Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PodXC_x9sMCOX2E96cdSHUlmT4w.roa
File: PodXC_x9sMCOX2E96cdSHUlmT4w.roa (raw, json)
Hash identifier: QHAtC0F237+ntNOsDTUksSYWYs6fB16xQx+zkUbTvjc=
Subject key identifier: 3E:87:57:0B:FC:7D:B0:C0:8E:5F:61:3D:E9:C7:52:1D:49:66:4F:8C
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01854F945F34465666A1900C0F06855ABC8A
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PodXC_x9sMCOX2E96cdSHUlmT4w.roa
Signing time: Mon 26 Dec 2022 17:56:41 +0000
ROA not before: Mon 26 Dec 2022 17:56:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 949
IP address blocks: 141.98.196.0/22 maxlen: 24
80.66.196.0/22 maxlen: 24
45.142.124.0/22 maxlen: 24
45.87.92.0/22 maxlen: 24
94.124.116.0/24 maxlen: 24
94.124.116.0/22 maxlen: 24
185.200.64.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
195.245.219.0/24 maxlen: 24
45.141.44.0/22 maxlen: 24
185.213.151.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
194.114.136.0/24 maxlen: 24
195.245.229.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
45.147.48.0/22 maxlen: 24
194.36.27.0/24 maxlen: 24
95.214.164.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
91.200.240.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.194.52.0/22 maxlen: 24
193.32.148.0/22 maxlen: 24
2a06:57c0::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a06:4fc0::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a09:6::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4f:94:5f:34:46:56:66:a1:90:0c:0f:06:85:5a:bc:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Dec 26 17:56:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e87570bfc7db0c08e5f613de9c7521d49664f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c1:18:5a:78:dc:b0:96:c7:d5:65:04:3e:f1:
d6:24:ef:ec:dc:0f:97:a4:2f:e8:bd:8f:69:0b:11:
8c:fe:13:59:83:e3:99:9c:1e:eb:4f:2f:a9:a0:20:
1a:45:67:30:15:83:e5:72:cc:dc:19:7d:3b:5b:7c:
45:ab:0c:a6:31:7b:6c:33:e6:49:11:d7:08:1a:d0:
76:9d:c4:7a:d0:c8:61:5f:98:53:d7:d3:45:f9:8b:
f0:22:45:eb:01:0c:26:88:99:08:4d:68:57:c3:db:
4a:69:64:66:7b:11:dc:4b:c3:30:c8:a4:93:74:94:
ce:72:5c:71:0e:5c:71:32:6d:b0:f3:fa:5e:9d:72:
88:c4:06:c2:86:68:02:a3:32:d3:47:26:b2:58:c1:
48:74:c4:3b:cb:00:7b:03:5c:80:c0:31:f2:36:e8:
37:db:98:07:02:ef:87:18:21:20:5a:3a:8f:0e:a8:
e7:c7:9c:b3:41:9a:77:45:b1:be:82:01:1a:4e:05:
fc:76:97:1e:df:61:91:22:b0:57:0b:2a:bc:20:d4:
e0:1d:17:01:36:9e:8e:65:1c:8b:74:ab:4c:0e:60:
26:a5:b6:d6:38:51:2d:e1:88:c8:69:cf:9a:b3:6e:
3d:47:4c:08:7b:b1:66:2e:1a:eb:13:30:22:3a:f9:
49:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:87:57:0B:FC:7D:B0:C0:8E:5F:61:3D:E9:C7:52:1D:49:66:4F:8C
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PodXC_x9sMCOX2E96cdSHUlmT4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.92.0/22
45.130.20.0/22
45.139.192.0/22
45.141.44.0/22
45.142.124.0/22
45.143.232.0/22
