Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/83c416-7d9d-447a-add1-4e85bfd7d058/1/PiGU3w6y64rXMKZkW40tN8jzKno.roa
File: PiGU3w6y64rXMKZkW40tN8jzKno.roa (raw, json)
Hash identifier: 4phQ8/EIfPU03uvitgLiqNrz72eJj1c/V11i4/gQ5qY=
Subject key identifier: 3E:21:94:DF:0E:B2:EB:8A:D7:30:A6:64:5B:8D:2D:37:C8:F3:2A:7A
Certificate issuer: /CN=908c573c2d83c7d8fd2a3cf9a7f536f92925a3bd
Certificate serial: 07E6B256
Authority key identifier: 90:8C:57:3C:2D:83:C7:D8:FD:2A:3C:F9:A7:F5:36:F9:29:25:A3:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kIxXPC2Dx9j9Kjz5p_U2-Sklo70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/83c416-7d9d-447a-add1-4e85bfd7d058/1/PiGU3w6y64rXMKZkW40tN8jzKno.roa
Signing time: Sat 01 Jan 2022 09:01:53 +0000
ROA not before: Sat 01 Jan 2022 09:01:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205543
IP address blocks: 185.214.236.0/22 maxlen: 24
2a0b:af40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132559446 (0x7e6b256)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=908c573c2d83c7d8fd2a3cf9a7f536f92925a3bd
Validity
Not Before: Jan 1 09:01:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e2194df0eb2eb8ad730a6645b8d2d37c8f32a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:be:85:4e:dc:ca:8c:fe:5a:53:f6:2a:28:82:
3a:27:50:a4:7f:39:8b:33:1d:42:62:82:11:76:bd:
c6:59:a9:0e:e5:68:25:73:c9:6e:93:4b:85:69:fd:
df:dd:67:f7:b0:a7:d0:d5:0e:4d:e9:ff:1c:c5:f1:
c7:a8:1a:dd:83:4d:63:45:30:e1:32:0a:fb:95:da:
c8:cb:f1:bc:40:c9:10:ef:58:a7:1d:55:46:bf:cb:
00:e2:72:2a:fd:82:9b:71:4c:7c:bf:b4:cf:b0:94:
58:1e:72:a0:32:93:18:04:ea:e8:87:35:fe:d0:20:
6d:66:d8:97:c7:41:e6:51:4b:b0:d2:b0:35:f6:3f:
30:92:dc:d9:54:b1:fe:85:c6:c1:df:8f:f1:10:8f:
9b:3a:ef:59:00:bd:a7:30:d3:c0:98:81:6e:9b:38:
1c:fe:fb:f4:dd:e3:9c:fa:33:eb:8b:48:23:d9:13:
39:52:ce:70:be:6d:29:34:7c:aa:3b:49:67:77:21:
96:4d:13:05:d9:f0:75:e5:be:29:4b:8c:4e:bf:05:
aa:3a:ba:1b:cc:84:33:4d:9c:8d:7d:a5:5d:18:0b:
6f:4b:53:f4:96:d1:af:98:2f:e1:5a:19:9b:f5:97:
4a:5a:63:c0:a4:31:97:40:46:99:86:79:45:a7:56:
28:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:21:94:DF:0E:B2:EB:8A:D7:30:A6:64:5B:8D:2D:37:C8:F3:2A:7A
X509v3 Authority Key Identifier:
keyid:90:8C:57:3C:2D:83:C7:D8:FD:2A:3C:F9:A7:F5:36:F9:29:25:A3:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kIxXPC2Dx9j9Kjz5p_U2-Sklo70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/83c416-7d9d-447a-add1-4e85bfd7d058/1/PiGU3w6y64rXMKZkW40tN8jzKno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/83c416-7d9d-447a-add1-4e85bfd7d058/1/kIxXPC2Dx9j9Kjz5p_U2-Sklo70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.236.0/22
