Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/fe34d4-59b8-4324-ad27-85069125d3bf/1/pna53dje9o0OI7ZU9pUvXrPI4_8.roa
File: pna53dje9o0OI7ZU9pUvXrPI4_8.roa (raw, json)
Hash identifier: cuoUZ0ZedS8aNQolLXXUSb6Z8XvOma+qgyAKRT5flK0=
Subject key identifier: A6:76:B9:DD:D8:DE:F6:8D:0E:23:B6:54:F6:95:2F:5E:B3:C8:E3:FF
Certificate issuer: /CN=33f650c0a0f16515a72dea601ce9ca2d4c164993
Certificate serial: 378C58B8
Authority key identifier: 33:F6:50:C0:A0:F1:65:15:A7:2D:EA:60:1C:E9:CA:2D:4C:16:49:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_ZQwKDxZRWnLepgHOnKLUwWSZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/fe34d4-59b8-4324-ad27-85069125d3bf/1/pna53dje9o0OI7ZU9pUvXrPI4_8.roa
Signing time: Sat 01 Jan 2022 06:06:11 +0000
ROA not before: Sat 01 Jan 2022 06:06:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48943
IP address blocks: 185.36.16.0/22 maxlen: 24
94.136.0.0/19 maxlen: 24
2a02:ab8::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 931944632 (0x378c58b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33f650c0a0f16515a72dea601ce9ca2d4c164993
Validity
Not Before: Jan 1 06:06:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a676b9ddd8def68d0e23b654f6952f5eb3c8e3ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e9:19:9b:06:93:d2:75:12:00:74:ae:31:cc:
c7:5d:42:b2:47:ae:c8:36:7c:cc:76:bb:b8:be:76:
4e:33:57:6a:ca:a9:2d:53:25:2c:6b:92:88:67:c9:
22:7d:e6:49:b8:5b:ea:2a:87:7d:7f:d3:48:bf:d2:
d0:c5:53:27:30:1e:ba:a5:59:22:4f:6d:de:4a:b5:
17:d2:76:a6:31:52:ff:cf:c9:d1:99:5a:18:01:2b:
3a:25:9e:1d:5a:0f:23:43:88:4c:6d:73:2d:27:f2:
e3:9a:c6:1e:3e:d4:4e:c6:4b:71:dc:35:fc:47:66:
2a:06:c1:ca:59:a6:6a:41:1e:97:43:22:86:9b:2f:
9f:75:02:71:4f:90:79:8f:de:af:fd:25:d7:10:ae:
1f:c2:e2:55:11:b6:47:47:14:d2:df:79:51:b6:9a:
2b:59:fc:64:e1:3c:71:09:4b:c5:48:57:7c:59:09:
97:d1:d1:14:61:b0:f0:e0:d1:1a:84:3f:9b:1a:45:
61:03:ed:c3:62:12:62:96:8c:f6:b3:25:3e:27:28:
e2:1b:3e:35:79:89:47:07:05:60:37:2e:10:94:ba:
74:30:3b:ef:a4:07:a8:7b:c8:28:b5:37:6e:23:73:
4a:60:61:2f:86:b3:2c:49:f0:fe:38:39:46:67:f1:
70:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:76:B9:DD:D8:DE:F6:8D:0E:23:B6:54:F6:95:2F:5E:B3:C8:E3:FF
X509v3 Authority Key Identifier:
keyid:33:F6:50:C0:A0:F1:65:15:A7:2D:EA:60:1C:E9:CA:2D:4C:16:49:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_ZQwKDxZRWnLepgHOnKLUwWSZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fe34d4-59b8-4324-ad27-85069125d3bf/1/pna53dje9o0OI7ZU9pUvXrPI4_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fe34d4-59b8-4324-ad27-85069125d3bf/1/M_ZQwKDxZRWnLepgHOnKLUwWSZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.136.0.0/19
