Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/pnh1UCG4UxQHKS-48bRZRPKV63M.roa
File: pnh1UCG4UxQHKS-48bRZRPKV63M.roa (raw, json)
Hash identifier: h4l+ztYFJwYcr8Q1+gNJq1P8q5j1VJRpTtj2CGq77vs=
Subject key identifier: A6:78:75:50:21:B8:53:14:07:29:2F:B8:F1:B4:59:44:F2:95:EB:73
Certificate issuer: /CN=f356cdd5a49ce6c42a9a35fa77b9727819688896
Certificate serial: 01856FCB9B277459EACE78D7B35156D52A98
Authority key identifier: F3:56:CD:D5:A4:9C:E6:C4:2A:9A:35:FA:77:B9:72:78:19:68:88:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/81bN1aSc5sQqmjX6d7lyeBloiJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/pnh1UCG4UxQHKS-48bRZRPKV63M.roa
Signing time: Mon 02 Jan 2023 00:04:52 +0000
ROA not before: Mon 02 Jan 2023 00:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 134.99.0.0/16 maxlen: 16
134.99.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:9b:27:74:59:ea:ce:78:d7:b3:51:56:d5:2a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f356cdd5a49ce6c42a9a35fa77b9727819688896
Validity
Not Before: Jan 2 00:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a678755021b8531407292fb8f1b45944f295eb73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:88:94:16:ed:23:a7:d3:68:e6:5c:b7:40:a9:
21:fa:9e:94:82:03:a4:8d:cd:b1:24:88:09:a1:53:
cc:ce:a3:37:18:1c:89:3a:e9:e2:70:97:0d:a8:ec:
b7:00:49:e7:1a:aa:80:ca:a0:cd:6a:64:bb:c0:22:
53:05:98:e2:9e:95:55:50:2f:15:69:cc:96:48:66:
e9:c1:a6:6a:d5:25:67:44:8d:66:d9:0b:4d:ac:9a:
bb:51:09:e3:f1:b3:28:b1:00:b0:c0:1d:1c:d6:6e:
6b:74:d1:c7:8c:5f:56:fa:32:39:49:7a:24:62:86:
68:b0:79:e3:2a:7f:a4:e9:94:7f:2f:7f:e4:46:9a:
dd:cc:dd:d3:99:25:ca:5e:77:ee:d4:3b:f9:88:01:
07:32:0e:10:fa:77:ac:13:13:b9:90:c6:ab:01:1f:
13:c3:2e:ef:76:d6:de:b6:26:0f:01:da:7b:5e:3d:
45:f8:84:7a:19:04:38:6c:fb:01:10:60:b6:73:48:
dc:a7:be:ed:e5:8a:0c:22:dd:3e:fa:a1:88:28:9f:
f9:f3:85:9e:bd:3e:c8:43:ab:24:d3:48:4e:98:ab:
e5:5d:5a:11:e9:51:99:43:9a:8d:ef:ad:c5:bd:4e:
d0:96:5b:e4:00:c2:54:c7:23:22:7e:af:db:c9:b1:
5e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:78:75:50:21:B8:53:14:07:29:2F:B8:F1:B4:59:44:F2:95:EB:73
X509v3 Authority Key Identifier:
keyid:F3:56:CD:D5:A4:9C:E6:C4:2A:9A:35:FA:77:B9:72:78:19:68:88:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/81bN1aSc5sQqmjX6d7lyeBloiJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/pnh1UCG4UxQHKS-48bRZRPKV63M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/81bN1aSc5sQqmjX6d7lyeBloiJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:93:93:60:61:ee:75:0b:7c:30:68:2f:65:19:ee:60:f4:3a:
