Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/282b19-68b9-4ef3-ad39-6ec8c81fdc3f/1/PQy-418ApN39G9VLCdJYcrV7Mf8.roa
File: PQy-418ApN39G9VLCdJYcrV7Mf8.roa (raw, json)
Hash identifier: R359VXF1ueaHBnEpO2Xe3C/xTqifpN0aOS25aE0xWTI=
Subject key identifier: 3D:0C:BE:E3:5F:00:A4:DD:FD:1B:D5:4B:09:D2:58:72:B5:7B:31:FF
Certificate issuer: /CN=1d1e354362cb9224c016dac944e3d9d49909b17f
Certificate serial: 07ACB32F
Authority key identifier: 1D:1E:35:43:62:CB:92:24:C0:16:DA:C9:44:E3:D9:D4:99:09:B1:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HR41Q2LLkiTAFtrJROPZ1JkJsX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/282b19-68b9-4ef3-ad39-6ec8c81fdc3f/1/PQy-418ApN39G9VLCdJYcrV7Mf8.roa
Signing time: Sat 01 Jan 2022 08:06:14 +0000
ROA not before: Sat 01 Jan 2022 08:06:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197328
IP address blocks: 185.125.32.0/24 maxlen: 24
185.125.35.0/24 maxlen: 24
185.125.34.0/24 maxlen: 24
185.125.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128758575 (0x7acb32f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d1e354362cb9224c016dac944e3d9d49909b17f
Validity
Not Before: Jan 1 08:06:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d0cbee35f00a4ddfd1bd54b09d25872b57b31ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a9:64:a4:5e:2e:8f:49:5a:4d:eb:60:61:40:
c0:d9:bf:80:00:8a:dc:04:f3:61:34:a4:b0:f4:07:
4d:ab:59:ee:52:b0:07:cf:3d:5d:b5:30:da:5f:72:
0d:43:1b:ed:af:19:f6:04:f0:2c:9d:c9:56:fb:23:
ef:07:fe:18:12:82:a7:d4:39:f6:56:3b:52:7b:21:
85:9f:5e:21:67:21:7b:99:fd:f7:d3:f7:40:40:c0:
7d:49:f2:ec:53:b7:6f:8c:da:40:35:3a:ad:8f:85:
2c:bd:8a:19:5d:4d:10:c2:e3:85:00:be:94:26:d7:
55:c2:a3:2b:8b:0e:ab:36:e1:b9:95:27:ac:0f:6b:
5c:04:68:a2:bd:50:5d:e9:86:53:6c:2b:26:05:00:
39:52:a8:4b:f1:3f:2a:c9:36:39:cd:7e:cd:83:5b:
88:e6:a0:db:47:e1:80:90:2a:f8:e6:33:16:a3:0a:
cc:73:29:50:2e:34:de:88:a5:a2:80:3a:f5:50:cd:
51:4b:88:bc:5b:fb:d5:d5:aa:2a:6e:aa:f0:47:c2:
dd:42:82:c2:0f:f6:cd:c4:ff:a1:40:76:82:05:20:
04:b4:39:fa:2a:4e:4a:f7:ae:74:19:05:37:9a:5b:
de:08:68:6e:b1:be:4a:4d:18:af:cf:ff:d9:56:ff:
a6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0C:BE:E3:5F:00:A4:DD:FD:1B:D5:4B:09:D2:58:72:B5:7B:31:FF
X509v3 Authority Key Identifier:
keyid:1D:1E:35:43:62:CB:92:24:C0:16:DA:C9:44:E3:D9:D4:99:09:B1:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR41Q2LLkiTAFtrJROPZ1JkJsX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/282b19-68b9-4ef3-ad39-6ec8c81fdc3f/1/PQy-418ApN39G9VLCdJYcrV7Mf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/282b19-68b9-4ef3-ad39-6ec8c81fdc3f/1/HR41Q2LLkiTAFtrJROPZ1JkJsX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.32.0/22
