Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/PRkxiMbga_vRlfdaNhNGVZJ4g6k.roa
File: PRkxiMbga_vRlfdaNhNGVZJ4g6k.roa (raw, json)
Hash identifier: XP4wzwuEcNiRgHpdKZnbofNXKQbdrqqxnoUqL2NYmkA=
Subject key identifier: 3D:19:31:88:C6:E0:6B:FB:D1:95:F7:5A:36:13:46:55:92:78:83:A9
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 0AAB2E8F
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/PRkxiMbga_vRlfdaNhNGVZJ4g6k.roa
Signing time: Sat 01 Jan 2022 08:57:44 +0000
ROA not before: Sat 01 Jan 2022 08:57:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43782
IP address blocks: 109.74.208.0/20 maxlen: 32
185.43.84.0/23 maxlen: 32
164.177.176.0/21 maxlen: 32
46.226.240.0/21 maxlen: 32
79.132.96.0/19 maxlen: 32
2a00:1138::/32 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178990735 (0xaab2e8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 1 08:57:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d193188c6e06bfbd195f75a36134655927883a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:6b:7e:78:d2:62:88:60:d4:26:ab:3d:57:7e:
21:f1:00:2d:f3:ad:44:d6:8c:2a:76:e4:63:66:ff:
1b:7c:b9:2a:49:22:10:8c:a2:af:cc:6b:73:fc:12:
6f:3e:a9:5f:e3:8e:1c:9a:f7:f1:e6:0d:44:ee:a2:
8d:67:04:97:eb:d1:7e:e5:8c:6e:58:f1:61:0c:c3:
74:6a:94:7e:1a:d3:e7:df:bb:01:47:ea:58:5c:c0:
cb:b4:f0:f3:da:10:6f:46:62:6d:75:5b:a4:71:b4:
3b:f7:84:30:ce:0f:a3:05:e1:8b:75:8f:b8:3c:85:
f1:9c:91:96:fc:e4:77:d4:8b:0b:a9:5f:49:02:6b:
a5:79:a7:86:8c:8a:fc:e4:0d:01:56:3c:c4:1c:6f:
cd:53:84:8e:6f:bf:66:2e:0a:14:c5:98:be:99:58:
2c:a6:59:82:75:d3:ad:e5:3c:31:80:3e:15:63:c4:
d3:8c:4c:7f:5c:09:0b:3e:48:41:ba:24:97:c6:80:
04:e3:70:0d:1d:36:cc:4b:a8:bf:22:ff:c7:77:6d:
59:d0:02:98:f8:67:29:3f:2f:61:b5:76:58:86:1e:
14:c4:0b:b7:51:79:50:97:06:87:5f:14:d0:ce:ec:
2f:80:30:ce:75:c8:91:6e:25:3d:92:27:d9:c8:3c:
70:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:19:31:88:C6:E0:6B:FB:D1:95:F7:5A:36:13:46:55:92:78:83:A9
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/PRkxiMbga_vRlfdaNhNGVZJ4g6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.240.0/21
79.132.96.0/19
109.74.208.0/20
164.177.176.0/21
185.43.84.0/23
IPv6:
2a00:1138::/32
Signature Algorithm: sha256WithRSAEncryption
b7:f5:f6:51:2e:3a:f3:88:eb:e8:41:3c:31:03:b9:3e:c8:7e:
b7:e8:8c:b4:e3:f9:82:f7:8e:da:53:fa:39:fe:6d:d8:2b:16:
b0:9f:54:2c:cc:01:51:c4:9b:d5:cc:c2:c1:a0:2d:40:ca:55:
