Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/110086-c0c3-4790-95ab-055112560fc9/1/PNGcTGYZshJonqhBmC8zWoEs9ls.roa
File: PNGcTGYZshJonqhBmC8zWoEs9ls.roa (raw, json)
Hash identifier: eN3hsj9vFvQ/f6jKfaaSYR4VAXuxDCPTPYgL0Jr0mxg=
Subject key identifier: 3C:D1:9C:4C:66:19:B2:12:68:9E:A8:41:98:2F:33:5A:81:2C:F6:5B
Certificate issuer: /CN=3b68e5460dba5871dbe5232148439e215b29bd44
Certificate serial: 070087DE
Authority key identifier: 3B:68:E5:46:0D:BA:58:71:DB:E5:23:21:48:43:9E:21:5B:29:BD:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O2jlRg26WHHb5SMhSEOeIVspvUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/110086-c0c3-4790-95ab-055112560fc9/1/PNGcTGYZshJonqhBmC8zWoEs9ls.roa
Signing time: Sat 01 Jan 2022 05:00:08 +0000
ROA not before: Sat 01 Jan 2022 05:00:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209252
IP address blocks: 85.208.30.0/24 maxlen: 24
85.208.31.0/24 maxlen: 24
85.208.28.0/24 maxlen: 24
85.208.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117475294 (0x70087de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b68e5460dba5871dbe5232148439e215b29bd44
Validity
Not Before: Jan 1 05:00:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3cd19c4c6619b212689ea841982f335a812cf65b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:90:3f:65:a3:2f:d1:89:11:52:76:79:18:ea:
90:59:30:c7:3c:15:4f:38:b9:51:ee:10:0c:49:86:
f4:1e:e2:15:64:d9:85:f4:20:de:58:a3:f9:a7:12:
f1:86:d4:29:5c:6a:b7:3c:a3:e0:ca:d6:49:76:01:
24:b1:4b:16:c0:a0:94:32:f7:b7:bf:da:c9:66:59:
83:13:97:20:f4:82:8c:cb:6e:fe:eb:f9:42:06:73:
5f:f2:93:ef:15:de:d2:13:cb:7d:d4:ab:f6:de:77:
bd:a7:d9:0d:32:f6:cc:1c:12:ca:00:91:b8:23:81:
74:fd:eb:06:e5:14:16:7a:c1:1b:36:d2:29:79:3f:
04:59:77:84:8b:8a:62:0b:50:9d:0f:5d:ab:a2:fe:
c5:78:de:fe:1e:7f:0f:25:76:24:f7:e6:dc:42:6a:
58:a7:b6:c4:0e:c0:91:ae:76:c5:86:95:03:58:8f:
31:56:f9:4a:10:1e:59:f8:10:52:4d:68:ee:29:ae:
ff:db:5c:97:ed:9b:06:b7:24:57:8e:6c:00:62:09:
c3:d5:aa:b8:81:5f:22:17:da:e8:5b:ef:a3:a1:19:
18:46:d7:7e:ae:93:0f:4c:d7:39:1d:80:16:6f:c5:
bc:d3:01:96:e1:24:de:5d:c9:cd:16:8e:10:47:fb:
37:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D1:9C:4C:66:19:B2:12:68:9E:A8:41:98:2F:33:5A:81:2C:F6:5B
X509v3 Authority Key Identifier:
keyid:3B:68:E5:46:0D:BA:58:71:DB:E5:23:21:48:43:9E:21:5B:29:BD:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2jlRg26WHHb5SMhSEOeIVspvUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/110086-c0c3-4790-95ab-055112560fc9/1/PNGcTGYZshJonqhBmC8zWoEs9ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/110086-c0c3-4790-95ab-055112560fc9/1/O2jlRg26WHHb5SMhSEOeIVspvUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.28.0/22
