Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/pvDB_pNQUUj-Uoup6xVSrZAd1_4.roa
File: pvDB_pNQUUj-Uoup6xVSrZAd1_4.roa (raw, json)
Hash identifier: 2+83UhFFEiZKTOfxbORaOH4r7SdJkeKTNxeX4FAHkDg=
Subject key identifier: A6:F0:C1:FE:93:50:51:48:FE:52:8B:A9:EB:15:52:AD:90:1D:D7:FE
Certificate issuer: /CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Certificate serial: 0188DD22CA4C998F98B5B7555CC12A6BF7D9
Authority key identifier: C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/pvDB_pNQUUj-Uoup6xVSrZAd1_4.roa
Signing time: Wed 21 Jun 2023 08:47:04 +0000
ROA not before: Wed 21 Jun 2023 08:47:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29311
IP address blocks: 185.61.224.0/22 maxlen: 24
62.112.224.0/19 maxlen: 24
2a00:1558::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:22:ca:4c:99:8f:98:b5:b7:55:5c:c1:2a:6b:f7:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Validity
Not Before: Jun 21 08:47:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6f0c1fe93505148fe528ba9eb1552ad901dd7fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:26:02:90:32:fb:1e:4e:47:10:7e:1f:07:f7:
6e:21:ec:d9:b1:1e:5c:a7:2e:56:c6:a2:ef:df:1b:
c6:aa:4f:ee:66:5c:25:33:f1:af:c1:22:75:19:69:
89:8f:91:ab:b7:e9:51:af:cf:2a:15:c9:9b:b5:eb:
11:51:cb:3a:fe:c7:c9:4a:a9:7a:01:e1:13:5c:55:
25:9d:7b:22:81:5e:d4:1e:75:22:e2:6f:06:fc:e4:
7f:15:9c:aa:88:29:16:4e:f0:02:92:27:1f:e1:1c:
1a:b7:aa:a6:9a:8f:36:ba:3e:3b:6b:d7:60:09:26:
8e:d1:1e:f4:7c:cb:8f:15:3c:65:45:45:d8:71:9d:
12:82:9c:59:75:3a:4e:5c:fd:f5:c9:a9:44:dc:65:
64:0d:fe:9a:e4:ec:58:f2:2e:74:3a:e3:1a:96:08:
cc:c5:ac:c8:cf:5b:b6:1a:37:9a:97:cb:21:b9:3a:
3d:38:3c:2e:54:c3:84:ce:b1:94:8d:4d:e4:0b:03:
2b:9e:c9:10:fd:6d:f8:3e:a3:93:3b:0f:42:11:0c:
16:da:2e:e3:c1:11:f2:e3:c2:0e:80:4f:c2:f4:33:
03:cb:71:7d:62:74:ae:7b:a4:cc:31:26:f8:29:11:
80:fa:0f:72:6e:76:52:70:4a:cd:67:ca:c5:6a:e5:
55:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F0:C1:FE:93:50:51:48:FE:52:8B:A9:EB:15:52:AD:90:1D:D7:FE
X509v3 Authority Key Identifier:
keyid:C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/pvDB_pNQUUj-Uoup6xVSrZAd1_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/yAA8l5YD986hKsoB68IFfDb9fzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.224.0/19
185.61.224.0/22
IPv6:
2a00:1558::/32
Signature Algorithm: sha256WithRSAEncryption
69:58:e0:ce:eb:c0:87:b3:93:63:76:50:51:fa:db:9b:02:ff:
8c:36:34:fc:52:e1:62:53:59:85:ed:03:bf:b5:e7:b4:8e:86:
