:66:98:24:12:1c:e3:83:d1:46:c0:1a:03:
63:66:0b:48:1f:96:42:f8:d5:2c:ba:df:eb:55:a7:4c:6b:73:
97:6b:ed:fb:fa:28:37:b5:38:21:39:35:17:27:cb:47:34:0b:
d2:44:95:ee:8f:43:7d:31:81:45:4f:6e:b7:98:89:97:ca:d3:
9f:85:8f:49:70:74:5d:04:49:a1:87:73:f3:c0:33:98:60:1c:
cc:ef:a3:da:12:e6:2b:8b:c1:73:a5:dd:95:c9:31:65:24:49:
d6:42:8d:68:14:cd:ba:60:93:d7:5c:bc:54:1f:ae:fa:69:46:
7d:3b:17:c7:c9:b4:d8:84:ba:73:a2:d6:9a:51:3f:7a:00:74:
1a:8e:85:a8:70:e8:36:7a:69:ad:a2:41:04:77:17:0f:5d:e8:
a5:56:e1:95:33:14:eb:bf:23:00:ad:99:4a:a0:ce:54:68:e0:
38:c6:50:3c:50:ae:63:7b:d3:d3:99:49:10:6a:1c:0a:3f:e0:
a4:86:9d:ea:75:bc:57:8e:7a:48:c2:71:c9:fc:f0:a7:da:69:
ca:51:c6:6a:b4:c7:05:c7:b0:06:d8:86:66:91:26:a0:e3:77:
0d:80:83:a8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvQtPqFns29ESMpEYYxM3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNmM0Yzk0ZmVkNGZhOGI5MDNmNmY2ZmI1MzQwNDg0YzBl
NGE0ZDMwHhcNMjMwMTAxMjEzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGUwZDNlMjlkODEzYjEyMDc4NTIxMDdkMjY5YTg0YmEzMmE0M2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDRNvZ+/TNnaizFFlF5E1FftvqQ4
vzLCi0AtPb/lNh8jXXvhSghuXoNbf/pro8Jn5clcHF1mreaJ4nvZFFgcZc7RIofN
dFoEo3r0h9Amdm85mM6fgGmOe8xH4Wo7xvZUeXdj1bEFOho6e4cBIwJBasPxQaAZ
6ThSHsGHpm/SBJl8K2jGJzgdyKzz04laklD/2ySokokyPsaVPSWPfhS5BHq9Isc/
xwxmKVNhEnJXoUGMNK6NLfwcTha4I/OQmppSapfNeGeXpAqYaStzh5UfJ2NvtyQP
t/46XZnhDv8dM5iUf+WbqzKKgCgq2Uw0JaP4jzsWvYExVIUYhO5VH7YMCwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD3g0+KdgTsSB4UhB9JpqEujKkPnMB8GA1UdIwQY
MBaAFFNsTJT+1PqLkD9vb7U0BITA5KTTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTJ4TWxQN1Utb3VRUDI5dnRUUUVoTURrcE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQ1MDItYzVkOC00YjE0LTk4MzYt
YTY3Zjk1ZjJkZTVlLzEvUGVEVDRwMkJPeElIaFNFSDBtbW9TNk1xUS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQ1MDItYzVkOC00YjE0LTk4MzYtYTY3Zjk1ZjJkZTVl
LzEvVTJ4TWxQN1Utb3VRUDI5dnRUUUVoTURrcE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCubW8AwQA
wREVAwQAwi0bAwQF1HJAAwQG1fGAMA0GCSqGSIb3DQEBCwUAA4IBAQBX9PrUnYpw
5R4o/4jyElODlXARbzmqKzFmmCQSHOOD0UbAGgNjZgtIH5ZC+NUsut/rVadMa3OX
a+37+ig3tTghOTUXJ8tHNAvSRJXuj0N9MYFFT263mImXytOfhY9JcHRdBEmhh3Pz
wDOYYBzM76PaEuYri8Fzpd2VyTFlJEnWQo1oFM26YJPXXLxUH676aUZ9OxfHybTY
hLpzotaaUT96AHQajoWocOg2emmtokEEdxcPXeilVuGVMxTrvyMArZlKoM5UaOA4
xlA8UK5je9PTmUkQahwKP+Ckhp3qdbxXjnpIwnHJ/PCn2mnKUcZqtMcFx7AG2IZm
kSag43cNgIOo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:16 2025 by rpki-client