Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/PnLcaCyKJaYPJ1hKBvXAsJezir8.roa
File: PnLcaCyKJaYPJ1hKBvXAsJezir8.roa (raw, json)
Hash identifier: UyK2OBa7yZslwkNipabZ9pkqUcczFC5l9KRQJWVjxCo=
Subject key identifier: 3E:72:DC:68:2C:8A:25:A6:0F:27:58:4A:06:F5:C0:B0:97:B3:8A:BF
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 174E67DD
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/PnLcaCyKJaYPJ1hKBvXAsJezir8.roa
Signing time: Sat 01 Jan 2022 16:03:52 +0000
ROA not before: Sat 01 Jan 2022 16:03:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48881
IP address blocks: 188.212.111.0/24 maxlen: 24
37.156.7.0/24 maxlen: 24
46.102.254.0/24 maxlen: 24
93.113.28.0/24 maxlen: 24
91.250.247.0/24 maxlen: 24
188.209.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 391014365 (0x174e67dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:03:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e72dc682c8a25a60f27584a06f5c0b097b38abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:03:92:d6:60:f7:3a:30:a1:95:7a:d9:1b:d9:
85:a1:e8:e8:ad:9f:9f:05:62:b5:52:e6:fe:bd:d9:
e5:bf:b3:2b:f8:c5:13:de:d1:a8:cd:3e:0f:dc:11:
29:fc:96:42:51:6a:56:26:1a:ae:1e:1e:2d:5b:40:
a9:cc:31:ba:f2:35:7d:7f:51:1c:75:7e:e8:bc:7c:
4d:6b:80:a6:c2:9b:f4:9d:99:e0:09:ea:b2:53:53:
71:25:fb:bd:68:32:6d:0a:88:18:2b:02:03:35:0e:
1e:bd:8c:2a:c2:0e:06:f4:bd:80:3f:98:9e:59:3e:
c6:86:9d:ca:9a:3e:30:2c:7f:be:d9:a6:cf:e2:dd:
ac:9c:80:a2:55:d3:b5:d7:ba:54:b1:94:81:39:6e:
99:bf:fe:cf:51:ae:33:a5:d0:62:22:01:bd:ab:0f:
60:14:45:d9:53:ce:98:7f:df:bd:58:16:e7:5f:b5:
de:07:77:d0:8e:b6:11:00:9a:d6:dc:51:25:a6:90:
2a:7f:92:b0:40:ac:b2:94:97:a1:38:0d:e3:07:fa:
fe:10:f7:e3:21:9e:14:20:6b:2c:37:4f:16:d0:d5:
4b:c4:0a:af:a7:ce:a0:9e:4d:07:6f:99:ee:b8:30:
58:8d:5b:c5:84:4d:36:8e:19:40:c0:b4:da:5a:14:
cc:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:72:DC:68:2C:8A:25:A6:0F:27:58:4A:06:F5:C0:B0:97:B3:8A:BF
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/PnLcaCyKJaYPJ1hKBvXAsJezir8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.7.0/24
46.102.254.0/24
91.250.247.0/24
93.113.28.0/24
188.209.212.0/24
188.212.111.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:e2:74:9d:cc:8d:62:98:c4:56:a9:cf:83:cb:b0:75:31:e1:
7e:0d:be:7b:66:08:54:03:1b:ce:e7:06:0e:88:f4:2b:44:39:
a6:e2:ec:5a:f9:9d:19:ce:17:63:44:5b:08:b4:9a:f7:a3:57:
29:ea:c7:89:a7:a5:9f:a6:11:d7:79:88:f1:8a:9d:fb:e7:9b:
7d:cf:fa:ed:2d:c9:4a:34:ad:c2:54:67:de:cd:4b:84:eb:54:
47:ff:e5:bf:38:60:5b:81:48:8f:2b:61:c4:fb:78:42:f8:6e:
c4:56:87:3a:e9:5f:24:23:c8:ec:d6:6b:f2:9a:e8:cb:a4:fd:
a0:39:ac:44:69:28:51:6b:3f:64:a1:00:02:59:43:9b:2c:9c:
3c:99:cb:a7:ca:3b:55:b3:7f:58:ff:95:19:63:bb:82:5f:29:
0b:4e:32:a4:45:25:56:8a:84:43:4f:d1:8f:ab:3e:1e:49:73:
f7:92:b7:45:4e:a8:7a:2c:3f:80:05:c8:d9:28:4b:5f:f2:1b:
ea:89:b5:0e:a8:b8:d3:79:9c:cd:03:bc:29:99:02:77:be:68:
f0:c4:dc:b4:b5:93:6d:d3:58:02:a9:cf:6c:8a:23:16:b7:f9:
ee:94:93:07:8f:e7:e4:26:19:04:9a:c4:63:04:23:0f:f9:b0:
c5:e3:64:cd
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEF05n3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGYxMzJkZjEzZTRiZTUzZDgyNTBjOGM0ODQyMDI2NGVlZjZjMTRjMB4XDTIyMDEw
MTE2MDM1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U3MmRjNjgyYzhh
MjVhNjBmMjc1ODRhMDZmNWMwYjA5N2IzOGFiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMADktZg9zowoZV62RvZhaHo6K2fnwVitVLm/r3Z5b+zK/jF
E97RqM0+D9wRKfyWQlFqViYarh4eLVtAqcwxuvI1fX9RHHV+6Lx8TWuApsKb9J2Z
4AnqslNTcSX7vWgybQqIGCsCAzUOHr2MKsIOBvS9gD+Ynlk+xoadypo+MCx/vtmm
z+LdrJyAolXTtde6VLGUgTlumb/+z1GuM6XQYiIBvasPYBRF2VPOmH/fvVgW51+1
3gd30I62EQCa1txRJaaQKn+SsECsspSXoTgN4wf6/hD34yGeFCBrLDdPFtDVS8QK
r6fOoJ5NB2+Z7rgwWI1bxYRNNo4ZQMC02loUzA0CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQ+ctxoLIolpg8nWEoG9cCwl7OKvzAfBgNVHSMEGDAWgBR98TLfE+S+U9gl
DIxIQgJk7vbBTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZmRXkzeFBrdmxQWUpReU1TRUlDWk83MndVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvYzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8x
L1BuTGNhQ3lLSmFZUEoxaEtCdlhBc0plemlyOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
YzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8xL2ZmRXkzeFBrdmxQ
WUpReU1TRUlDWk83MndVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEACWcBwMEAC5m/gMEAFv69wMEAF1x
HAMEALzR1AMEALzUbzANBgkqhkiG9w0BAQsFAAOCAQEAi+J0ncyNYpjEVqnPg8uw
dTHhfg2+e2YIVAMbzucGDoj0K0Q5puLsWvmdGc4XY0RbCLSa96NXKerHiaeln6YR
13mI8Yqd++ebfc/67S3JSjStwlRn3s1LhOtUR//lvzhgW4FIjythxPt4QvhuxFaH
OulfJCPI7NZr8proy6T9oDmsRGkoUWs/ZKEAAllDmyycPJnLp8o7VbN/WP+VGWO7
gl8pC04ypEUlVoqEQ0/Rj6s+Hklz95K3RU6oeiw/gAXI2ShLX/Ib6om1Dqi403mc
zQO8KZkCd75o8MTctLWTbdNYAqnPbIojFrf57pSTB4/n5CYZBJrEYwQjD/mwxeNk
zQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:31 2025 by rpki-client