Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/PNmg5UFP36ah5N5VY8Yql1brRWw.roa
File: PNmg5UFP36ah5N5VY8Yql1brRWw.roa (raw, json)
Hash identifier: kUZpEwlmb4AwpHI63dPLu11WFuMAlNx6bTAchAS5rkw=
Subject key identifier: 3C:D9:A0:E5:41:4F:DF:A6:A1:E4:DE:55:63:C6:2A:97:56:EB:45:6C
Certificate issuer: /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial: 0182FD87A994736BCFB001D65ADCB38AB1E3
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/PNmg5UFP36ah5N5VY8Yql1brRWw.roa
Signing time: Fri 02 Sep 2022 09:28:22 +0000
ROA not before: Fri 02 Sep 2022 09:28:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 185.17.24.0/22 maxlen: 22
78.157.192.0/19 maxlen: 19
78.110.160.0/20 maxlen: 20
94.229.64.0/20 maxlen: 20
77.74.192.0/21 maxlen: 21
31.132.0.0/21 maxlen: 21
185.103.96.0/22 maxlen: 22
178.159.0.0/20 maxlen: 20
37.9.56.0/21 maxlen: 21
5.101.136.0/21 maxlen: 21
5.101.144.0/21 maxlen: 21
77.75.120.0/21 maxlen: 21
5.101.168.0/21 maxlen: 21
2a01:a500::/32 maxlen: 32
2a01:a500:2566::/48 maxlen: 48
2a01:a500:1228::/48 maxlen: 48
2a01:a500:1::/48 maxlen: 48
2a01:a507::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fd:87:a9:94:73:6b:cf:b0:01:d6:5a:dc:b3:8a:b1:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
Validity
Not Before: Sep 2 09:28:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3cd9a0e5414fdfa6a1e4de5563c62a9756eb456c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9f:09:cb:87:d6:b2:d1:24:88:44:7e:05:f0:
33:98:53:7a:bc:cc:96:72:51:5c:6b:55:9e:82:f3:
0e:55:35:4b:0c:01:d0:4a:99:df:42:f9:65:0c:ed:
df:91:7a:c3:1e:64:2b:08:a7:fb:57:32:58:94:2b:
f6:53:17:a3:97:de:fa:a5:f5:9d:88:f2:3b:8c:fc:
2c:6d:8d:46:a4:c4:63:f6:1d:16:1f:bc:29:74:90:
61:84:f6:80:b2:59:5b:12:d0:f2:fd:7a:0d:b2:9f:
13:00:e2:16:e6:39:cc:10:b4:51:91:02:6a:61:27:
e8:93:39:9f:c1:a5:19:a0:63:fc:32:91:c9:e8:b0:
f2:3f:ab:97:f5:09:fd:2f:a3:fb:6b:fc:fc:5c:e6:
01:0a:cb:ff:f9:07:0a:3a:7d:94:cd:ca:b4:5a:b2:
1a:4b:97:55:ef:9c:d8:8c:7a:cb:92:8a:47:0c:68:
b8:43:09:b0:d7:d0:db:05:c0:59:7f:03:ce:9c:54:
21:c1:73:c9:21:09:18:de:86:ff:93:e0:c5:c6:6a:
56:f9:8c:be:a6:17:cc:87:81:0b:4e:05:83:93:5f:
ca:85:ce:6a:6c:8c:6d:0d:b8:ec:de:26:df:9b:cb:
ed:f2:11:a4:e9:49:37:5b:2b:59:44:56:09:4c:66:
25:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D9:A0:E5:41:4F:DF:A6:A1:E4:DE:55:63:C6:2A:97:56:EB:45:6C
X509v3 Authority Key Identifier:
keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/PNmg5UFP36ah5N5VY8Yql1brRWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.136.0-5.101.151.255
5.101.168.0/21
31.132.0.0/21
37.9.56.0/21
77.74.192.0/21
77.75.120.0/21
78.110.160.0/20
78.157.192.0/19
