Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PLMMghp-go4DOvsJQh1JMZ89CRo.roa
File: PLMMghp-go4DOvsJQh1JMZ89CRo.roa (raw, json)
Hash identifier: ne9GfoWA0MrHvKB1KYuYrlVGeGbRpYCze5CAsWpYoro=
Subject key identifier: 3C:B3:0C:82:1A:7E:82:8E:03:3A:FB:09:42:1D:49:31:9F:3D:09:1A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0DBCDD50
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PLMMghp-go4DOvsJQh1JMZ89CRo.roa
Signing time: Fri 01 Apr 2022 12:13:16 +0000
ROA not before: Fri 01 Apr 2022 12:13:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 185.121.120.0/24 maxlen: 24
45.133.1.0/24 maxlen: 24
45.144.225.0/24 maxlen: 24
62.197.136.0/24 maxlen: 24
45.144.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230481232 (0xdbcdd50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 1 12:13:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3cb30c821a7e828e033afb09421d49319f3d091a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:47:b3:d4:fc:53:82:58:f0:32:0f:e1:61:
c2:ba:6e:bc:f5:f3:93:b2:d3:a3:61:e8:0a:d8:4b:
2d:3f:a8:56:1b:4c:4b:fd:28:74:b0:52:50:29:af:
b3:80:b9:d5:ce:2b:64:78:ef:c7:77:8f:05:20:62:
52:e6:ee:eb:2f:53:91:f0:32:cf:9d:fb:94:3c:81:
ed:d1:fc:98:fb:7a:66:61:d9:7d:28:6d:71:cb:35:
03:bc:e2:8c:96:c9:15:8e:90:c7:ce:1c:c9:36:46:
d8:b9:80:ae:a6:28:e5:7a:2b:81:9f:07:24:43:bd:
33:8e:9c:f9:ce:13:71:ca:6a:ed:61:e5:ef:5a:6e:
94:fd:e4:b9:f4:1e:c6:7b:83:ec:f2:61:c6:0d:71:
b6:8c:0d:8a:be:92:5b:b1:e9:9e:27:bc:c3:12:02:
a9:98:12:e4:0f:66:9a:dc:21:d1:a1:da:01:ea:c4:
06:3b:07:d0:41:50:6f:28:43:1f:0e:20:77:1e:5d:
f3:a8:65:93:9a:bb:b8:d4:61:a8:45:e1:f9:83:ad:
6b:d0:5e:67:95:c4:c0:82:3f:4a:5b:87:17:c6:0a:
c3:9d:59:f0:29:6b:a0:54:80:3b:32:fe:a0:0f:e7:
31:5b:45:ba:30:72:99:ff:d9:5e:18:f3:4e:0f:9a:
e0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:B3:0C:82:1A:7E:82:8E:03:3A:FB:09:42:1D:49:31:9F:3D:09:1A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PLMMghp-go4DOvsJQh1JMZ89CRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.1.0/24
45.144.225.0/24
45.144.227.0/24
62.197.136.0/24
185.121.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:0e:71:a1:25:d3:9f:eb:f7:ba:27:13:aa:ac:f1:d6:6b:47:
c8:e3:5d:ae:5e:69:60:89:b5:fa:10:5d:f9:f6:03:79:c9:e1:
7c:6b:6c:58:6e:fd:63:0b:6e:9d:84:06:1e:76:69:98:43:65:
a5:6b:cf:b9:8f:b1:13:e2:ce:c0:20:db:98:6f:81:60:05:19:
34:4f:8d:d7:ee:93:91:79:94:9b:5c:d6:37:f0:83:71:67:d2:
56:a2:40:76:ff:26:0d:65:92:f4:11:da:68:4e:5d:31:09:42:
9c:01:b9:18:8f:31:a9:6a:12:6b:b4:42:a0:72:28:8d:78:9a:
47:86:6e:e2:10:3a:d6:6d:5c:2a:1e:94:10:8d:6e:f4:27:d6:
ae:8b:f0:6c:76:13:c4:a3:99:32:8b:18:56:48:c9:61:7b:6d:
8d:57:36:13:fc:71:3e:43:df:43:86:b8:48:b3:59:42:6a:ca:
33:a0:84:da:97:a9:67:a5:f9:7a:f4:a6:4f:6b:19:33:1d:fa:
17:93:a7:60:2a:e0:78:24:a8:4a:92:6a:7d:31:92:e4:c1:b5:
5e:5f:54:2b:cb:e7:5f:dd:28:43:44:bf:42:a8:b4:df:59:ee:
15:04:e2:cc:04:09:4a:c3:b9:78:21:af:72:1e:93:f1:81:ac:
9f:3d:29:a5
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEDbzdUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDQw
MTEyMTMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2NiMzBjODIxYTdl
ODI4ZTAzM2FmYjA5NDIxZDQ5MzE5ZjNkMDkxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkxR7PU/FOCWPAyD+FhwrpuvPXzk7LTo2HoCthLLT+oVhtM
S/0odLBSUCmvs4C51c4rZHjvx3ePBSBiUubu6y9TkfAyz537lDyB7dH8mPt6ZmHZ
fShtccs1A7zijJbJFY6Qx84cyTZG2LmArqYo5XorgZ8HJEO9M46c+c4Tccpq7WHl
71pulP3kufQexnuD7PJhxg1xtowNir6SW7Hpnie8wxICqZgS5A9mmtwh0aHaAerE
BjsH0EFQbyhDHw4gdx5d86hlk5q7uNRhqEXh+YOta9BeZ5XEwII/SluHF8YKw51Z
8ClroFSAOzL+oA/nMVtFujBymf/ZXhjzTg+a4LECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQ8swyCGn6CjgM6+wlCHUkxnz0JGjAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L1BMTU1naHAtZ280RE92c0pRaDFKTVo4OUNSby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC2FAQMEAC2Q4QMEAC2Q4wMEAD7F
iAMEALl5eDANBgkqhkiG9w0BAQsFAAOCAQEADQ5xoSXTn+v3uicTqqzx1mtHyONd
rl5pYIm1+hBd+fYDecnhfGtsWG79YwtunYQGHnZpmENlpWvPuY+xE+LOwCDbmG+B
YAUZNE+N1+6TkXmUm1zWN/CDcWfSVqJAdv8mDWWS9BHaaE5dMQlCnAG5GI8xqWoS
a7RCoHIojXiaR4Zu4hA61m1cKh6UEI1u9CfWrovwbHYTxKOZMosYVkjJYXttjVc2
E/xxPkPfQ4a4SLNZQmrKM6CE2pepZ6X5evSmT2sZMx36F5OnYCrgeCSoSpJqfTGS
5MG1Xl9UK8vnX90oQ0S/Qqi031nuFQTizAQJSsO5eCGvch6T8YGsnz0ppQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org