1a:15:3e:ee:15:8f:aa:86:1e:69:fc:f6:28:45:1d:53:58:d4:
b1:1d:0a:b7:7b:5b:37:ef:4e:9a:5d:0d:4d:42:9e:fd:69:ac:
62:d0:70:f0:41:db:ff:fd:4a:a5:e4:8b:5b:dc:eb:18:57:7c:
ad:31:3c:3a:4d:1a:c9:9b:20:2e:f8:39:13:69:fb:19:c0:6d:
44:86:79:68:32:83:25:e2:c2:f7:ac:52:3b:8b:b4:02:56:bf:
ac:b5:d0:0b:28:d8:e8:e5:9d:9d:4b:da:c5:18:cb:a1:fe:5a:
e1:f0:32:f9:e6:43:54:32:00:dd:aa:fc:59:d3:fc:1c:21:14:
9e:21:4f:ae:b8:1a:b2:8e:c7:03:59:7b:60:d5:64:6f:3f:d5:
c8:af:22:1a:8b:0a:fa:7d:7d:67:2e:88:3c:35:08:87:d0:98:
21:b9:e2:81:fa:af:60:38:9d:7a:a4:bf:1a:1e:37:9f:89:16:
52:cb:8a:22:8f:6a:cb:f2:02:dc:3d:9d:ca:ae:96:ab:b9:5f:
9d:3a:1e:e1:8e:71:1b:ed:87:41:e4:01:b5:b0:69:82:9b:50:
f5:3e:d1:0b:97:00:26:ca:89:04:85:b0:6b:34:bc:92:94:25:
8d:43:33:89
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVvy5sndFnqznjXs1FW1SqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNTZjZGQ1YTQ5Y2U2YzQyYTlhMzVmYTc3Yjk3Mjc4MTk2
ODg4OTYwHhcNMjMwMTAyMDAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjc4NzU1MDIxYjg1MzE0MDcyOTJmYjhmMWI0NTk0NGYyOTVlYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4iUFu0jp9No5ly3QKkh+p6UggOk
jc2xJIgJoVPMzqM3GByJOunicJcNqOy3AEnnGqqAyqDNamS7wCJTBZjinpVVUC8V
acyWSGbpwaZq1SVnRI1m2QtNrJq7UQnj8bMosQCwwB0c1m5rdNHHjF9W+jI5SXok
YoZosHnjKn+k6ZR/L3/kRprdzN3TmSXKXnfu1Dv5iAEHMg4Q+nesExO5kMarAR8T
wy7vdtbetiYPAdp7Xj1F+IR6GQQ4bPsBEGC2c0jcp77t5YoMIt0++qGIKJ/584We
vT7IQ6sk00hOmKvlXVoR6VGZQ5qN763FvU7QllvkAMJUxyMifq/bybFedwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKZ4dVAhuFMUBykvuPG0WUTyletzMB8GA1UdIwQY
MBaAFPNWzdWknObEKpo1+ne5cngZaIiWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODFiTjFhU2M1c1FxbWpYNmQ3bHllQmxvaUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83MmQ0OGItODY1YS00ZTZlLTk2ZjMt
NTc2OGQzN2Y3YmI1LzEvcG5oMVVDRzRVeFFIS1MtNDhiUlpSUEtWNjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83MmQ0OGItODY1YS00ZTZlLTk2ZjMtNTc2OGQzN2Y3YmI1
LzEvODFiTjFhU2M1c1FxbWpYNmQ3bHllQmxvaUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAhmMwDQYJ
KoZIhvcNAQELBQADggEBAHOTk2Bh7nULfDBoL2UZ7mD0OhoVPu4Vj6qGHmn89ihF
HVNY1LEdCrd7WzfvTppdDU1Cnv1prGLQcPBB2//9SqXki1vc6xhXfK0xPDpNGsmb
IC74ORNp+xnAbUSGeWgygyXiwvesUjuLtAJWv6y10Aso2OjlnZ1L2sUYy6H+WuHw
MvnmQ1QyAN2q/FnT/BwhFJ4hT664GrKOxwNZe2DVZG8/1civIhqLCvp9fWcuiDw1
CIfQmCG54oH6r2A4nXqkvxoeN5+JFlLLiiKPasvyAtw9ncqulqu5X506HuGOcRvt
h0HkAbWwaYKbUPU+0QuXACbKiQSFsGs0vJKUJY1DM4k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:32 2025 by rpki-client