Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/pLcJCu9yHy34vWUZVHdhpZAW7kc.roa
File: pLcJCu9yHy34vWUZVHdhpZAW7kc.roa (raw, json)
Hash identifier: wjc/wb9BSXrcg+MHofj4lRKs/wI2hXlKyjQ8xAlFYjM=
Subject key identifier: A4:B7:09:0A:EF:72:1F:2D:F8:BD:65:19:54:77:61:A5:90:16:EE:47
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 018B80D04A8408196F41A836243CDA88CD83
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/pLcJCu9yHy34vWUZVHdhpZAW7kc.roa
Signing time: Mon 30 Oct 2023 13:40:16 +0000
ROA not before: Mon 30 Oct 2023 13:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 193.3.169.0/24 maxlen: 24
94.154.116.0/24 maxlen: 24
194.62.104.0/24 maxlen: 24
5.172.180.0/24 maxlen: 24
194.104.135.0/24 maxlen: 24
185.149.148.0/24 maxlen: 24
185.235.227.0/24 maxlen: 24
185.83.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:d0:4a:84:08:19:6f:41:a8:36:24:3c:da:88:cd:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Oct 30 13:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4b7090aef721f2df8bd6519547761a59016ee47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:71:df:97:b4:20:83:7b:18:58:35:ee:23:3d:
64:1f:c6:08:a2:0d:83:ba:2b:53:d9:09:53:e2:a0:
dd:c6:13:97:09:ef:dc:e1:71:20:5c:ed:aa:34:cf:
f7:9f:30:ea:df:f3:bc:b9:76:2c:a8:48:91:7e:22:
45:36:a5:58:30:4f:85:ef:91:24:28:82:99:23:f2:
76:bf:98:22:95:a3:cb:f8:9a:24:93:8f:3a:a2:6a:
1f:2c:5b:14:0b:ac:e9:fa:c3:94:db:bd:2c:16:bd:
ff:fd:30:74:05:84:e0:57:d4:08:ac:70:40:92:ae:
1e:c2:6a:81:2a:46:92:1f:a4:40:8d:fd:e4:54:3b:
a1:a9:77:33:88:06:b6:ef:45:e1:64:eb:d8:ed:44:
ce:ae:8a:c6:f1:76:c1:57:d8:1c:42:8b:14:30:d7:
82:fd:7a:22:f4:86:70:2b:39:8d:1b:1e:6e:2d:76:
d9:8f:0d:bd:42:16:cf:93:6c:7a:52:36:42:7d:0b:
ed:1a:a7:bd:63:b8:54:2c:68:ea:d3:7f:ec:df:e1:
aa:a1:83:10:61:5d:72:45:a4:70:e2:ff:5b:66:09:
07:c9:f6:8a:9e:70:8e:c8:23:60:30:47:f6:81:23:
1d:3d:fd:3a:da:72:3f:33:b1:a4:4c:dd:63:92:9a:
78:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B7:09:0A:EF:72:1F:2D:F8:BD:65:19:54:77:61:A5:90:16:EE:47
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/pLcJCu9yHy34vWUZVHdhpZAW7kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.180.0/24
94.154.116.0/24
185.83.231.0/24
185.149.148.0/24
185.235.227.0/24
193.3.169.0/24
194.62.104.0/24
194.104.135.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:7f:89:af:fb:7d:a9:e0:1e:d9:cd:c6:4a:29:ab:7c:f2:a5:
6e:e2:63:21:a7:b9:0f:23:f7:b9:9a:98:39:47:e7:ec:48:bb:
63:de:48:ee:e3:7c:76:c0:96:49:d2:94:ee:34:2c:e7:4a:17:
61:4b:2e:d6:b2:81:ba:f4:58:24:e9:7b:20:74:db:a2:c2:f9:
f9:5f:2d:73:b6:01:14:1d:fe:17:de:89:19:e5:1f:2d:2f:62:
24:67:51:ee:b2:46:e8:22:c7:34:0f:0d:02:08:7f:7b:a9:f6:
05:30:1d:20:be:7c:36:c4:72:88:1a:a3:bf:ee:02:58:2e:ff:
cd:b4:a7:34:79:8b:ef:cd:0e:79:47:5a:96:1a:63:bf:6d:03:
44:91:29:a1:db:88:09:86:a1:9a:e1:b4:1d:54:86:1c:be:23:
73:38:2c:45:c5:3e:df:12:0c:87:34:b8:01:30:0a:b6:5f:22:
47:f9:25:28:29:f3:03:2e:d2:3a:0f:01:9d:f9:48:10:b9:fe:
84:55:6d:ff:32:d6:d4:c2:fc:89:ea:fb:f4:7b:0b:01:4e:a5:
cf:e0:92:aa:a6:be:2a:a5:a1:db:0b:9d:40:e7:23:16:e9:5c:
05:97:04:c8:fc:99:5e:58:34:e6:6b:e6:37:24:35:70:b7:34:
51:c7:33:ba
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYuA0EqECBlvQag2JDzaiM2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjMxMDMwMTM0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGI3MDkwYWVmNzIxZjJkZjhiZDY1MTk1NDc3NjFhNTkwMTZlZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXHfl7Qgg3sYWDXuIz1kH8YIog2D
uitT2QlT4qDdxhOXCe/c4XEgXO2qNM/3nzDq3/O8uXYsqEiRfiJFNqVYME+F75Ek
KIKZI/J2v5gilaPL+Jokk486omofLFsUC6zp+sOU270sFr3//TB0BYTgV9QIrHBA
kq4ewmqBKkaSH6RAjf3kVDuhqXcziAa270XhZOvY7UTOrorG8XbBV9gcQosUMNeC
/Xoi9IZwKzmNGx5uLXbZjw29QhbPk2x6UjZCfQvtGqe9Y7hULGjq03/s3+GqoYMQ
YV1yRaRw4v9bZgkHyfaKnnCOyCNgMEf2gSMdPf062nI/M7GkTN1jkpp4uQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKS3CQrvch8t+L1lGVR3YaWQFu5HMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvcExjSkN1OXlIeTM0dldVWlZIZGhwWkFXN2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABay0AwQA
Xpp0AwQAuVPnAwQAuZWUAwQAuevjAwQAwQOpAwQAwj5oAwQAwmiHMA0GCSqGSIb3
DQEBCwUAA4IBAQArf4mv+32p4B7ZzcZKKat88qVu4mMhp7kPI/e5mpg5R+fsSLtj
3kju43x2wJZJ0pTuNCznShdhSy7WsoG69Fgk6XsgdNuiwvn5Xy1ztgEUHf4X3okZ
5R8tL2IkZ1HuskboIsc0Dw0CCH97qfYFMB0gvnw2xHKIGqO/7gJYLv/NtKc0eYvv
zQ55R1qWGmO/bQNEkSmh24gJhqGa4bQdVIYcviNzOCxFxT7fEgyHNLgBMAq2XyJH
+SUoKfMDLtI6DwGd+UgQuf6EVW3/MtbUwvyJ6vv0ewsBTqXP4JKqpr4qpaHbC51A
5yMW6VwFlwTI/JleWDTma+Y3JDVwtzRRxzO6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:15 2025 by rpki-client