Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/PvmTW-z4BAPV0hHLY_isTNE2qpc.roa
File: PvmTW-z4BAPV0hHLY_isTNE2qpc.roa (raw, json)
Hash identifier: uSA9VtHLxB5zT5geXqaI/iLR5JcUR0LeIWWty30kWHI=
Subject key identifier: 3E:F9:93:5B:EC:F8:04:03:D5:D2:11:CB:63:F8:AC:4C:D1:36:AA:97
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 0184EBDC17B4064E515AFD70E19898B60C04
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/PvmTW-z4BAPV0hHLY_isTNE2qpc.roa
Signing time: Wed 07 Dec 2022 09:13:00 +0000
ROA not before: Wed 07 Dec 2022 09:13:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33438
IP address blocks: 81.171.61.0/24 maxlen: 24
81.171.62.0/23 maxlen: 24
81.171.68.0/24 maxlen: 24
81.171.66.0/24 maxlen: 24
81.171.70.0/23 maxlen: 23
81.171.70.64/26 maxlen: 26
81.171.105.0/24 maxlen: 24
81.171.106.0/24 maxlen: 24
81.171.106.64/26 maxlen: 26
81.171.116.0/24 maxlen: 24
2001:4de0:2105::/48 maxlen: 48
2001:4de0:4300::/40 maxlen: 40
2001:4de0:2300::/40 maxlen: 40
2001:4de0:600::/40 maxlen: 40
2001:4de0:700::/40 maxlen: 40
2001:4de0:4000::/40 maxlen: 40
2001:4de0:500::/40 maxlen: 40
2001:4de0:4100::/40 maxlen: 40
2001:4de0:6300::/40 maxlen: 40
2001:4de0:6000::/40 maxlen: 40
2001:4de0:2100::/40 maxlen: 40
2001:4de0:200::/40 maxlen: 40
2001:4de0:3000::/40 maxlen: 40
2001:4de0:2200::/40 maxlen: 40
2001:4de0:3100::/40 maxlen: 40
2001:4de0:2000::/40 maxlen: 40
2001:4de0:6200::/40 maxlen: 40
2001:4de0:400::/40 maxlen: 40
2001:4de0:1000::/48 maxlen: 48
2001:4de0:7003::/48 maxlen: 48
2001:4de0:402::/48 maxlen: 48
2001:4de0:2202::/48 maxlen: 48
2001:4de0:6102::/48 maxlen: 48
2001:4de0:7002::/48 maxlen: 48
2001:4de0:5010::/48 maxlen: 48
2001:4de0:ac13::/48 maxlen: 48
2001:4de0:3004::/48 maxlen: 48
2001:4de0:7001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:dc:17:b4:06:4e:51:5a:fd:70:e1:98:98:b6:0c:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Dec 7 09:13:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ef9935becf80403d5d211cb63f8ac4cd136aa97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:af:ad:de:c0:c9:97:95:dc:62:28:84:c0:36:
13:da:6b:d9:93:44:fb:2f:fb:f4:3c:cb:20:26:7e:
40:42:36:f7:d2:33:87:39:65:7b:f6:ca:55:f0:3a:
8f:c0:1a:f4:04:74:cd:66:c3:1c:a7:ae:45:ca:78:
99:02:4a:57:dd:6d:4d:7e:77:52:d0:f6:4b:83:e7:
15:6a:df:71:cc:92:91:a1:10:8d:24:38:25:1d:80:
14:c8:ff:be:ce:5c:c8:fe:c4:1b:37:3a:c3:5b:04:
a4:5f:a9:29:04:c1:c2:55:f4:8a:c9:a6:83:c5:9a:
07:b8:52:a9:86:4d:98:df:da:08:a7:b9:90:c5:9f:
a9:c2:78:fc:0a:86:58:b0:6e:9a:1c:6f:ce:7a:94:
a7:46:5c:4e:30:31:b6:81:68:6f:e2:c0:01:84:81:
2a:c8:25:10:74:30:ef:83:c7:57:7e:70:b1:39:12:
7f:bd:6c:12:3c:f0:56:f3:d9:54:bd:f6:5e:a0:57:
a9:82:ef:4a:61:05:26:19:47:5f:1a:66:bc:01:f8:
8c:f0:7b:43:9b:eb:73:17:d7:48:07:38:53:cd:e1:
e7:5c:bc:14:a2:9f:7e:8c:18:e5:46:0b:b4:66:c0:
08:f9:8f:61:3d:cc:df:fa:43:de:bf:81:88:28:2a:
63:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F9:93:5B:EC:F8:04:03:D5:D2:11:CB:63:F8:AC:4C:D1:36:AA:97