185.36.16.0/22
IPv6:
2a02:ab8::/29
Signature Algorithm: sha256WithRSAEncryption
98:63:fc:16:47:e3:b4:59:e2:ce:71:f0:8b:88:1f:62:c7:ec:
33:8f:e7:fa:6b:94:e8:32:75:c4:0e:d1:b8:3a:4c:01:a2:b0:
ea:62:e9:5e:4d:bb:65:53:23:cb:b9:1f:35:64:44:a2:5b:d0:
30:38:62:0d:0b:1a:50:3a:ed:c9:62:5f:f1:75:bb:42:1f:83:
88:93:40:09:77:24:28:9c:e2:68:a1:24:36:1e:58:0a:33:25:
e0:8b:6a:ec:91:2c:10:dd:f9:ee:3a:51:7b:9f:71:b9:88:cd:
10:77:af:ff:87:e3:23:f0:51:d1:b3:25:74:ff:9a:8d:1f:a2:
20:7e:80:63:55:81:09:b7:e8:7d:85:9a:19:d8:21:34:15:c9:
40:c5:e0:ae:4b:a0:77:3c:04:a5:71:23:0c:12:46:49:40:e7:
26:fb:8d:77:0d:29:cf:7b:6e:5f:1a:69:8d:3d:cc:81:9a:79:
e6:33:f1:82:6f:68:68:71:00:29:ec:2b:7a:47:63:ef:32:78:
2e:b6:e4:5e:97:fb:29:9b:be:88:0f:e5:b2:1c:eb:1b:9d:1c:
0b:00:75:ed:12:34:99:22:d4:52:46:2d:b6:48:e0:07:85:53:
56:01:f6:d1:0d:4f:1b:e6:0a:43:32:a3:f8:02:70:45:e8:68:
97:86:58:3b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEN4xYuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2Y2NTBjMGEwZjE2NTE1YTcyZGVhNjAxY2U5Y2EyZDRjMTY0OTkzMB4XDTIyMDEw
MTA2MDYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY3NmI5ZGRkOGRl
ZjY4ZDBlMjNiNjU0ZjY5NTJmNWViM2M4ZTNmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPpGZsGk9J1EgB0rjHMx11CskeuyDZ8zHa7uL52TjNXasqp
LVMlLGuSiGfJIn3mSbhb6iqHfX/TSL/S0MVTJzAeuqVZIk9t3kq1F9J2pjFS/8/J
0ZlaGAErOiWeHVoPI0OITG1zLSfy45rGHj7UTsZLcdw1/EdmKgbBylmmakEel0Mi
hpsvn3UCcU+QeY/er/0l1xCuH8LiVRG2R0cU0t95UbaaK1n8ZOE8cQlLxUhXfFkJ
l9HRFGGw8ODRGoQ/mxpFYQPtw2ISYpaM9rMlPico4hs+NXmJRwcFYDcuEJS6dDA7
76QHqHvIKLU3biNzSmBhL4azLEnw/jg5RmfxcLECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSmdrnd2N72jQ4jtlT2lS9es8jj/zAfBgNVHSMEGDAWgBQz9lDAoPFlFact
6mAc6cotTBZJkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01fWlF3S0R4WlJXbkxlcGdIT25LTFV3V1NaTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvZmUzNGQ0LTU5YjgtNDMyNC1hZDI3LTg1MDY5MTI1ZDNiZi8x
L3BuYTUzZGplOW8wT0k3WlU5cFV2WHJQSTRfOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
ZmUzNGQ0LTU5YjgtNDMyNC1hZDI3LTg1MDY5MTI1ZDNiZi8xL01fWlF3S0R4WlJX
bkxlcGdIT25LTFV3V1NaTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBV6IAAMEArkkEDANBAIAAjAHAwUD
KgIKuDANBgkqhkiG9w0BAQsFAAOCAQEAmGP8FkfjtFniznHwi4gfYsfsM4/n+muU
6DJ1xA7RuDpMAaKw6mLpXk27ZVMjy7kfNWREolvQMDhiDQsaUDrtyWJf8XW7Qh+D
iJNACXckKJziaKEkNh5YCjMl4Itq7JEsEN357jpRe59xuYjNEHev/4fjI/BR0bMl
dP+ajR+iIH6AY1WBCbfofYWaGdghNBXJQMXgrkugdzwEpXEjDBJGSUDnJvuNdw0p
z3tuXxppjT3MgZp55jPxgm9oaHEAKewrekdj7zJ4LrbkXpf7KZu+iA/lshzrG50c
CwB17RI0mSLUUkYttkjgB4VTVgH20Q1PG+YKQzKj+AJwRehol4ZYOw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:41:39 2025 by rpki-client