Signature Algorithm: sha256WithRSAEncryption
73:90:ca:d0:cc:08:5e:e3:07:0a:ba:7b:f1:e9:dc:bb:c7:95:
5c:eb:c0:84:78:05:d5:fe:72:21:6a:1a:56:c9:d9:a1:d6:31:
47:9f:27:ad:15:90:54:86:f3:b5:aa:05:b2:59:e3:12:27:91:
e5:51:9e:b1:09:22:d7:b4:63:f4:84:4f:35:40:4d:f1:aa:cb:
61:26:58:52:d9:39:14:11:37:aa:bb:52:30:34:86:7f:de:64:
4b:d1:e2:1d:7c:68:63:6c:c7:6e:7f:27:2b:c3:b6:39:12:0a:
76:88:68:0d:da:b4:a8:06:f8:54:7e:fb:10:a1:94:69:fc:6a:
13:83:1e:64:1f:da:1c:19:d6:c3:3d:10:19:5f:e8:8b:c9:20:
f7:30:e7:7a:37:15:ef:42:21:90:dc:77:8b:39:56:dd:0f:6a:
fc:da:de:2f:bf:95:15:1a:9a:48:67:a0:d7:1d:f5:8d:69:df:
47:52:c5:5a:16:97:df:d5:f2:ff:cf:fe:68:a9:fd:e2:4a:f7:
f1:1f:09:1a:b9:f6:97:37:37:29:3e:c0:22:95:b0:13:11:41:
6b:58:68:24:fa:8b:63:32:7e:20:35:24:94:5f:b8:e1:ad:36:
ed:46:34:3c:38:bd:a8:30:c4:0d:d7:05:53:a5:f0:80:b8:4e:
b0:f8:85:82
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBwCH3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjY4ZTU0NjBkYmE1ODcxZGJlNTIzMjE0ODQzOWUyMTViMjliZDQ0MB4XDTIyMDEw
MTA1MDAwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2NkMTljNGM2NjE5
YjIxMjY4OWVhODQxOTgyZjMzNWE4MTJjZjY1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANaQP2WjL9GJEVJ2eRjqkFkwxzwVTzi5Ue4QDEmG9B7iFWTZ
hfQg3lij+acS8YbUKVxqtzyj4MrWSXYBJLFLFsCglDL3t7/ayWZZgxOXIPSCjMtu
/uv5QgZzX/KT7xXe0hPLfdSr9t53vafZDTL2zBwSygCRuCOBdP3rBuUUFnrBGzbS
KXk/BFl3hIuKYgtQnQ9dq6L+xXje/h5/DyV2JPfm3EJqWKe2xA7Aka52xYaVA1iP
MVb5ShAeWfgQUk1o7imu/9tcl+2bBrckV45sAGIJw9WquIFfIhfa6Fvvo6EZGEbX
fq6TD0zXOR2AFm/FvNMBluEk3l3JzRaOEEf7N90CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ80ZxMZhmyEmieqEGYLzNagSz2WzAfBgNVHSMEGDAWgBQ7aOVGDbpYcdvl
IyFIQ54hWym9RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08yamxSZzI2V0hIYjVTTWhTRU9lSVZzcHZVUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvMTEwMDg2LWMwYzMtNDc5MC05NWFiLTA1NTExMjU2MGZjOS8x
L1BOR2NUR1lac2hKb25xaEJtQzh6V29Fczlscy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
MTEwMDg2LWMwYzMtNDc5MC05NWFiLTA1NTExMjU2MGZjOS8xL08yamxSZzI2V0hI
YjVTTWhTRU9lSVZzcHZVUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlXQHDANBgkqhkiG9w0BAQsFAAOC
AQEAc5DK0MwIXuMHCrp78encu8eVXOvAhHgF1f5yIWoaVsnZodYxR58nrRWQVIbz
taoFslnjEieR5VGesQki17Rj9IRPNUBN8arLYSZYUtk5FBE3qrtSMDSGf95kS9Hi
HXxoY2zHbn8nK8O2ORIKdohoDdq0qAb4VH77EKGUafxqE4MeZB/aHBnWwz0QGV/o
i8kg9zDnejcV70IhkNx3izlW3Q9q/NreL7+VFRqaSGeg1x31jWnfR1LFWhaX39Xy
/8/+aKn94kr38R8JGrn2lzc3KT7AIpWwExFBa1hoJPqLYzJ+IDUklF+44a027UY0
PDi9qDDEDdcFU6XwgLhOsPiFgg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:50 2025 by rpki-client