94.229.64.0/20
178.159.0.0/20
185.17.24.0/22
185.103.96.0/22
IPv6:
2a01:a500::/32
2a01:a507::/32
Signature Algorithm: sha256WithRSAEncryption
48:d0:31:18:44:1f:c8:6d:16:2c:8d:f5:3d:ac:cf:b4:42:db:
26:00:b0:d7:8f:eb:74:47:73:29:4a:96:98:ad:40:47:67:5f:
12:7f:85:55:81:ba:64:29:87:a4:a7:92:79:c3:7c:d5:5f:89:
c4:27:a4:d8:bf:54:d7:97:90:6c:02:d0:26:79:62:70:17:8e:
7a:d3:fa:e6:a7:79:a3:47:ab:13:79:2a:bd:58:38:d5:02:ef:
74:8a:8b:3f:e7:91:1a:8d:2e:87:35:05:8f:5d:40:32:18:72:
42:fe:85:1a:56:90:1a:56:b4:84:11:e9:fa:f7:6a:4c:a2:4c:
9e:14:c0:28:49:53:f5:5f:ac:f7:0f:77:12:9a:00:c6:f8:1d:
a8:d7:24:95:e7:96:40:58:6e:78:eb:10:3f:2c:6d:e8:9a:fe:
96:ef:e7:01:33:36:e3:e7:14:be:40:6b:5a:6e:af:4b:6d:5a:
fb:ee:a5:ce:6a:34:14:c7:21:d7:17:24:88:ac:20:3d:d3:84:
32:c0:0c:0f:d4:d3:e9:17:95:2a:d9:da:c2:10:fb:7f:34:90:
6e:1b:bf:74:0b:13:ba:bd:e5:1e:84:b8:77:24:88:be:09:9a:
d9:df:b7:8b:f2:0e:2b:c2:5f:48:ea:a0:04:5f:87:e1:19:eb:
c9:47:7b:53
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYL9h6mUc2vPsAHWWtyzirHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmZkYmI2YTRiMTY2MzM2OWRhNDA3ZGI5N2IwMjFmNzMy
ODRhMjgwHhcNMjIwOTAyMDkyODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Q5YTBlNTQxNGZkZmE2YTFlNGRlNTU2M2M2MmE5NzU2ZWI0NTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp8Jy4fWstEkiER+BfAzmFN6vMyW
clFca1WegvMOVTVLDAHQSpnfQvllDO3fkXrDHmQrCKf7VzJYlCv2Uxejl976pfWd
iPI7jPwsbY1GpMRj9h0WH7wpdJBhhPaAsllbEtDy/XoNsp8TAOIW5jnMELRRkQJq
YSfokzmfwaUZoGP8MpHJ6LDyP6uX9Qn9L6P7a/z8XOYBCsv/+QcKOn2Uzcq0WrIa
S5dV75zYjHrLkopHDGi4Qwmw19DbBcBZfwPOnFQhwXPJIQkY3ob/k+DFxmpW+Yy+
phfMh4ELTgWDk1/Khc5qbIxtDbjs3ibfm8vt8hGk6Uk3WytZRFYJTGYliwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFDzZoOVBT9+moeTeVWPGKpdW60VsMB8GA1UdIwQY
MBaAFAW/27aksWYzadpAfbl7Ah9zKEooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMt
MDYwZGFjZmViZTBmLzEvUE5tZzVVRlAzNmFoNU41Vlk4WXFsMWJyUld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMtMDYwZGFjZmViZTBm
LzEvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQMAwDBAMFZYgD
BAMFZZADBAMFZagDBAMfhAADBAMlCTgDBANNSsADBANNS3gDBARObqADBAVOncAD
BARe5UADBASynwADBAK5ERgDBAK5Z2AwFAQCAAIwDgMFACoBpQADBQAqAaUHMA0G
CSqGSIb3DQEBCwUAA4IBAQBI0DEYRB/IbRYsjfU9rM+0QtsmALDXj+t0R3MpSpaY
rUBHZ18Sf4VVgbpkKYekp5J5w3zVX4nEJ6TYv1TXl5BsAtAmeWJwF4560/rmp3mj
R6sTeSq9WDjVAu90ios/55EajS6HNQWPXUAyGHJC/oUaVpAaVrSEEen692pMokye
FMAoSVP1X6z3D3cSmgDG+B2o1ySV55ZAWG546xA/LG3omv6W7+cBMzbj5xS+QGta
bq9LbVr77qXOajQUxyHXFySIrCA904QywAwP1NPpF5Uq2drCEPt/NJBuG790CxO6
veUehLh3JIi+CZrZ37eL8g4rwl9I6qAEX4fhGevJR3tT
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:47 2023 by rpki-client on console-fra.rpki-client.org