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/PvmTW-z4BAPV0hHLY_isTNE2qpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.171.61.0-81.171.63.255
81.171.66.0/24
81.171.68.0/24
81.171.70.0/23
81.171.105.0-81.171.106.255
81.171.116.0/24
IPv6:
2001:4de0:200::/40
2001:4de0:400::/38
2001:4de0:1000::/48
2001:4de0:2000::/38
2001:4de0:3000::/39
2001:4de0:4000::/39
2001:4de0:4300::/40
2001:4de0:5010::/48
2001:4de0:6000::/40
2001:4de0:6102::/48
2001:4de0:6200::/39
2001:4de0:7001::-2001:4de0:7003:ffff:ffff:ffff:ffff:ffff
2001:4de0:ac13::/48
Signature Algorithm: sha256WithRSAEncryption
a2:56:80:c2:bc:88:5f:92:59:4e:7c:e4:f9:80:ee:5a:22:e5:
95:da:f0:ca:38:8d:9c:7a:6b:e9:d8:b3:b9:b5:3f:27:eb:be:
aa:0b:74:42:d8:84:b0:9d:6e:71:0c:98:da:af:d0:a7:e2:0b:
86:63:83:af:10:4d:33:0c:f4:72:55:53:2a:dc:c7:5f:11:b4:
f3:76:26:39:1e:2a:9e:c2:9a:95:ff:9e:cb:1b:92:dc:3e:05:
a6:1a:a0:9e:80:29:ef:16:00:e4:ca:17:00:02:6b:bf:ac:87:
d2:cf:a0:37:4d:f2:23:a8:27:22:6c:5b:57:f9:35:0f:7b:dc:
0b:e5:24:b6:33:dd:8d:ab:5d:57:60:43:ec:aa:f5:0c:ab:03:
33:0e:29:0d:02:0a:09:43:07:0d:cd:b5:eb:55:0c:98:69:29:
bb:d1:df:e5:b5:e9:d5:76:1f:a2:2b:b0:30:1e:9f:b3:d4:9d:
75:03:84:89:73:5a:4e:cb:b4:55:9e:5a:1e:db:89:d0:66:f0:
b2:b1:8d:bf:28:cf:fd:4b:31:0a:41:be:49:a7:54:55:4b:14:
f6:70:dd:42:d1:b9:39:dc:a5:04:11:3b:90:64:e2:bb:b9:3b:
52:9e:1e:77:29:f4:e6:f4:8d:99:07:7a:a3:1f:28:5a:02:a9:
24:db:6e:31
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYTr3Be0Bk5RWv1w4ZiYtgwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjIxMjA3MDkxMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWY5OTM1YmVjZjgwNDAzZDVkMjExY2I2M2Y4YWM0Y2QxMzZhYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6+t3sDJl5XcYiiEwDYT2mvZk0T7
L/v0PMsgJn5AQjb30jOHOWV79spV8DqPwBr0BHTNZsMcp65FyniZAkpX3W1NfndS
0PZLg+cVat9xzJKRoRCNJDglHYAUyP++zlzI/sQbNzrDWwSkX6kpBMHCVfSKyaaD
xZoHuFKphk2Y39oIp7mQxZ+pwnj8CoZYsG6aHG/OepSnRlxOMDG2gWhv4sABhIEq
yCUQdDDvg8dXfnCxORJ/vWwSPPBW89lUvfZeoFepgu9KYQUmGUdfGma8AfiM8HtD
m+tzF9dIBzhTzeHnXLwUop9+jBjlRgu0ZsAI+Y9hPczf+kPev4GIKCpjjQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFD75k1vs+AQD1dIRy2P4rEzRNqqXMB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvUHZtVFctejRCQVBWMGhITFlfaXNUTkUycXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDA6BAIAATA0MAwDBABR
qz0DBAZRqwADBABRq0IDBABRq0QDBAFRq0YwDAMEAFGraQMEAFGragMEAFGrdDB+
BAIAAjB4AwYAIAFN4AIDBgIgAU3gBAMHACABTeAQAAMGAiABTeAgAwYBIAFN4DAD
BgEgAU3gQAMGACABTeBDAwcAIAFN4FAQAwYAIAFN4GADBwAgAU3gYQIDBgEgAU3g
YjASAwcAIAFN4HABAwcCIAFN4HAAAwcAIAFN4KwTMA0GCSqGSIb3DQEBCwUAA4IB
AQCiVoDCvIhfkllOfOT5gO5aIuWV2vDKOI2cemvp2LO5tT8n676qC3RC2ISwnW5x
DJjar9Cn4guGY4OvEE0zDPRyVVMq3MdfEbTzdiY5HiqewpqV/57LG5LcPgWmGqCe
gCnvFgDkyhcAAmu/rIfSz6A3TfIjqCcibFtX+TUPe9wL5SS2M92Nq11XYEPsqvUM
qwMzDikNAgoJQwcNzbXrVQyYaSm70d/ltenVdh+iK7AwHp+z1J11A4SJc1pOy7RV
nloe24nQZvCysY2/KM/9SzEKQb5Jp1RVSxT2cN1C0bk53KUEETuQZOK7uTtSnh53
KfTm9I2ZB3qjHyhaAqkk224x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:17 2024 by rpki-client on console-ams.rpki-client.org