ae:6a:5d:4f:d7:6b:43:32:63:b5:dd:f0:8c:09:83:c9:36:57:
28:ef:ab:59:27:39:c0:d2:97:f2:e4:a7:04:48:8f:df:d2:0d:
14:30:ae:0d:32:32:e8:63:cc:0d:58:ca:a3:fe:28:4a:ec:4c:
da:8a:28:d3:e4:71:52:29:97:71:f6:89:2e:76:a1:e9:a9:bd:
61:f8:10:56:e9:6e:55:6b:db:7f:33:4c:5c:d4:c5:9e:07:0a:
c7:ae:9b:21:a0:16:e6:33:1f:59:87:90:02:e2:f8:6e:a6:9f:
83:8f:de:ae:13:71:62:50:a7:4e:a3:1b:ae:53:18:3d:6d:1b:
01:12:db:73:bb:8c:4d:6a:10:3c:4a:b2:ab:f7:f2:37:c2:00:
fb:7a:c2:04:c8:67:b3:eb:f9:19:53:5f:b3:fb:a9:e3:70:93:
e7:d6:78:31:88:4d:a9:24:d2:c9:7c:77:01:94:dd:72:59:73:
c7:46:9c:41:1e:51:06:5d:90:3d:39:7c:8c:34:bd:55:70:9a:
80:6b:3e:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECqsujzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGFjODMwY2NhYTc0NzgzZGQ5NjFmYWIyNDFhMjI4ZDdjYzZmODA4MB4XDTIyMDEw
MTA4NTc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QxOTMxODhjNmUw
NmJmYmQxOTVmNzVhMzYxMzQ2NTU5Mjc4ODNhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPNrfnjSYohg1CarPVd+IfEALfOtRNaMKnbkY2b/G3y5Kkki
EIyir8xrc/wSbz6pX+OOHJr38eYNRO6ijWcEl+vRfuWMbljxYQzDdGqUfhrT59+7
AUfqWFzAy7Tw89oQb0ZibXVbpHG0O/eEMM4PowXhi3WPuDyF8ZyRlvzkd9SLC6lf
SQJrpXmnhoyK/OQNAVY8xBxvzVOEjm+/Zi4KFMWYvplYLKZZgnXTreU8MYA+FWPE
04xMf1wJCz5IQbokl8aABONwDR02zEuovyL/x3dtWdACmPhnKT8vYbV2WIYeFMQL
t1F5UJcGh18U0M7sL4AwznXIkW4lPZIn2cg8cE0CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQ9GTGIxuBr+9GV91o2E0ZVkniDqTAfBgNVHSMEGDAWgBStrIMMyqdHg92W
H6skGiKNfMb4CDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JheURETXFuUjRQZGxoLXJKQm9palh6Ry1BZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMzI1YzhkLWQzNjgtNGVlZS05Y2E4LTkyOWY3ZDYzNWY0Yi8x
L1BSa3hpTWJnYV92UmxmZGFOaE5HVlpKNGc2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
MzI1YzhkLWQzNjgtNGVlZS05Y2E4LTkyOWY3ZDYzNWY0Yi8xL3JheURETXFuUjRQ
ZGxoLXJKQm9palh6Ry1BZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAy7i8AMEBU+EYAMEBG1K0AMEA6Sx
sAMEAbkrVDANBAIAAjAHAwUAKgARODANBgkqhkiG9w0BAQsFAAOCAQEAt/X2US46
84jr6EE8MQO5Psh+t+iMtOP5gveO2lP6Of5t2CsWsJ9ULMwBUcSb1czCwaAtQMpV
rmpdT9drQzJjtd3wjAmDyTZXKO+rWSc5wNKX8uSnBEiP39INFDCuDTIy6GPMDVjK
o/4oSuxM2ooo0+RxUimXcfaJLnah6am9YfgQVuluVWvbfzNMXNTFngcKx66bIaAW
5jMfWYeQAuL4bqafg4/erhNxYlCnTqMbrlMYPW0bARLbc7uMTWoQPEqyq/fyN8IA
+3rCBMhns+v5GVNfs/up43CT59Z4MYhNqSTSyXx3AZTdcllzx0acQR5RBl2QPTl8
jDS9VXCagGs+4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:51 2024 by rpki-client on console-ams.rpki-client.org