Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/PpOyMMVfArPXOS146GdpvcWsbro.roa
File: PpOyMMVfArPXOS146GdpvcWsbro.roa (raw, json)
Hash identifier: a/smLM+Omvu0Lp9R5WBBmGYsVYWRNAB8Bxm83LGK43o=
Subject key identifier: 3E:93:B2:30:C5:5F:02:B3:D7:39:2D:78:E8:67:69:BD:C5:AC:6E:BA
Certificate issuer: /CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Certificate serial: 0185305EA39B2F060D1B049EC75286FCAB03
Authority key identifier: FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/PpOyMMVfArPXOS146GdpvcWsbro.roa
Signing time: Tue 20 Dec 2022 16:29:46 +0000
ROA not before: Tue 20 Dec 2022 16:29:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 213.204.16.0/24 maxlen: 24
213.204.20.0/24 maxlen: 24
213.204.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:5e:a3:9b:2f:06:0d:1b:04:9e:c7:52:86:fc:ab:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Validity
Not Before: Dec 20 16:29:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e93b230c55f02b3d7392d78e86769bdc5ac6eba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:50:95:fb:2e:2b:97:9f:7d:c6:cd:e7:53:59:
a6:17:e6:4a:a8:85:10:40:ea:18:6b:7c:f1:3b:5c:
60:42:00:07:74:28:40:57:b7:74:5e:89:9f:47:b0:
2c:71:02:63:03:02:2c:1a:71:44:e1:1f:7e:02:4b:
43:e7:42:7b:ed:2a:e7:ac:e9:e9:1a:26:09:85:3c:
7f:b2:2d:05:64:da:17:16:7a:04:96:9d:b4:8e:65:
cf:69:b4:6a:f8:09:0b:28:5f:82:1f:cb:c6:9d:e8:
8d:96:c1:a8:6b:2c:e8:9f:74:a1:32:7f:fa:6a:00:
1c:7d:e8:26:7c:a3:ef:ec:a6:91:e8:7c:64:38:12:
63:d8:b3:bc:8b:04:35:9a:28:b8:51:b3:40:75:60:
a2:9b:42:14:e5:6f:b6:de:ad:ee:15:a6:d3:23:0b:
d9:28:7a:5e:22:2f:51:cd:b0:bb:40:7d:ea:85:49:
1d:d7:33:c4:d8:04:96:ac:ac:fa:11:6c:9b:f6:98:
80:c7:62:f5:d3:6f:e6:50:b1:d7:bf:d0:8f:3c:e9:
8c:75:f0:de:dd:fc:05:3e:64:f4:e4:78:e5:7f:4b:
c6:77:7c:b2:62:83:6b:61:2b:07:08:09:92:f5:58:
96:8f:54:95:ef:2d:16:b2:d0:85:2d:3e:29:98:46:
bb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:93:B2:30:C5:5F:02:B3:D7:39:2D:78:E8:67:69:BD:C5:AC:6E:BA
X509v3 Authority Key Identifier:
keyid:FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/PpOyMMVfArPXOS146GdpvcWsbro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.204.16.0/24
213.204.20.0/24
213.204.25.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:6a:6a:fe:7a:15:bc:e9:c1:d7:b1:95:c8:5f:5c:7d:59:ce:
9c:97:51:87:61:c5:34:d0:03:9a:18:30:b4:d1:cf:e5:98:2d:
47:0f:3b:26:94:86:05:24:f4:48:75:12:35:9f:80:4b:8c:44:
39:a9:a8:b4:01:ff:c3:ca:b1:d4:41:28:1f:7f:95:16:ff:da:
b4:b4:de:ef:3f:2c:8c:41:04:c9:80:98:b0:73:77:2f:bb:82:
58:9d:ef:3b:46:fb:64:85:78:85:f1:b0:60:28:64:4a:2f:13:
a2:c0:99:73:a9:58:ab:de:4c:dc:9b:79:18:9b:f7:d3:31:4c:
93:e0:9e:82:e1:73:14:8b:62:da:c7:86:64:c9:84:ad:2f:4c:
6a:f2:fd:0b:58:a9:73:af:74:5b:b6:83:9a:d4:6e:3f:fc:07:
31:de:0a:b7:4a:b1:22:8c:04:75:1e:13:82:c8:51:88:d9:9a:
25:70:9f:ef:fd:ef:2e:a5:d7:a9:59:2c:3e:f7:14:5e:5b:ce:
ca:af:1c:06:ae:36:07:5c:75:ff:96:c1:58:ed:6a:9b:9f:87:
e8:fa:f5:05:a6:9d:ac:d6:2e:86:ee:79:5c:44:02:3c:ab:d6:
77:4e:19:66:f4:d1:15:df:d6:86:0f:04:6d:ec:05:a8:9c:7a:
c8:fb:2a:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUwXqObLwYNGwSex1KG/KsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjMyOTM2MGMxYjZmY2FmYmY1MjUzYTY1N2UzZTlkN2Yy
MjRmN2UwHhcNMjIxMjIwMTYyOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTkzYjIzMGM1NWYwMmIzZDczOTJkNzhlODY3NjliZGM1YWM2ZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolCV+y4rl599xs3nU1mmF+ZKqIUQ
QOoYa3zxO1xgQgAHdChAV7d0XomfR7AscQJjAwIsGnFE4R9+AktD50J77SrnrOnp
GiYJhTx/si0FZNoXFnoElp20jmXPabRq+AkLKF+CH8vGneiNlsGoayzon3ShMn/6
agAcfegmfKPv7KaR6HxkOBJj2LO8iwQ1mii4UbNAdWCim0IU5W+23q3uFabTIwvZ
KHpeIi9RzbC7QH3qhUkd1zPE2ASWrKz6EWyb9piAx2L102/mULHXv9CPPOmMdfDe
3fwFPmT05Hjlf0vGd3yyYoNrYSsHCAmS9ViWj1SV7y0WstCFLT4pmEa7GQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD6TsjDFXwKz1zkteOhnab3FrG66MB8GA1UdIwQY
MBaAFP7zKTYMG2/K+/UlOmV+Pp1/Ik9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgt
NTAwYjg4MzQyODllLzEvUHBPeU1NVmZBclBYT1MxNDZHZHB2Y1dzYnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgtNTAwYjg4MzQyODll
LzEvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1cwQAwQA
1cwUAwQA1cwZMA0GCSqGSIb3DQEBCwUAA4IBAQCMamr+ehW86cHXsZXIX1x9Wc6c
l1GHYcU00AOaGDC00c/lmC1HDzsmlIYFJPRIdRI1n4BLjEQ5qai0Af/DyrHUQSgf
f5UW/9q0tN7vPyyMQQTJgJiwc3cvu4JYne87RvtkhXiF8bBgKGRKLxOiwJlzqVir
3kzcm3kYm/fTMUyT4J6C4XMUi2Lax4ZkyYStL0xq8v0LWKlzr3RbtoOa1G4//Acx
3gq3SrEijAR1HhOCyFGI2ZolcJ/v/e8updepWSw+9xReW87KrxwGrjYHXHX/lsFY
7Wqbn4fo+vUFpp2s1i6G7nlcRAI8q9Z3Thlm9NEV39aGDwRt7AWonHrI+yrn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:41 2024 by rpki-client on console-fra.rpki-client.org