Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/PqD8m5npGGglRkHjrmNre-V62jY.roa
File: PqD8m5npGGglRkHjrmNre-V62jY.roa (raw, json)
Hash identifier: RL/DZNEfZFH7XawuNnCgtKdefCbrp61Fkf+tymQyfQY=
Subject key identifier: 3E:A0:FC:9B:99:E9:18:68:25:46:41:E3:AE:63:6B:7B:E5:7A:DA:36
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018512C1DEC69D3928E4DDB2FB971720E552
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/PqD8m5npGGglRkHjrmNre-V62jY.roa
Signing time: Wed 14 Dec 2022 22:29:33 +0000
ROA not before: Wed 14 Dec 2022 22:29:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42473
IP address blocks: 185.228.148.0/22 maxlen: 22
37.235.4.0/24 maxlen: 24
37.235.3.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
185.2.176.0/22 maxlen: 32
144.208.192.0/18 maxlen: 32
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.207.0/24 maxlen: 24
178.255.152.0/21 maxlen: 32
94.16.125.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
176.123.54.0/23 maxlen: 23
213.227.160.0/19 maxlen: 32
194.1.206.0/24 maxlen: 32
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
217.146.0.0/19 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.247.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
188.172.192.0/18 maxlen: 32
185.81.209.0/24 maxlen: 24
188.172.208.0/24 maxlen: 24
188.65.72.0/21 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
144.208.216.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
2a00:11c0:66::/48 maxlen: 48
2a00:11c0::/32 maxlen: 128
2a01:aea0:dd1::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a01:aea0::/40 maxlen: 40
2a01:aea0::/32 maxlen: 32
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:12:c1:de:c6:9d:39:28:e4:dd:b2:fb:97:17:20:e5:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Dec 14 22:29:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ea0fc9b99e91868254641e3ae636b7be57ada36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:9c:c4:b4:99:cd:e5:32:34:a6:80:07:e6:ee:
da:66:24:56:f8:1a:bb:de:c6:aa:88:43:19:2a:73:
00:d4:2c:a9:a7:75:dd:e6:12:61:9e:0f:0b:c3:54:
b6:ad:fc:67:0f:d5:be:5a:2b:d7:61:b6:ea:52:d3:
2d:e2:bd:5b:28:ad:f6:18:98:d3:2e:58:40:f6:15:
c4:b9:70:7e:18:5d:2f:14:28:76:38:5e:ad:8e:5e:
a0:26:40:54:ad:3c:b0:4f:32:11:71:2e:e0:ef:10:
53:c5:2f:51:8a:1d:f6:ac:c8:ee:85:32:25:a1:49:
e5:a0:f9:90:3f:28:51:6d:e9:75:85:7f:60:77:13:
83:63:2b:9b:45:02:39:ba:4f:14:6b:32:7c:1e:a3:
e1:7b:1a:7a:4a:fd:de:8d:fc:56:00:4c:96:ee:e0:
e5:a1:9f:b3:88:1e:86:5b:79:44:9f:9b:6b:7a:b5:
a8:29:43:dd:a4:df:49:7f:1c:d1:4c:ec:85:bb:4d:
a0:ea:8f:10:99:0f:f9:cb:89:fa:58:99:9a:7e:41:
60:b4:9d:ee:fe:47:08:c5:68:f7:ef:0b:f0:7d:55:
2d:46:70:27:a7:92:b3:7f:b6:ee:82:3f:f9:19:ac:
17:67:00:2d:1e:8b:2c:fe:03:2f:47:da:89:ce:3a:
89:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A0:FC:9B:99:E9:18:68:25:46:41:E3:AE:63:6B:7B:E5:7A:DA:36
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/PqD8m5npGGglRkHjrmNre-V62jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.252.224.0/19
45.132.61.0-45.132.63.255
94.16.125.0/24
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:e1:a0:e6:44:4b:ab:97:e6:92:35:ea:b9:a7:3b:f0:7f:e5:
a0:b3:c8:0e:35:53:15:8c:8b:21:d0:cc:66:60:8f:9c:e5:0a:
11:41:46:74:24:0d:c5:a1:f6:5e:9e:53:e9:b8:52:b4:ff:81:
a5:45:ac:58:c8:be:89:81:4e:82:6f:db:a6:e9:b0:37:64:52:
a9:3a:9f:57:43:62:77:c4:86:9c:35:9d:32:6f:52:9f:20:ed:
31:26:74:c2:b0:06:55:f9:40:db:92:be:af:22:ba:8d:66:29:
6d:23:7d:1c:1b:67:05:e8:01:94:53:e5:63:1d:0c:86:f9:7c:
ed:e5:22:c0:54:9a:d4:20:b1:8c:f1:cc:16:e7:1b:6e:04:f1:
f5:4f:b0:31:6e:c1:ff:5e:b0:3c:16:01:11:ae:9a:78:78:72:
78:a1:2a:96:45:06:50:ad:b4:bd:d8:19:ee:32:39:fa:26:6f:
0c:da:7a:c8:9c:48:a7:87:fd:f2:cd:be:e2:93:fd:81:f9:49:
72:44:08:41:61:36:4d:15:9c:a0:73:15:46:ab:da:cf:34:59:
2a:37:c4:b3:b3:21:bc:08:51:c2:d2:cf:cc:76:21:ef:8c:59:
96:ec:2c:29:fe:0f:69:32:16:66:ac:de:74:f6:3b:8d:bf:43:
d3:b9:a2:94
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYUSwd7GnTko5N2y+5cXIOVSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjIxMjE0MjIyOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWEwZmM5Yjk5ZTkxODY4MjU0NjQxZTNhZTYzNmI3YmU1N2FkYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pzEtJnN5TI0poAH5u7aZiRW+Bq7
3saqiEMZKnMA1Cypp3Xd5hJhng8Lw1S2rfxnD9W+WivXYbbqUtMt4r1bKK32GJjT
LlhA9hXEuXB+GF0vFCh2OF6tjl6gJkBUrTywTzIRcS7g7xBTxS9Rih32rMjuhTIl
oUnloPmQPyhRbel1hX9gdxODYyubRQI5uk8UazJ8HqPhexp6Sv3ejfxWAEyW7uDl
oZ+ziB6GW3lEn5trerWoKUPdpN9JfxzRTOyFu02g6o8QmQ/5y4n6WJmafkFgtJ3u
/kcIxWj37wvwfVUtRnAnp5Kzf7bugj/5GawXZwAtHoss/gMvR9qJzjqJjwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFD6g/JuZ6RhoJUZB465ja3vleto2MB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvUHFEOG01bnBHR2dsUmtIanJtTnJlLVY2MmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBiQQCAAEwgYIwDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAAwQAXhB9AwQGkNDAAwQBsHs2
AwQDsv+YAwQCuQKwAwQBuTLoAwQAuTLrAwQAuVHRAwQCuXRgAwQCueSUAwQDvEFI
AwQGvKzAAwQBwSFyAwQAwgHOAwQF1eOgAwQF2ZIAMBQEAgACMA4DBQAqABHAAwUA
KgGuoDANBgkqhkiG9w0BAQsFAAOCAQEADeGg5kRLq5fmkjXquac78H/loLPIDjVT
FYyLIdDMZmCPnOUKEUFGdCQNxaH2Xp5T6bhStP+BpUWsWMi+iYFOgm/bpumwN2RS
qTqfV0Nid8SGnDWdMm9SnyDtMSZ0wrAGVflA25K+ryK6jWYpbSN9HBtnBegBlFPl
Yx0Mhvl87eUiwFSa1CCxjPHMFucbbgTx9U+wMW7B/16wPBYBEa6aeHhyeKEqlkUG
UK20vdgZ7jI5+iZvDNp6yJxIp4f98s2+4pP9gflJckQIQWE2TRWcoHMVRqvazzRZ
KjfEs7MhvAhRwtLPzHYh74xZluwsKf4PaTIWZqzedPY7jb9D07milA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org