Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/PGrIZHHPfdNHLD99SLRpiefpzKQ.roa
File: PGrIZHHPfdNHLD99SLRpiefpzKQ.roa (raw, json)
Hash identifier: M6syS+lm9GbylzOD0YMn4pGJ5ikAystclsv5oj7GQro=
Subject key identifier: 3C:6A:C8:64:71:CF:7D:D3:47:2C:3F:7D:48:B4:69:89:E7:E9:CC:A4
Certificate issuer: /CN=0268b930beeca51fbf3543fe79f9b19345cf13d5
Certificate serial: 018A735439AE85C7E1317219040026545B1A
Authority key identifier: 02:68:B9:30:BE:EC:A5:1F:BF:35:43:FE:79:F9:B1:93:45:CF:13:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ami5ML7spR-_NUP-efmxk0XPE9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/PGrIZHHPfdNHLD99SLRpiefpzKQ.roa
Signing time: Fri 08 Sep 2023 05:46:54 +0000
ROA not before: Fri 08 Sep 2023 05:46:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1064
IP address blocks: 192.76.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:73:54:39:ae:85:c7:e1:31:72:19:04:00:26:54:5b:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0268b930beeca51fbf3543fe79f9b19345cf13d5
Validity
Not Before: Sep 8 05:46:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c6ac86471cf7dd3472c3f7d48b46989e7e9cca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a7:4d:7f:48:c4:c9:99:a6:08:d4:32:2b:5a:
b3:e0:a4:7a:38:ad:fa:fb:79:57:95:55:ec:d1:c4:
e7:f5:8c:15:f2:e6:eb:02:a4:81:98:50:de:c7:88:
00:38:84:8c:df:30:aa:e5:fe:47:30:95:17:3a:1a:
43:23:50:ba:11:4f:c1:e7:9f:b8:3f:3a:3f:81:0c:
e5:95:ed:1a:29:74:f2:99:f2:90:7f:10:d7:51:31:
eb:e4:9b:61:43:5b:f0:26:57:24:e8:78:20:ab:ec:
95:40:66:bd:95:cb:87:79:9c:45:0c:00:4f:7e:1e:
5a:24:e3:c2:f2:75:f0:d8:18:8f:9f:ac:08:40:0e:
ca:de:b8:99:60:c8:a2:b2:fe:6f:99:15:7f:54:b6:
79:c6:e3:8c:3f:b5:b2:0b:2a:f1:c5:f9:01:ce:81:
6a:d1:c3:8b:e3:f0:83:1f:4c:86:74:58:4f:a3:72:
9c:eb:4b:d6:67:05:af:66:f2:4a:4d:56:79:a3:d5:
8c:c0:44:34:8a:1f:49:00:df:0b:85:0a:0f:f8:03:
5a:a0:90:25:1d:e8:5b:ea:b0:2d:c5:3a:d9:6f:a7:
b2:05:c7:be:8e:3a:99:53:b3:d2:54:3c:f4:dc:91:
31:98:31:9a:b8:5c:4b:b6:94:90:81:4b:fd:ac:bc:
30:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:6A:C8:64:71:CF:7D:D3:47:2C:3F:7D:48:B4:69:89:E7:E9:CC:A4
X509v3 Authority Key Identifier:
keyid:02:68:B9:30:BE:EC:A5:1F:BF:35:43:FE:79:F9:B1:93:45:CF:13:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ami5ML7spR-_NUP-efmxk0XPE9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/PGrIZHHPfdNHLD99SLRpiefpzKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/Ami5ML7spR-_NUP-efmxk0XPE9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.76.164.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:d8:18:05:52:1d:7a:d9:ab:d2:45:96:54:c9:fe:1c:e8:42:
