Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/pmExUEc4fy0352siDiLFg9A9knw.roa
File: pmExUEc4fy0352siDiLFg9A9knw.roa (raw, json)
Hash identifier: RjZI/Q/h0BBH8bLUl2/ApNyUjFPGjQNBTqV7lVeaCgI=
Subject key identifier: A6:61:31:50:47:38:7F:2D:37:E7:6B:22:0E:22:C5:83:D0:3D:92:7C
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 01856EC20783F118892AD8633E4B41950CF1
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/pmExUEc4fy0352siDiLFg9A9knw.roa
Signing time: Sun 01 Jan 2023 19:14:47 +0000
ROA not before: Sun 01 Jan 2023 19:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 89.19.42.0/23 maxlen: 32
83.229.76.0/22 maxlen: 32
93.114.10.0/23 maxlen: 32
45.142.92.0/22 maxlen: 32
209.20.176.0/21 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:07:83:f1:18:89:2a:d8:63:3e:4b:41:95:0c:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 1 19:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a661315047387f2d37e76b220e22c583d03d927c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9f:a4:4c:87:2b:7e:47:bc:8c:da:3b:98:2a:
b4:c5:38:81:82:1e:3d:f8:03:23:3f:a5:36:3d:73:
72:3c:dc:8b:08:f5:c0:3b:1f:ff:7b:9a:86:0d:c3:
1d:fb:39:39:0b:c8:a2:02:7d:35:09:a4:02:56:fb:
43:b0:26:fa:a0:92:7f:d8:ad:bd:ae:e6:64:49:25:
fc:d1:3d:2a:99:de:4a:4f:18:95:43:57:4e:21:73:
95:1f:94:b4:73:97:08:fa:da:a8:06:70:90:08:73:
7d:4e:9d:c9:a4:0e:b7:4d:99:6a:99:5d:80:9e:87:
a6:16:89:77:8b:b7:85:41:c3:74:be:f3:1a:cf:a3:
0a:76:d0:0d:16:70:c3:48:93:12:8f:11:28:76:f1:
65:f8:f4:5b:86:53:8c:7f:95:26:b2:20:c8:9f:a4:
c0:5d:06:22:4b:73:09:95:22:11:57:d5:23:c1:77:
6d:47:d9:ed:79:ec:49:64:af:32:bf:33:8b:94:06:
32:12:b9:bd:94:9c:ff:74:a9:ff:ea:6b:f8:7c:11:
50:8e:f6:af:4e:95:61:8b:fd:98:b2:9b:26:a6:2a:
19:78:d4:fd:38:69:e2:a5:f4:14:57:fd:22:c4:97:
a9:e7:23:fa:ee:4e:c3:8a:67:1e:00:3f:49:3d:f0:
27:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:61:31:50:47:38:7F:2D:37:E7:6B:22:0E:22:C5:83:D0:3D:92:7C
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/pmExUEc4fy0352siDiLFg9A9knw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.92.0/22
83.229.76.0/22
89.19.42.0/23
93.114.10.0/23
209.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:ad:d0:5c:82:b4:82:5f:9c:63:ab:c1:20:7c:e1:27:d8:9d:
9f:eb:55:ee:b6:33:8c:aa:61:57:6c:44:0e:6d:48:e0:19:f1:
00:24:94:01:eb:c6:61:a1:46:30:fe:a8:42:dc:88:8b:a2:97:
c2:87:ef:7b:fd:bc:b4:69:4c:34:65:f6:b7:5d:16:02:a9:90:
82:b9:db:c0:5f:51:9b:9e:ee:50:04:96:4f:82:b7:e0:c2:e5:
87:35:6f:a8:4b:74:b3:fd:91:5e:21:b2:3f:a7:63:f4:96:2c:
3e:87:1b:71:07:53:37:2c:8a:cb:0e:e1:89:1e:1c:16:06:2f:
8e:80:9a:97:99:28:6f:b8:92:c5:67:15:70:de:8b:2e:a4:e3:
c0:0e:95:6c:44:ab:7a:56:99:2a:a1:d5:b7:73:45:02:32:5d:
87:e9:26:ad:16:71:a0:c7:19:75:c0:f0:3b:20:a0:5e:98:e5:
37:df:b4:72:ac:99:15:98:77:05:cc:28:aa:1a:ee:63:a8:10:
f6:8e:bd:74:7e:c0:ac:c0:e0:52:07:29:ca:e1:45:d4:66:df:
8b:e5:33:4b:57:b7:5c:4d:3e:e5:98:58:7e:c6:9b:49:1b:b4:
c0:9a:3d:25:b8:de:f0:ac:1b:44:95:7d:9d:38:34:46:a7:af:
c2:1b:a7:2e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVuwgeD8RiJKthjPktBlQzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjMwMTAxMTkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjYxMzE1MDQ3Mzg3ZjJkMzdlNzZiMjIwZTIyYzU4M2QwM2Q5MjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp+kTIcrfke8jNo7mCq0xTiBgh49
+AMjP6U2PXNyPNyLCPXAOx//e5qGDcMd+zk5C8iiAn01CaQCVvtDsCb6oJJ/2K29
ruZkSSX80T0qmd5KTxiVQ1dOIXOVH5S0c5cI+tqoBnCQCHN9Tp3JpA63TZlqmV2A
noemFol3i7eFQcN0vvMaz6MKdtANFnDDSJMSjxEodvFl+PRbhlOMf5UmsiDIn6TA
XQYiS3MJlSIRV9UjwXdtR9nteexJZK8yvzOLlAYyErm9lJz/dKn/6mv4fBFQjvav
TpVhi/2YspsmpioZeNT9OGnipfQUV/0ixJep5yP67k7DimceAD9JPfAnvwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKZhMVBHOH8tN+drIg4ixYPQPZJ8MB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvcG1FeFVFYzRmeTAzNTJzaURpTEZnOUE5a253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLY5cAwQC
U+VMAwQBWRMqAwQBXXIKAwQD0RSwMA0GCSqGSIb3DQEBCwUAA4IBAQCKrdBcgrSC
X5xjq8EgfOEn2J2f61XutjOMqmFXbEQObUjgGfEAJJQB68ZhoUYw/qhC3IiLopfC
h+97/by0aUw0Zfa3XRYCqZCCudvAX1Gbnu5QBJZPgrfgwuWHNW+oS3Sz/ZFeIbI/
p2P0liw+hxtxB1M3LIrLDuGJHhwWBi+OgJqXmShvuJLFZxVw3osupOPADpVsRKt6
VpkqodW3c0UCMl2H6SatFnGgxxl1wPA7IKBemOU337RyrJkVmHcFzCiqGu5jqBD2
jr10fsCswOBSBynK4UXUZt+L5TNLV7dcTT7lmFh+xptJG7TAmj0luN7wrBtElX2d
ODRGp6/CG6cu
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:14:08 2025 by rpki-client