IPv6:
2a0b:af40::/29
Signature Algorithm: sha256WithRSAEncryption
50:f8:c8:d5:a1:6c:75:40:ba:b4:9f:b5:5d:24:e8:94:5b:bb:
7e:35:4a:16:b1:6b:27:00:2b:15:6d:db:15:ed:02:89:5a:6b:
26:e0:5f:82:c3:8a:ea:47:c8:06:f2:7e:54:62:43:29:3e:af:
54:87:ad:f1:f9:9d:d4:d8:05:2b:cc:45:3e:3d:b7:b7:19:4e:
2b:f8:a8:53:7f:5b:61:d7:f9:f4:a1:fd:10:f4:9a:15:bc:9f:
8c:8a:e3:9b:e6:d5:00:93:cd:41:de:7f:e6:e4:7a:67:a2:9e:
92:12:bb:bd:ef:c8:db:2a:f8:c8:5f:0a:b1:27:45:65:2a:64:
75:ff:0a:5c:51:1e:40:c3:95:64:07:37:38:ef:fd:f9:52:a0:
90:95:98:63:38:f6:32:be:a3:55:ab:74:37:03:7f:ca:39:9a:
f3:0c:e0:88:8b:6e:ea:d7:0d:b9:f4:46:b0:00:7e:70:21:5b:
7f:81:2b:49:35:cd:95:f6:e1:79:7a:12:60:03:25:73:bf:80:
a5:30:9d:37:e1:91:d3:77:bd:cc:c0:60:ac:05:52:40:81:46:
a9:7e:e4:07:40:c6:92:21:b0:5d:41:71:72:bc:64:cd:2e:cf:
54:ec:09:ca:f0:2f:8e:d7:80:06:5d:10:f5:20:0a:e7:06:cf:
73:fd:4b:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB+ayVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDhjNTczYzJkODNjN2Q4ZmQyYTNjZjlhN2Y1MzZmOTI5MjVhM2JkMB4XDTIyMDEw
MTA5MDE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2UyMTk0ZGYwZWIy
ZWI4YWQ3MzBhNjY0NWI4ZDJkMzdjOGYzMmE3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6+hU7cyoz+WlP2KiiCOidQpH85izMdQmKCEXa9xlmpDuVo
JXPJbpNLhWn9391n97Cn0NUOTen/HMXxx6ga3YNNY0Uw4TIK+5XayMvxvEDJEO9Y
px1VRr/LAOJyKv2Cm3FMfL+0z7CUWB5yoDKTGATq6Ic1/tAgbWbYl8dB5lFLsNKw
NfY/MJLc2VSx/oXGwd+P8RCPmzrvWQC9pzDTwJiBbps4HP779N3jnPoz64tII9kT
OVLOcL5tKTR8qjtJZ3chlk0TBdnwdeW+KUuMTr8Fqjq6G8yEM02cjX2lXRgLb0tT
9JbRr5gv4VoZm/WXSlpjwKQxl0BGmYZ5RadWKPUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ+IZTfDrLritcwpmRbjS03yPMqejAfBgNVHSMEGDAWgBSQjFc8LYPH2P0q
PPmn9Tb5KSWjvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tJeFhQQzJEeDlqOUtqejVwX1UyLVNrbG83MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvODNjNDE2LTdkOWQtNDQ3YS1hZGQxLTRlODViZmQ3ZDA1OC8x
L1BpR1UzdzZ5NjRyWE1LWmtXNDB0Tjhqektuby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
ODNjNDE2LTdkOWQtNDQ3YS1hZGQxLTRlODViZmQ3ZDA1OC8xL2tJeFhQQzJEeDlq
OUtqejVwX1UyLVNrbG83MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnW7DANBAIAAjAHAwUDKguvQDAN
BgkqhkiG9w0BAQsFAAOCAQEAUPjI1aFsdUC6tJ+1XSTolFu7fjVKFrFrJwArFW3b
Fe0CiVprJuBfgsOK6kfIBvJ+VGJDKT6vVIet8fmd1NgFK8xFPj23txlOK/ioU39b
Ydf59KH9EPSaFbyfjIrjm+bVAJPNQd5/5uR6Z6KekhK7ve/I2yr4yF8KsSdFZSpk
df8KXFEeQMOVZAc3OO/9+VKgkJWYYzj2Mr6jVat0NwN/yjma8wzgiItu6tcNufRG
sAB+cCFbf4ErSTXNlfbheXoSYAMlc7+ApTCdN+GR03e9zMBgrAVSQIFGqX7kB0DG
kiGwXUFxcrxkzS7PVOwJyvAvjteABl0Q9SAK5wbPc/1Lyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:29 2024 by rpki-client on console-fra.rpki-client.org