45.147.48.0/22
80.66.196.0/22
91.200.240.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.213.151.0/24
185.222.216.0/21
193.32.148.0/22
194.36.27.0/24
194.104.144.0/24
194.104.152.0/22
194.114.136.0/24
194.169.54.0/23
195.245.219.0/24
195.245.229.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09:6::/32
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
61:93:00:f3:08:d6:a6:43:94:1a:31:2d:6b:23:b4:f8:a2:52:
dd:44:73:84:7c:43:48:1f:a8:1b:9b:a6:3a:ac:a3:a6:2d:2b:
76:f0:e6:a3:30:9b:60:7b:53:f9:41:ba:8d:e4:93:07:24:1b:
16:de:db:d4:be:f2:6e:0f:ab:d4:0f:1b:24:e5:08:22:9c:09:
6e:e5:eb:95:b1:71:70:da:5b:15:f6:b1:a4:5f:40:48:fe:5b:
a2:7d:6e:dd:8e:fb:8a:9e:6a:b1:46:d1:88:50:60:41:a0:57:
b5:3e:d4:07:78:c6:e0:a9:b6:31:a4:fb:ad:bb:e5:af:ee:8d:
db:73:dd:bf:74:71:a9:bd:da:5e:3e:63:52:43:b6:34:ba:9e:
50:2c:a1:a7:4c:82:fc:cc:f3:b5:ea:0c:dc:21:8c:01:8b:16:
4c:a4:69:11:95:11:9b:0c:d1:d5:d2:e2:89:a5:b8:81:08:83:
27:96:87:06:24:7c:d0:83:9a:fa:f1:3b:9c:81:5c:3b:10:12:
bb:9e:de:5c:18:c8:99:fc:60:f5:b2:96:0e:e4:e6:87:3f:57:
55:db:4b:5b:97:f7:7a:95:60:f4:f0:f4:2e:53:8e:c2:fd:4b:
03:f6:fd:79:77:3f:fd:0c:99:cb:f2:d9:6d:91:08:f6:63:a3:
3e:03:5e:af
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYVPlF80RlZmoZAMDwaFWryKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIxMjI2MTc1NjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTg3NTcwYmZjN2RiMGMwOGU1ZjYxM2RlOWM3NTIxZDQ5NjY0ZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMEYWnjcsJbH1WUEPvHWJO/s3A+X
pC/ovY9pCxGM/hNZg+OZnB7rTy+poCAaRWcwFYPlcszcGX07W3xFqwymMXtsM+ZJ
EdcIGtB2ncR60MhhX5hT19NF+YvwIkXrAQwmiJkITWhXw9tKaWRmexHcS8MwyKST
dJTOclxxDlxxMm2w8/penXKIxAbChmgCozLTRyayWMFIdMQ7ywB7A1yAwDHyNug3
25gHAu+HGCEgWjqPDqjnx5yzQZp3RbG+ggEaTgX8dpce32GRIrBXCyq8INTgHRcB
Np6OZRyLdKtMDmAmpbbWOFEt4YjIac+as249R0wIe7FmLhrrEzAiOvlJMQIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFD6HVwv8fbDAjl9hPenHUh1JZk+MMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvUG9kWENfeDlzTUNPWDJFOTZjZFNIVWxtVDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCBqwQCAAEwgaQD
BAItV1wDBAItghQDBAIti8ADBAItjSwDBAItjnwDBAItj+gDBAItkzADBAJQQsQD
BAJbyPADBAJefHQDBAJf1qQDBAKNYsQDBAKVPiwDBAK5wjQDBAK5yEADBAC51ZcD
BAO53tgDBALBIJQDBADCJBsDBADCaJADBALCaJgDBADCcogDBAHCqTYDBADD9dsD
BADD9eUwDAMEAMP18QMEAMP18jBoBAIAAjBiAwUDKgZPwAMFAyoGV8ADBQMqB+kA
AwUDKgf6AAMFACoJAAYDBQMqDO1AAwUDKg0fwAMFAyoNNkADBQMqDUNAAwUDKg1L
wAMFAyoNdUADBQMqDd6AAwUDKg5iAAMFAyoQJgAwDQYJKoZIhvcNAQELBQADggEB
AGGTAPMI1qZDlBoxLWsjtPiiUt1Ec4R8Q0gfqBubpjqso6YtK3bw5qMwm2B7U/lB
uo3kkwckGxbe29S+8m4Pq9QPGyTlCCKcCW7l65WxcXDaWxX2saRfQEj+W6J9bt2O
+4qearFG0YhQYEGgV7U+1Ad4xuCptjGk+6275a/ujdtz3b90cam92l4+Y1JDtjS6
nlAsoadMgvzM87XqDNwhjAGLFkykaRGVEZsM0dXS4omluIEIgyeWhwYkfNCDmvrx
O5yBXDsQErue3lwYyJn8YPWylg7k5oc/V1XbS1uX93qVYPTw9C5TjsL9SwP2/Xl3
P/0Mmcvy2W2RCPZjoz4DXq8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org