Signature Algorithm: sha256WithRSAEncryption
92:3d:51:28:b6:d5:ac:3d:ed:a8:cf:68:43:f2:b4:94:b6:e4:
49:92:43:95:3e:2c:45:3a:80:7e:50:54:e2:84:a8:be:19:7d:
5c:09:53:21:b4:3a:c2:4f:65:11:b9:88:1c:fb:9c:54:32:37:
96:65:5c:d6:83:73:24:c5:1c:56:37:05:be:03:09:0c:93:54:
f6:e6:61:3d:dc:d1:ff:64:73:7e:a0:a4:74:94:5a:47:13:8c:
ca:34:1e:4b:bc:0d:ee:03:b6:df:93:e0:4e:6e:6e:df:70:55:
ca:91:eb:14:05:b2:9f:15:e9:aa:6a:5b:99:ac:a1:66:95:d5:
c7:dd:95:fe:54:d6:b8:fd:a7:68:8e:18:bb:a6:1f:c4:34:53:
66:9d:74:bd:b7:d2:fd:f4:63:80:29:2d:8a:7d:bf:96:4f:c6:
1f:53:ec:96:4e:3c:03:30:25:2c:19:de:d8:d0:c5:67:9f:27:
bb:d1:a3:e2:0b:68:cf:b3:8b:bb:30:d5:13:3e:b1:fb:8b:dc:
7e:83:35:2c:1c:6c:6a:c9:78:55:79:43:8b:bb:fd:87:b6:92:
d0:64:e8:ec:ab:2f:c9:f4:f4:cc:a0:d7:86:70:9c:8f:4e:e1:
76:d1:cc:29:7e:61:15:c4:d7:38:c8:01:40:96:12:26:7b:f2:
74:f4:d2:53
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB6yzLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDFlMzU0MzYyY2I5MjI0YzAxNmRhYzk0NGUzZDlkNDk5MDliMTdmMB4XDTIyMDEw
MTA4MDYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QwY2JlZTM1ZjAw
YTRkZGZkMWJkNTRiMDlkMjU4NzJiNTdiMzFmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMipZKReLo9JWk3rYGFAwNm/gACK3ATzYTSksPQHTatZ7lKw
B889XbUw2l9yDUMb7a8Z9gTwLJ3JVvsj7wf+GBKCp9Q59lY7UnshhZ9eIWche5n9
99P3QEDAfUny7FO3b4zaQDU6rY+FLL2KGV1NEMLjhQC+lCbXVcKjK4sOqzbhuZUn
rA9rXARoor1QXemGU2wrJgUAOVKoS/E/Ksk2Oc1+zYNbiOag20fhgJAq+OYzFqMK
zHMpUC403oilooA69VDNUUuIvFv71dWqKm6q8EfC3UKCwg/2zcT/oUB2ggUgBLQ5
+ipOSveudBkFN5pb3ghobrG+Sk0Yr8//2Vb/ptECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ9DL7jXwCk3f0b1UsJ0lhytXsx/zAfBgNVHSMEGDAWgBQdHjVDYsuSJMAW
2slE49nUmQmxfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hSNDFRMkxMa2lUQUZ0ckpST1BaMUprSnNYOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMjgyYjE5LTY4YjktNGVmMy1hZDM5LTZlYzhjODFmZGMzZi8x
L1BReS00MThBcE4zOUc5VkxDZEpZY3JWN01mOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MjgyYjE5LTY4YjktNGVmMy1hZDM5LTZlYzhjODFmZGMzZi8xL0hSNDFRMkxMa2lU
QUZ0ckpST1BaMUprSnNYOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl9IDANBgkqhkiG9w0BAQsFAAOC
AQEAkj1RKLbVrD3tqM9oQ/K0lLbkSZJDlT4sRTqAflBU4oSovhl9XAlTIbQ6wk9l
EbmIHPucVDI3lmVc1oNzJMUcVjcFvgMJDJNU9uZhPdzR/2RzfqCkdJRaRxOMyjQe
S7wN7gO235PgTm5u33BVypHrFAWynxXpqmpbmayhZpXVx92V/lTWuP2naI4Yu6Yf
xDRTZp10vbfS/fRjgCktin2/lk/GH1Pslk48AzAlLBne2NDFZ58nu9Gj4gtoz7OL
uzDVEz6x+4vcfoM1LBxsasl4VXlDi7v9h7aS0GTo7KsvyfT0zKDXhnCcj07hdtHM
KX5hFcTXOMgBQJYSJnvydPTSUw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:44 2023 by rpki-client on console-fra.rpki-client.org