Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/0f082c-b18f-41c5-9fd4-3011068eeb69/1/PE5IJFyp3dVnH8K9Jsk9_QzPwEs.roa
File: PE5IJFyp3dVnH8K9Jsk9_QzPwEs.roa (raw, json)
Hash identifier: wMLf++w30jfvGkFhZsMVrP86qoNzEf2qF46rLDRxR7o=
Subject key identifier: 3C:4E:48:24:5C:A9:DD:D5:67:1F:C2:BD:26:C9:3D:FD:0C:CF:C0:4B
Certificate issuer: /CN=114c56d595de33cb8751739dbdd9b45edb2eff0c
Certificate serial: 01881FEB39EAC843DF0224B3D7EFAFB563EE
Authority key identifier: 11:4C:56:D5:95:DE:33:CB:87:51:73:9D:BD:D9:B4:5E:DB:2E:FF:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EUxW1ZXeM8uHUXOdvdm0Xtsu_ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/0f082c-b18f-41c5-9fd4-3011068eeb69/1/PE5IJFyp3dVnH8K9Jsk9_QzPwEs.roa
Signing time: Mon 15 May 2023 14:58:09 +0000
ROA not before: Mon 15 May 2023 14:58:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60274
IP address blocks: 185.233.67.0/24 maxlen: 24
193.203.252.0/24 maxlen: 24
2a10:df80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1f:eb:39:ea:c8:43:df:02:24:b3:d7:ef:af:b5:63:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=114c56d595de33cb8751739dbdd9b45edb2eff0c
Validity
Not Before: May 15 14:58:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c4e48245ca9ddd5671fc2bd26c93dfd0ccfc04b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:95:5b:95:1a:09:aa:b0:91:79:c3:df:15:c1:
0b:1a:2a:24:b0:65:02:61:1e:c1:17:e5:8b:ad:e2:
ab:da:e0:ac:a1:80:4e:0e:2e:34:5e:0e:69:8e:d3:
5c:b7:18:1c:b0:37:2c:6e:d2:a2:ed:37:0e:ce:eb:
d7:ce:fc:27:28:dd:b4:2f:c8:61:ea:64:92:d2:0f:
d9:a4:1f:cb:86:6c:cc:6a:b0:eb:a4:fa:d7:97:08:
e0:10:b3:31:9f:01:71:ae:80:9d:93:f0:63:09:4a:
10:f4:bb:fe:89:a8:46:64:cd:09:39:84:d7:5f:f0:
1a:0c:34:82:98:90:87:dd:d1:f9:ed:e9:23:86:26:
09:58:12:91:c0:20:60:1f:e4:83:d8:8c:fc:ea:60:
79:ec:17:92:eb:fa:61:b0:7c:6a:18:9d:21:69:42:
5b:ce:d6:5f:08:80:e7:8e:5c:d1:7c:f0:5b:6f:8e:
4b:84:ae:8c:35:44:ca:22:fa:59:89:f9:66:81:e1:
67:b5:90:97:80:c1:35:8e:31:aa:ec:f0:bc:ed:d1:
9a:dc:81:4f:b0:48:a1:a3:36:79:dd:a3:3e:c9:d6:
4c:36:58:a5:c3:69:e4:cb:9d:b5:9d:1e:fa:9e:e1:
ba:76:57:b7:df:36:2b:30:22:e4:70:33:02:4e:f9:
dc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:4E:48:24:5C:A9:DD:D5:67:1F:C2:BD:26:C9:3D:FD:0C:CF:C0:4B
X509v3 Authority Key Identifier:
keyid:11:4C:56:D5:95:DE:33:CB:87:51:73:9D:BD:D9:B4:5E:DB:2E:FF:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EUxW1ZXeM8uHUXOdvdm0Xtsu_ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/0f082c-b18f-41c5-9fd4-3011068eeb69/1/PE5IJFyp3dVnH8K9Jsk9_QzPwEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/0f082c-b18f-41c5-9fd4-3011068eeb69/1/EUxW1ZXeM8uHUXOdvdm0Xtsu_ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.67.0/24
