Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/PXFMNxugKSM9MfSfzzcwaFx1M8U.roa
File: PXFMNxugKSM9MfSfzzcwaFx1M8U.roa (raw, json)
Hash identifier: W2nw0n3p+SJh+wIF2uEn8hC7SRzBs/Oq/R1dxm3ZXqY=
Subject key identifier: 3D:71:4C:37:1B:A0:29:23:3D:31:F4:9F:CF:37:30:68:5C:75:33:C5
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0435C7F6
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/PXFMNxugKSM9MfSfzzcwaFx1M8U.roa
Signing time: Sat 19 Mar 2022 08:40:02 +0000
ROA not before: Sat 19 Mar 2022 08:40:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200740
IP address blocks: 185.117.116.0/24 maxlen: 24
185.103.252.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
45.9.72.0/24 maxlen: 24
91.217.76.0/24 maxlen: 24
185.103.254.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
194.36.178.0/23 maxlen: 23
46.17.105.0/24 maxlen: 24
2a04:5201:4::/48 maxlen: 48
2a04:5200:68::/48 maxlen: 48
2a04:5201:6::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70633462 (0x435c7f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 19 08:40:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d714c371ba029233d31f49fcf3730685c7533c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:df:09:13:6a:84:c2:25:ba:50:c4:bb:f6:48:
9c:94:d9:06:77:f2:ee:79:b2:1c:66:72:e6:1e:de:
24:6e:80:46:a3:af:a2:53:18:80:72:5e:3d:bc:90:
89:a8:9a:b0:45:37:5d:13:cb:88:b8:ab:ef:4d:a7:
34:56:69:51:95:95:93:f2:a1:f7:c4:1b:35:4e:5a:
2b:78:6c:90:f4:ad:bc:f0:fd:f2:95:70:2a:4d:55:
a8:c1:50:31:ed:40:20:b6:9a:07:7a:4a:5e:3e:d6:
13:98:cc:ce:92:af:bf:32:f5:e9:43:d9:be:cc:15:
c8:85:76:fa:2f:9f:4f:91:17:03:19:8c:1c:48:5c:
12:26:d0:1a:61:7e:ee:b8:fc:ff:47:37:89:e7:b9:
92:83:84:0a:a1:c0:69:16:c9:07:91:7a:e4:05:9a:
21:40:39:9a:e1:74:c2:ab:77:eb:28:39:ee:25:af:
75:73:02:41:d1:8a:4b:06:3a:78:2b:3d:d7:07:a0:
6d:7c:d5:7e:f4:42:04:c4:d3:bb:2e:a4:eb:bc:e9:
aa:02:ba:c1:78:f9:72:5d:7d:20:e1:1a:81:9a:ee:
82:70:47:0f:25:c7:65:c5:2b:fc:f1:c4:e6:17:11:
fe:7a:fc:ab:64:76:80:22:79:32:b5:01:97:02:46:
3f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:71:4C:37:1B:A0:29:23:3D:31:F4:9F:CF:37:30:68:5C:75:33:C5
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/PXFMNxugKSM9MfSfzzcwaFx1M8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
46.17.105.0/24
91.217.76.0/24
185.103.252.0/22
185.117.116.0/24
185.117.119.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:8018::/48
Signature Algorithm: sha256WithRSAEncryption
1c:6a:97:24:10:fa:f1:61:04:b8:57:37:e5:5a:32:3a:96:93:
09:e3:eb:24:4b:77:d2:2f:3c:94:95:d8:bc:91:86:29:b9:c6:
f5:d3:e2:22:66:f9:c6:88:b8:f7:2e:68:16:02:77:c5:ed:bb:
3d:fd:bf:26:32:87:51:d0:d5:cd:68:3c:98:e3:1b:93:c3:13:
57:3c:fe:45:fe:92:ae:6d:9a:ba:98:40:ce:e7:f3:4b:dd:36:
d1:31:23:44:ef:6b:8d:00:2e:30:3d:d4:ba:5e:1b:f1:b2:08:
68:dc:ab:a4:1b:15:f5:e6:e9:9e:69:de:7c:26:6d:ad:9f:10:
c4:2f:0d:68:ce:12:2b:75:39:3f:64:98:40:4f:07:fb:b0:5b:
6c:0f:b6:1f:20:0a:ca:14:84:89:87:d1:b3:12:bb:6f:57:79:
13:82:b2:95:43:64:b1:49:f0:d1:31:71:4c:c6:28:c9:13:98:
2c:21:01:4f:ae:60:55:4a:13:8d:29:e3:dc:59:03:2f:11:a9:
a6:34:93:ca:7d:c9:ae:a2:eb:7d:aa:88:22:a6:cb:02:d9:8d:
ba:2f:f7:31:9f:3e:3d:ec:30:96:46:3c:c2:3f:5a:aa:92:b9:
b3:d7:28:b8:90:16:dc:99:c2:12:f4:99:03:5d:d8:3f:ae:5f:
9a:b5:35:79
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIEBDXH9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMx
OTA4NDAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Q3MTRjMzcxYmEw
MjkyMzNkMzFmNDlmY2YzNzMwNjg1Yzc1MzNjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3fCRNqhMIlulDEu/ZInJTZBnfy7nmyHGZy5h7eJG6ARqOv
olMYgHJePbyQiaiasEU3XRPLiLir702nNFZpUZWVk/Kh98QbNU5aK3hskPStvPD9
8pVwKk1VqMFQMe1AILaaB3pKXj7WE5jMzpKvvzL16UPZvswVyIV2+i+fT5EXAxmM
HEhcEibQGmF+7rj8/0c3iee5koOECqHAaRbJB5F65AWaIUA5muF0wqt36yg57iWv
dXMCQdGKSwY6eCs91wegbXzVfvRCBMTTuy6k67zpqgK6wXj5cl19IOEagZrugnBH
DyXHZcUr/PHE5hcR/nr8q2R2gCJ5MrUBlwJGP60CAwEAAaOCAmIwggJeMB0GA1Ud
DgQWBBQ9cUw3G6ApIz0x9J/PNzBoXHUzxTAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L1BYRk1OeHVnS1NNOU1mU2Z6emN3YUZ4MU04VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB4
BggrBgEFBQcBBwEB/wRpMGcwMAQCAAEwKgMEAC0JSAMEAC4RaQMEAFvZTAMEArln
/AMEALl1dAMEALl1dwMEAcIksjAzBAIAAjAtAwcAKgRSAABoAwcAKgRSAQACAwcA
KgRSAQAEAwcBKgRSAQAGAwcAKgRSAYAYMA0GCSqGSIb3DQEBCwUAA4IBAQAcapck
EPrxYQS4VzflWjI6lpMJ4+skS3fSLzyUldi8kYYpucb10+IiZvnGiLj3LmgWAnfF
7bs9/b8mModR0NXNaDyY4xuTwxNXPP5F/pKubZq6mEDO5/NL3TbRMSNE72uNAC4w
PdS6Xhvxsgho3KukGxX15umead58Jm2tnxDELw1ozhIrdTk/ZJhATwf7sFtsD7Yf
IArKFISJh9GzErtvV3kTgrKVQ2SxSfDRMXFMxijJE5gsIQFPrmBVShONKePcWQMv
EammNJPKfcmuout9qogipssC2Y26L/cxnz497DCWRjzCP1qqkrmz1yi4kBbcmcIS
9JkDXdg/rl+atTV5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:37 2023 by rpki-client on console-fra.rpki-client.org