Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PFDa0QKVQcE8_toXqAnEcCA1eKY.roa
File: PFDa0QKVQcE8_toXqAnEcCA1eKY.roa (raw, json)
Hash identifier: xlVvdr8x2DgmNXfmRQMAWmhBtBQfvaIw8J6pTAU8Rls=
Subject key identifier: 3C:50:DA:D1:02:95:41:C1:3C:FE:DA:17:A8:09:C4:70:20:35:78:A6
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0183ACC25856C38075098E970440C4BB804D
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PFDa0QKVQcE8_toXqAnEcCA1eKY.roa
Signing time: Thu 06 Oct 2022 10:06:01 +0000
ROA not before: Thu 06 Oct 2022 10:06:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.106.192.0/23 maxlen: 24
82.163.54.0/23 maxlen: 24
82.163.52.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:c2:58:56:c3:80:75:09:8e:97:04:40:c4:bb:80:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 6 10:06:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c50dad1029541c13cfeda17a809c470203578a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b0:1f:48:b1:2e:25:29:40:10:91:5f:1e:0d:
01:91:24:5d:d9:6c:a9:dc:26:d9:4e:15:f9:d6:de:
81:eb:18:db:2a:74:d2:4a:43:47:f8:6e:ad:cd:47:
ba:bd:bf:1d:16:7d:9e:08:b8:3f:71:11:e8:94:0c:
2c:b3:02:65:3a:e3:10:31:2d:d4:08:24:8a:01:ac:
c1:a3:66:a7:d0:26:7b:e8:c4:a3:8f:83:1b:f5:57:
64:2f:ee:20:8b:9d:25:ab:43:cc:fd:3d:db:71:05:
75:b8:9a:4b:a1:e0:f9:f2:40:b2:ea:a0:61:b3:26:
3a:de:b7:1e:37:e5:11:f0:25:04:5e:09:73:24:a1:
6e:8d:32:cf:cf:2d:c5:a9:11:51:03:cf:20:3e:9b:
69:32:13:d9:a6:d4:56:38:14:09:13:9a:2f:3c:91:
d1:9d:82:e0:09:9b:41:74:ae:02:e9:5c:0a:72:dd:
eb:20:74:7c:b2:00:21:7f:45:20:70:83:ff:c0:f5:
2a:f0:17:d7:f3:0a:00:57:d6:35:0b:b5:d5:1a:d7:
f2:be:ef:85:54:c6:09:6c:d0:71:7d:cb:5a:2e:02:
39:a5:57:c3:b6:ea:23:51:a0:4d:3f:e6:02:6e:f0:
e8:24:3e:10:57:36:55:6b:e7:1c:a3:76:ed:b4:11:
d2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:50:DA:D1:02:95:41:C1:3C:FE:DA:17:A8:09:C4:70:20:35:78:A6
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PFDa0QKVQcE8_toXqAnEcCA1eKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.52.0/22
185.106.192.0/23
Signature Algorithm: sha256WithRSAEncryption
88:b0:65:59:3a:8a:7b:b9:51:ed:51:6c:38:60:47:5d:b2:4e:
04:c0:7d:7f:0f:57:01:dd:2e:57:8f:a1:5c:3c:8f:18:a1:7c:
8e:cd:a2:dd:a5:26:c3:05:35:79:05:0a:de:3d:a0:4f:71:1a:
4f:92:5f:5b:c3:c4:8c:28:8e:1a:cd:20:46:65:a9:a7:45:bb:
07:62:f8:20:c4:ee:4d:ce:cd:90:45:bb:3f:1d:aa:f0:a6:88:
5b:5f:5a:54:12:71:97:b5:93:c3:db:99:e0:70:9f:ff:27:4f:
fa:2f:2b:5a:88:8a:e4:81:ba:5d:63:e6:ab:6b:ac:56:a1:ec:
74:f5:71:38:a9:69:ba:14:af:b7:9e:f7:24:ad:b2:bc:41:84:
dd:2e:76:47:76:cf:27:42:8f:04:7b:c4:b2:b3:bd:55:fb:32:
da:0c:55:92:2b:96:82:73:98:47:d4:71:af:e6:19:68:c7:17:
8f:42:81:43:f5:40:eb:ee:ee:e5:4d:4a:d5:f4:c5:bc:9b:68:
c8:64:e5:b0:35:71:62:f4:34:c7:ec:fe:23:bb:63:89:3f:91:
ab:5c:38:2b:9a:91:6f:7b:97:55:54:87:a2:6a:b4:7c:1e:8a:
32:0b:18:61:9b:e4:0a:27:1b:f1:f7:cb:f7:ac:af:b4:4b:14:
4c:69:13:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOswlhWw4B1CY6XBEDEu4BNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMDA2MTAwNjAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzUwZGFkMTAyOTU0MWMxM2NmZWRhMTdhODA5YzQ3MDIwMzU3OGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbAfSLEuJSlAEJFfHg0BkSRd2Wyp
3CbZThX51t6B6xjbKnTSSkNH+G6tzUe6vb8dFn2eCLg/cRHolAwsswJlOuMQMS3U
CCSKAazBo2an0CZ76MSjj4Mb9VdkL+4gi50lq0PM/T3bcQV1uJpLoeD58kCy6qBh
syY63rceN+UR8CUEXglzJKFujTLPzy3FqRFRA88gPptpMhPZptRWOBQJE5ovPJHR
nYLgCZtBdK4C6VwKct3rIHR8sgAhf0UgcIP/wPUq8BfX8woAV9Y1C7XVGtfyvu+F
VMYJbNBxfctaLgI5pVfDtuojUaBNP+YCbvDoJD4QVzZVa+cco3bttBHSkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDxQ2tEClUHBPP7aF6gJxHAgNXimMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUEZEYTBRS1ZRY0U4X3RvWHFBbkVjQ0ExZUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUqM0AwQB
uWrAMA0GCSqGSIb3DQEBCwUAA4IBAQCIsGVZOop7uVHtUWw4YEddsk4EwH1/D1cB
3S5Xj6FcPI8YoXyOzaLdpSbDBTV5BQrePaBPcRpPkl9bw8SMKI4azSBGZamnRbsH
YvggxO5Nzs2QRbs/HarwpohbX1pUEnGXtZPD25ngcJ//J0/6LytaiIrkgbpdY+ar
a6xWoex09XE4qWm6FK+3nvckrbK8QYTdLnZHds8nQo8Ee8Sys71V+zLaDFWSK5aC
c5hH1HGv5hloxxePQoFD9UDr7u7lTUrV9MW8m2jIZOWwNXFi9DTH7P4ju2OJP5Gr
XDgrmpFve5dVVIeiarR8HooyCxhhm+QKJxvx98v3rK+0SxRMaRNY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org