Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/PoCT5V1-T4Q1nHUnpwWOprlR_kM.roa
File: PoCT5V1-T4Q1nHUnpwWOprlR_kM.roa (raw, json)
Hash identifier: WMtqzoaC+nLyNjrs3cCxXKkx/hIOC31eurah9+oAMf0=
Subject key identifier: 3E:80:93:E5:5D:7E:4F:84:35:9C:75:27:A7:05:8E:A6:B9:51:FE:43
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01829609824FFB7D377B92555ADB0C9A197E
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/PoCT5V1-T4Q1nHUnpwWOprlR_kM.roa
Signing time: Sat 13 Aug 2022 07:09:41 +0000
ROA not before: Sat 13 Aug 2022 07:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210392
IP address blocks: 178.239.148.0/24 maxlen: 24
178.239.151.0/24 maxlen: 24
178.239.152.0/24 maxlen: 24
185.26.32.0/22 maxlen: 24
178.239.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:96:09:82:4f:fb:7d:37:7b:92:55:5a:db:0c:9a:19:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Aug 13 07:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e8093e55d7e4f84359c7527a7058ea6b951fe43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d0:7c:b9:a5:12:e6:a7:2d:ce:c8:f4:57:90:
5b:34:97:b5:e6:17:6a:c8:4b:9f:7b:c9:ef:50:34:
64:9c:ec:b7:0e:66:05:7b:18:c4:2d:2d:72:32:20:
c2:1b:7c:2d:8b:4a:4a:11:71:e9:75:70:13:0a:54:
bf:bc:f8:ef:74:b7:5b:2d:b4:d0:72:55:7e:d7:33:
f2:40:e4:69:cc:de:61:d9:e5:66:d1:6b:e8:88:f7:
bc:da:2f:97:62:5a:f8:49:33:4e:3a:23:5d:be:04:
08:d1:78:e7:f8:4b:b7:dc:9b:ce:70:ba:ab:dd:5e:
6b:0d:72:bb:44:23:ba:56:76:db:a9:24:0f:b0:12:
95:5d:0b:e2:d5:22:e0:36:dc:87:18:d4:f9:4b:6e:
d5:8e:d0:22:71:14:8f:c1:bc:dd:16:4c:18:fd:68:
c7:ef:5b:c2:57:b3:c0:65:ca:60:77:3a:8a:7f:99:
6e:4d:84:ef:00:e5:39:b7:b3:5d:02:03:96:82:50:
f7:8c:38:fb:55:9f:54:c9:c3:dd:31:a2:0d:45:4d:
b1:63:61:1b:c4:48:7a:b1:b3:93:d0:4f:f3:e7:19:
12:39:dc:6e:3c:52:a6:9d:ee:b1:c3:99:78:87:05:
b0:40:5e:89:dd:62:b3:9b:0f:7b:8a:d3:b4:cd:0b:
78:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:80:93:E5:5D:7E:4F:84:35:9C:75:27:A7:05:8E:A6:B9:51:FE:43
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/PoCT5V1-T4Q1nHUnpwWOprlR_kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.148.0/24
178.239.151.0-178.239.153.255
185.26.32.0/22
Signature Algorithm: sha256WithRSAEncryption
60:77:1e:86:e8:7f:0d:e0:35:93:d1:f7:60:35:ed:6b:e3:ae:
02:e2:bb:ee:72:e0:7a:45:ee:69:04:77:4c:17:8e:d8:0a:17:
d7:1b:3a:6b:bd:59:d2:66:90:54:a7:24:1d:d4:0e:9a:ce:1d:
c4:53:09:5a:05:c2:02:75:44:96:b5:54:99:d8:38:e6:3c:ff:
83:d9:2d:41:89:28:a3:d8:9f:f5:6f:64:ce:41:87:12:35:41:
37:71:70:88:ad:75:a5:ce:fa:b0:a2:e3:a3:33:45:16:ab:c4:
94:03:f7:f3:09:d7:5a:7a:7d:17:38:37:21:60:90:ae:5b:e4:
e6:ca:1b:da:49:95:b0:37:3d:3d:2c:43:43:d9:81:9d:30:76:
23:d3:7e:3c:41:b5:72:6d:58:58:6b:a1:74:5f:41:19:49:c4:
02:7f:38:cb:8d:12:1e:3e:d7:d2:67:d2:3c:56:94:82:e6:e7:
c8:e6:d1:f1:ae:59:9c:1c:fb:bb:60:e0:e2:ae:95:9b:4b:43:
15:91:59:d2:6a:b7:88:a9:ba:db:0a:09:97:84:69:8a:fb:ba:
d9:d2:90:53:ce:58:34:eb:ab:ce:0e:c3:20:b8:90:e8:a8:0c:
e9:8d:d9:df:02:66:35:5b:d5:d7:2b:20:b3:21:eb:1c:fd:51:
73:9e:d5:59
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYKWCYJP+303e5JVWtsMmhl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjIwODEzMDcwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTgwOTNlNTVkN2U0Zjg0MzU5Yzc1MjdhNzA1OGVhNmI5NTFmZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNB8uaUS5qctzsj0V5BbNJe15hdq
yEufe8nvUDRknOy3DmYFexjELS1yMiDCG3wti0pKEXHpdXATClS/vPjvdLdbLbTQ
clV+1zPyQORpzN5h2eVm0WvoiPe82i+XYlr4STNOOiNdvgQI0Xjn+Eu33JvOcLqr
3V5rDXK7RCO6VnbbqSQPsBKVXQvi1SLgNtyHGNT5S27VjtAicRSPwbzdFkwY/WjH
71vCV7PAZcpgdzqKf5luTYTvAOU5t7NdAgOWglD3jDj7VZ9UycPdMaINRU2xY2Eb
xEh6sbOT0E/z5xkSOdxuPFKmne6xw5l4hwWwQF6J3WKzmw97itO0zQt4owIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD6Ak+Vdfk+ENZx1J6cFjqa5Uf5DMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvUG9DVDVWMS1UNFExbkhVbnB3V09wcmxSX2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAsu+UMAwD
BACy75cDBAGy75gDBAK5GiAwDQYJKoZIhvcNAQELBQADggEBAGB3Hobofw3gNZPR
92A17WvjrgLiu+5y4HpF7mkEd0wXjtgKF9cbOmu9WdJmkFSnJB3UDprOHcRTCVoF
wgJ1RJa1VJnYOOY8/4PZLUGJKKPYn/VvZM5BhxI1QTdxcIitdaXO+rCi46MzRRar
xJQD9/MJ11p6fRc4NyFgkK5b5ObKG9pJlbA3PT0sQ0PZgZ0wdiPTfjxBtXJtWFhr
oXRfQRlJxAJ/OMuNEh4+19Jn0jxWlILm58jm0fGuWZwc+7tg4OKulZtLQxWRWdJq
t4iputsKCZeEaYr7utnSkFPOWDTrq84OwyC4kOioDOmN2d8CZjVb1dcrILMh6xz9
UXOe1Vk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:03 2025 by rpki-client