Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pgdQTxnWnPDuG27Hp7XPBe6h_Yo.roa
File: pgdQTxnWnPDuG27Hp7XPBe6h_Yo.roa (raw, json)
Hash identifier: hY2v/rZsuTS1u2RoDD3q9iIrqHDgVUxwCvpVE9d9CL0=
Subject key identifier: A6:07:50:4F:19:D6:9C:F0:EE:1B:6E:C7:A7:B5:CF:05:EE:A1:FD:8A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0183F9F4C82A38293A243904072B30B07F98
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pgdQTxnWnPDuG27Hp7XPBe6h_Yo.roa
Signing time: Fri 21 Oct 2022 09:51:52 +0000
ROA not before: Fri 21 Oct 2022 09:51:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14178
IP address blocks: 45.86.248.0/22 maxlen: 22
45.145.251.0/24 maxlen: 24
45.144.188.0/22 maxlen: 24
45.85.224.0/22 maxlen: 22
185.227.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f9:f4:c8:2a:38:29:3a:24:39:04:07:2b:30:b0:7f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Oct 21 09:51:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a607504f19d69cf0ee1b6ec7a7b5cf05eea1fd8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ec:58:3e:64:f4:59:04:60:4f:ac:88:e3:c2:
8f:ae:0e:0f:be:55:d0:c1:f8:ed:31:90:eb:36:7b:
56:1e:76:a3:ee:d4:00:fc:90:3b:4a:14:de:0e:a4:
61:56:02:2e:57:a6:38:66:81:2a:e2:7b:86:80:20:
1c:13:1b:a7:63:f1:e3:24:98:f4:eb:43:d0:18:9b:
0b:50:d4:1f:15:f3:70:fa:00:0a:a3:2a:14:bc:ae:
7a:bf:32:3f:d1:49:cf:1e:76:ba:f5:c0:56:72:aa:
ee:d2:c9:ed:78:3e:52:ce:a7:9d:41:5a:99:af:6b:
ac:96:ab:c0:13:5a:78:a3:93:0d:5d:70:a5:1c:99:
31:36:56:5d:c8:d0:63:92:84:a7:0e:3c:42:18:56:
79:7e:c7:c9:c6:c6:8b:e0:5b:02:fe:d1:8b:24:b6:
cc:53:15:39:e4:14:04:e6:f8:e4:90:b4:1c:44:c6:
5a:df:4f:cf:3b:76:96:1f:d7:fe:94:c9:e8:ae:98:
ec:56:42:f4:ab:8b:f2:50:ac:19:d4:75:2f:09:8f:
b0:79:c4:77:19:d9:4f:03:bd:d8:2e:ef:f9:c0:36:
b9:9a:19:6c:21:b7:85:9d:73:49:3e:f0:b2:ac:ce:
6e:65:63:40:c4:03:85:d2:56:b8:7a:04:39:23:f7:
de:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:07:50:4F:19:D6:9C:F0:EE:1B:6E:C7:A7:B5:CF:05:EE:A1:FD:8A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pgdQTxnWnPDuG27Hp7XPBe6h_Yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.224.0/22
45.86.248.0/22
45.144.188.0/22
45.145.251.0/24
185.227.35.0/24
Signature Algorithm: sha256WithRSAEncryption
10:34:0e:80:4f:85:07:f4:84:68:e3:af:15:52:de:43:cf:fb:
f0:01:7b:5c:e9:6e:70:53:ba:93:e9:e0:61:bd:35:68:39:54:
e7:32:0e:a3:24:4a:64:91:33:20:8a:60:6f:a6:e7:74:79:4f:
92:d9:47:b9:aa:6e:54:69:57:23:e5:d0:ef:30:d5:2c:85:73:
77:61:36:f5:e9:65:90:cc:f8:6d:d4:2b:2d:fe:a8:1f:85:0f:
ec:a1:15:1b:06:64:7b:c8:dd:06:29:7a:e5:38:28:96:da:51:
55:c5:29:9d:4c:db:40:b3:2f:fb:4b:df:6d:ab:9f:00:17:a0:
e9:c2:df:e5:f1:2d:a3:c4:2b:f2:66:79:3c:76:28:f1:57:f4:
71:59:46:88:a9:5a:ca:62:9a:5a:1e:7e:6b:9f:90:d4:73:95:
94:6d:65:0e:11:bd:2d:9c:9c:a5:25:47:11:17:d8:00:f2:13:
6e:4f:46:01:52:9b:a0:5f:eb:17:a8:31:9d:07:ca:08:39:04:
61:a4:0b:1a:95:62:c2:f2:44:1c:4d:1e:cf:e8:2e:38:2e:ff:
e1:46:d1:b7:fc:6f:64:4c:f4:7c:e9:40:71:ab:12:2a:4a:ae:
b8:35:48:f2:ce:47:0c:b7:97:30:91:0e:bd:70:02:65:6d:ad:
a3:32:48:48
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYP59MgqOCk6JDkEByswsH+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIxMDIxMDk1MTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA3NTA0ZjE5ZDY5Y2YwZWUxYjZlYzdhN2I1Y2YwNWVlYTFmZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiexYPmT0WQRgT6yI48KPrg4PvlXQ
wfjtMZDrNntWHnaj7tQA/JA7ShTeDqRhVgIuV6Y4ZoEq4nuGgCAcExunY/HjJJj0
60PQGJsLUNQfFfNw+gAKoyoUvK56vzI/0UnPHna69cBWcqru0snteD5SzqedQVqZ
r2uslqvAE1p4o5MNXXClHJkxNlZdyNBjkoSnDjxCGFZ5fsfJxsaL4FsC/tGLJLbM
UxU55BQE5vjkkLQcRMZa30/PO3aWH9f+lMnorpjsVkL0q4vyUKwZ1HUvCY+wecR3
GdlPA73YLu/5wDa5mhlsIbeFnXNJPvCyrM5uZWNAxAOF0la4egQ5I/feIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKYHUE8Z1pzw7htux6e1zwXuof2KMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvcGdkUVR4blduUER1RzI3SHA3WFBCZTZoX1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLVXgAwQC
LVb4AwQCLZC8AwQALZH7AwQAueMjMA0GCSqGSIb3DQEBCwUAA4IBAQAQNA6AT4UH
9IRo468VUt5Dz/vwAXtc6W5wU7qT6eBhvTVoOVTnMg6jJEpkkTMgimBvpud0eU+S
2Ue5qm5UaVcj5dDvMNUshXN3YTb16WWQzPht1Cst/qgfhQ/soRUbBmR7yN0GKXrl
OCiW2lFVxSmdTNtAsy/7S99tq58AF6Dpwt/l8S2jxCvyZnk8dijxV/RxWUaIqVrK
YppaHn5rn5DUc5WUbWUOEb0tnJylJUcRF9gA8hNuT0YBUpugX+sXqDGdB8oIOQRh
pAsalWLC8kQcTR7P6C44Lv/hRtG3/G9kTPR86UBxqxIqSq64NUjyzkcMt5cwkQ69
cAJlba2jMkhI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org