193.203.252.0/24
IPv6:
2a10:df80::/29
Signature Algorithm: sha256WithRSAEncryption
76:39:9c:1f:0b:fe:be:99:ac:36:44:9b:27:d2:cf:fc:80:49:
c6:75:e3:5f:03:0f:5e:61:69:5b:75:11:39:d4:01:aa:44:cf:
b5:ff:ca:83:1a:1c:96:a1:30:fe:d8:c1:d5:10:b2:f6:db:a5:
1b:ca:fb:1c:23:7d:08:f8:86:c6:a7:0c:7b:fe:83:84:b1:2e:
66:2f:8b:31:46:7d:a3:6f:4a:43:e0:ec:ad:8e:00:46:10:c0:
a4:87:04:05:ba:50:da:7a:1a:5e:bd:5f:7f:70:d4:9d:a5:bf:
a3:ea:2d:39:dd:76:f5:1b:65:e5:9f:d0:3d:ba:eb:bc:31:c4:
5d:dd:09:30:c3:9b:5b:15:86:0e:9f:3a:a7:0f:de:18:3f:a4:
75:3a:eb:5c:23:35:65:4f:35:a9:15:7c:69:60:7b:13:0e:b8:
0d:80:06:f6:1c:26:b7:b0:90:d6:99:30:b3:fd:e9:92:cc:a6:
ef:2e:f4:58:da:09:8c:78:bd:a7:39:f9:11:cc:12:3d:cf:22:
0d:61:ec:58:84:d0:8a:8d:2a:3d:70:57:fb:fa:81:e8:4f:8b:
e5:ef:b6:9f:5d:c6:0b:4c:89:02:30:7f:28:df:ff:8d:fc:39:
0e:3a:84:f8:0d:e4:ab:f7:77:ed:ca:ad:33:44:bc:b1:95:d3:
1e:9e:db:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYgf6znqyEPfAiSz1++vtWPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNGM1NmQ1OTVkZTMzY2I4NzUxNzM5ZGJkZDliNDVlZGIy
ZWZmMGMwHhcNMjMwNTE1MTQ1ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzRlNDgyNDVjYTlkZGQ1NjcxZmMyYmQyNmM5M2RmZDBjY2ZjMDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJVblRoJqrCRecPfFcELGioksGUC
YR7BF+WLreKr2uCsoYBODi40Xg5pjtNctxgcsDcsbtKi7TcOzuvXzvwnKN20L8hh
6mSS0g/ZpB/LhmzMarDrpPrXlwjgELMxnwFxroCdk/BjCUoQ9Lv+iahGZM0JOYTX
X/AaDDSCmJCH3dH57ekjhiYJWBKRwCBgH+SD2Iz86mB57BeS6/phsHxqGJ0haUJb
ztZfCIDnjlzRfPBbb45LhK6MNUTKIvpZiflmgeFntZCXgME1jjGq7PC87dGa3IFP
sEihozZ53aM+ydZMNlilw2nky521nR76nuG6dle33zYrMCLkcDMCTvncawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDxOSCRcqd3VZx/CvSbJPf0Mz8BLMB8GA1UdIwQY
MBaAFBFMVtWV3jPLh1Fznb3ZtF7bLv8MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVV4VzFaWGVNOHVIVVhPZHZkbTBYdHN1X3d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wZjA4MmMtYjE4Zi00MWM1LTlmZDQt
MzAxMTA2OGVlYjY5LzEvUEU1SUpGeXAzZFZuSDhLOUpzazlfUXpQd0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wZjA4MmMtYjE4Zi00MWM1LTlmZDQtMzAxMTA2OGVlYjY5
LzEvRVV4VzFaWGVNOHVIVVhPZHZkbTBYdHN1X3d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuelDAwQA
wcv8MA0EAgACMAcDBQMqEN+AMA0GCSqGSIb3DQEBCwUAA4IBAQB2OZwfC/6+maw2
RJsn0s/8gEnGdeNfAw9eYWlbdRE51AGqRM+1/8qDGhyWoTD+2MHVELL226Ubyvsc
I30I+IbGpwx7/oOEsS5mL4sxRn2jb0pD4OytjgBGEMCkhwQFulDaehpevV9/cNSd
pb+j6i053Xb1G2Xln9A9uuu8McRd3Qkww5tbFYYOnzqnD94YP6R1OutcIzVlTzWp
FXxpYHsTDrgNgAb2HCa3sJDWmTCz/emSzKbvLvRY2gmMeL2nOfkRzBI9zyINYexY
hNCKjSo9cFf7+oHoT4vl77afXcYLTIkCMH8o3/+N/DkOOoT4DeSr93ftyq0zRLyx
ldMentvz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:01 2025 by rpki-client