b4:23:30:38:5a:cc:5c:7d:72:c2:23:d7:84:5d:1e:f8:94:8d:
fc:30:df:f5:06:e1:ef:ec:31:cf:7b:7a:cc:0d:67:1c:5b:7a:
84:db:f3:ca:d1:ef:d0:24:ce:df:04:ae:c0:22:e6:26:ce:42:
f8:cf:9c:ed:af:83:96:30:78:fa:02:dd:a6:65:b1:5f:2f:b2:
2b:45:86:72:8e:5b:b3:94:aa:22:bf:c3:34:e2:6e:95:a3:92:
1a:48:63:8c:ca:3a:3a:55:dc:3c:54:4d:15:e4:40:8b:25:e2:
39:d2:40:a8:a4:d8:6c:8d:ea:c7:0f:7b:e7:93:e3:2f:db:d3:
80:04:98:d4:11:98:47:8e:1c:b6:c8:3d:03:ff:4f:79:8d:cd:
5f:9a:aa:ea:1b:b2:1a:d5:d0:46:09:b0:b7:95:8d:36:95:87:
60:c0:93:8f:a4:cd:76:8c:d3:b4:ac:76:53:11:eb:f2:eb:ab:
42:20:d8:81:07:2a:cc:fc:01:b6:78:7b:6e:91:95:96:47:17:
20:e3:69:be:72:11:fe:7a:0c:64:28:25:ba:bf:8f:45:92:9e:
ca:41:c7:19
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYjdIspMmY+YtbdVXMEqa/fZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDAzYzk3OTYwM2Y3Y2VhMTJhY2EwMWViYzIwNTdjMzZm
ZDdmMzAwHhcNMjMwNjIxMDg0NzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmYwYzFmZTkzNTA1MTQ4ZmU1MjhiYTllYjE1NTJhZDkwMWRkN2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCYCkDL7Hk5HEH4fB/duIezZsR5c
py5WxqLv3xvGqk/uZlwlM/GvwSJ1GWmJj5Grt+lRr88qFcmbtesRUcs6/sfJSql6
AeETXFUlnXsigV7UHnUi4m8G/OR/FZyqiCkWTvACkicf4Rwat6qmmo82uj47a9dg
CSaO0R70fMuPFTxlRUXYcZ0SgpxZdTpOXP31yalE3GVkDf6a5OxY8i50OuMalgjM
xazIz1u2Gjeal8shuTo9ODwuVMOEzrGUjU3kCwMrnskQ/W34PqOTOw9CEQwW2i7j
wRHy48IOgE/C9DMDy3F9YnSue6TMMSb4KRGA+g9ybnZScErNZ8rFauVViwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKbwwf6TUFFI/lKLqesVUq2QHdf+MB8GA1UdIwQY
MBaAFMgAPJeWA/fOoSrKAevCBXw2/X8wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFBOGw1WUQ5ODZoS3NvQjY4SUZmRGI5ZnpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wM2NhMDEtYjk1OS00MWE2LTgxMzMt
MDcyMjg4MTJkMDE3LzEvcHZEQl9wTlFVVWotVW91cDZ4VlNyWkFkMV80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wM2NhMDEtYjk1OS00MWE2LTgxMzMtMDcyMjg4MTJkMDE3
LzEveUFBOGw1WUQ5ODZoS3NvQjY4SUZmRGI5ZnpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFPnDgAwQC
uT3gMA0EAgACMAcDBQAqABVYMA0GCSqGSIb3DQEBCwUAA4IBAQBpWODO68CHs5Nj
dlBR+tubAv+MNjT8UuFiU1mF7QO/tee0joa0IzA4WsxcfXLCI9eEXR74lI38MN/1
BuHv7DHPe3rMDWccW3qE2/PK0e/QJM7fBK7AIuYmzkL4z5ztr4OWMHj6At2mZbFf
L7IrRYZyjluzlKoiv8M04m6Vo5IaSGOMyjo6Vdw8VE0V5ECLJeI50kCopNhsjerH
D3vnk+Mv29OABJjUEZhHjhy2yD0D/095jc1fmqrqG7Ia1dBGCbC3lY02lYdgwJOP
pM12jNO0rHZTEevy66tCINiBByrM/AG2eHtukZWWRxcg42m+chH+egxkKCW6v49F
kp7KQccZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:43 2025 by rpki-client