b0:0b:20:17:4e:c6:c2:e2:a6:28:a8:4a:65:f8:13:5e:c8:67:
d6:19:74:4e:c8:15:c6:2b:32:5f:9d:33:db:02:a9:57:62:ac:
d6:b3:fc:ed:c8:15:87:fa:34:a6:26:79:99:8b:19:06:cb:12:
49:17:11:87:e7:30:6b:95:5a:be:af:f9:58:7b:a1:35:de:02:
90:11:a9:ff:9b:2f:80:2f:8e:91:8f:a8:fa:8b:95:e0:18:fd:
dd:90:86:90:fd:45:a7:cf:0a:0a:b6:84:a0:84:46:6e:b4:c0:
fd:d8:b3:88:d0:fd:c1:0d:59:0a:66:f4:13:2d:59:f9:72:c3:
5e:42:c7:9b:84:f5:ba:48:71:2d:03:0a:ba:f5:8d:6b:56:6e:
5d:ae:f9:ea:a2:d7:d9:4f:51:59:80:e3:f7:e9:3a:08:b4:16:
54:6b:ba:d4:69:e4:3d:61:c2:e3:83:9e:6c:37:ee:b2:50:bb:
3e:08:a5:ea:79:d9:77:84:cc:d5:1d:04:8c:d4:9d:72:51:91:
5a:b5:c2:72:a0:35:78:0a:3a:bf:d1:a6:ff:29:d4:f6:11:3f:
ae:89:09:7c:fd:c3:b8:af:a2:4d:d3:32:a2:34:69:ce:c6:fd:
f3:73:82:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpzVDmuhcfhMXIZBAAmVFsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNjhiOTMwYmVlY2E1MWZiZjM1NDNmZTc5ZjliMTkzNDVj
ZjEzZDUwHhcNMjMwOTA4MDU0NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzZhYzg2NDcxY2Y3ZGQzNDcyYzNmN2Q0OGI0Njk4OWU3ZTljY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwadNf0jEyZmmCNQyK1qz4KR6OK36
+3lXlVXs0cTn9YwV8ubrAqSBmFDex4gAOISM3zCq5f5HMJUXOhpDI1C6EU/B55+4
Pzo/gQzlle0aKXTymfKQfxDXUTHr5JthQ1vwJlck6Hggq+yVQGa9lcuHeZxFDABP
fh5aJOPC8nXw2BiPn6wIQA7K3riZYMiisv5vmRV/VLZ5xuOMP7WyCyrxxfkBzoFq
0cOL4/CDH0yGdFhPo3Kc60vWZwWvZvJKTVZ5o9WMwEQ0ih9JAN8LhQoP+ANaoJAl
Hehb6rAtxTrZb6eyBce+jjqZU7PSVDz03JExmDGauFxLtpSQgUv9rLww6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxqyGRxz33TRyw/fUi0aYnn6cykMB8GA1UdIwQY
MBaAFAJouTC+7KUfvzVD/nn5sZNFzxPVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW1pNU1MN3NwUi1fTlVQLWVmbXhrMFhQRTlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi80M2NkOTgtNmY4YS00NGNmLTk1YmQt
NDIwZjljOGVhZmE0LzEvUEdySVpISFBmZE5ITEQ5OVNMUnBpZWZwektRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi80M2NkOTgtNmY4YS00NGNmLTk1YmQtNDIwZjljOGVhZmE0
LzEvQW1pNU1MN3NwUi1fTlVQLWVmbXhrMFhQRTlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEykMA0G
CSqGSIb3DQEBCwUAA4IBAQCz2BgFUh162avSRZZUyf4c6EKwCyAXTsbC4qYoqEpl
+BNeyGfWGXROyBXGKzJfnTPbAqlXYqzWs/ztyBWH+jSmJnmZixkGyxJJFxGH5zBr
lVq+r/lYe6E13gKQEan/my+AL46Rj6j6i5XgGP3dkIaQ/UWnzwoKtoSghEZutMD9
2LOI0P3BDVkKZvQTLVn5csNeQsebhPW6SHEtAwq69Y1rVm5drvnqotfZT1FZgOP3
6ToItBZUa7rUaeQ9YcLjg55sN+6yULs+CKXqedl3hMzVHQSM1J1yUZFatcJyoDV4
Cjq/0ab/KdT2ET+uiQl8/cO4r6JN0zKiNGnOxv3zc4Ii
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:06:53 2025 by rpki-client