Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/PCdmy5X6pv8qDMHhzOOEEbeyiaY.roa
File: PCdmy5X6pv8qDMHhzOOEEbeyiaY.roa (raw, json)
Hash identifier: C4s9JxXL9qUt2tYgG/MJNVchr5FYhaZIcm2DdTF1vJk=
Subject key identifier: 3C:27:66:CB:95:FA:A6:FF:2A:0C:C1:E1:CC:E3:84:11:B7:B2:89:A6
Certificate issuer: /CN=0054882401b0724864a8cccbaeafe42c85240456
Certificate serial: 018259DF4EDC5B9C4C375C99C061CF2C9307
Authority key identifier: 00:54:88:24:01:B0:72:48:64:A8:CC:CB:AE:AF:E4:2C:85:24:04:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AFSIJAGwckhkqMzLrq_kLIUkBFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/PCdmy5X6pv8qDMHhzOOEEbeyiaY.roa
Signing time: Mon 01 Aug 2022 14:46:23 +0000
ROA not before: Mon 01 Aug 2022 14:46:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201863
IP address blocks: 89.207.15.0/24 maxlen: 24
89.207.14.0/24 maxlen: 24
89.207.13.0/24 maxlen: 24
89.207.12.0/24 maxlen: 24
185.187.186.0/24 maxlen: 24
185.187.185.0/24 maxlen: 24
185.187.184.0/24 maxlen: 24
185.187.187.0/24 maxlen: 24
185.32.13.0/24 maxlen: 24
185.32.12.0/24 maxlen: 24
185.32.15.0/24 maxlen: 24
185.32.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:59:df:4e:dc:5b:9c:4c:37:5c:99:c0:61:cf:2c:93:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0054882401b0724864a8cccbaeafe42c85240456
Validity
Not Before: Aug 1 14:46:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c2766cb95faa6ff2a0cc1e1cce38411b7b289a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:78:f8:dd:37:73:9a:c4:13:7e:b9:6b:b5:2d:
83:40:f8:90:8d:53:b2:31:3e:d7:d3:75:36:4e:1e:
f8:8f:0e:53:9b:3a:68:53:37:2a:55:0d:c7:1d:c6:
07:e8:54:8b:b4:32:47:62:8e:9b:57:67:e5:4e:83:
e9:c6:be:97:9f:cc:67:6b:ee:95:ec:59:78:9f:93:
fd:5a:09:0a:f1:90:ba:9c:67:2c:bd:f5:64:9c:50:
44:cc:a9:3c:f8:77:14:33:a3:c6:e8:9d:89:8d:68:
57:98:c1:b3:0a:19:a5:53:08:d7:75:8a:ca:84:6d:
34:6d:b6:d1:05:24:0f:43:3d:68:52:6f:ff:5c:d5:
db:da:9b:83:85:4d:90:12:bf:a6:7b:f0:dc:0e:94:
ad:d3:f4:21:b2:c7:fe:40:5b:dd:0e:6a:38:de:4b:
bf:7f:a3:ad:d9:b6:3a:c6:1a:f7:78:9b:4b:29:ca:
26:5e:67:27:40:fd:82:4d:1e:b1:93:4c:69:68:a4:
9b:36:78:7d:22:51:06:b9:40:6d:dd:c7:97:79:66:
c6:4b:69:10:b0:06:45:cf:53:c7:d8:14:3a:01:2c:
6e:d5:d1:15:bf:c7:89:67:a0:16:92:f6:3f:7a:23:
80:25:04:ca:d2:00:65:93:37:b8:18:80:8b:ae:7f:
0f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:27:66:CB:95:FA:A6:FF:2A:0C:C1:E1:CC:E3:84:11:B7:B2:89:A6
X509v3 Authority Key Identifier:
keyid:00:54:88:24:01:B0:72:48:64:A8:CC:CB:AE:AF:E4:2C:85:24:04:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFSIJAGwckhkqMzLrq_kLIUkBFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/PCdmy5X6pv8qDMHhzOOEEbeyiaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/AFSIJAGwckhkqMzLrq_kLIUkBFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.12.0/22
185.32.12.0/22
185.187.184.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:67:d8:f9:8d:5f:29:9c:20:26:26:8b:3f:b1:0e:16:86:6e:
4d:db:b8:f0:ed:02:64:e4:f6:7f:9d:32:55:29:22:95:4c:c0:
27:23:73:08:4e:22:88:63:9c:9c:6a:ae:20:44:32:26:00:78:
aa:ee:14:cf:22:9a:15:f3:eb:88:b1:f0:18:3e:e4:79:2d:a6:
19:7e:9d:a4:42:dd:57:d3:1d:23:6d:77:0e:5a:b0:9a:f3:f0:
67:0d:95:8d:5b:57:58:29:bb:ee:75:60:88:5f:3e:8c:eb:4e:
35:db:b8:48:82:62:89:d4:33:ab:5b:9e:b4:da:fd:e3:cf:c2:
fe:92:81:38:6b:58:85:9e:1e:d7:39:23:cd:06:b2:2d:a2:7e:
e9:32:91:db:6b:7f:9b:cf:ff:4b:93:16:3b:5a:4d:75:08:3d:
ae:32:2d:78:c8:db:42:0a:98:e4:de:58:b6:72:49:54:15:58:
27:db:54:fb:ac:a8:5c:f9:27:04:3b:b3:02:eb:ba:4b:85:39:
01:9d:71:e5:51:f2:0c:4e:3f:2e:9d:42:02:16:5b:ed:c1:e3:
1c:d4:5c:f9:ae:de:06:a5:10:9f:63:dc:37:17:01:b9:f2:4a:
f1:e4:53:1e:64:c0:6e:00:ce:91:79:74:02:15:ae:83:b9:b6:
ba:42:d9:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJZ307cW5xMN1yZwGHPLJMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTQ4ODI0MDFiMDcyNDg2NGE4Y2NjYmFlYWZlNDJjODUy
NDA0NTYwHhcNMjIwODAxMTQ0NjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzI3NjZjYjk1ZmFhNmZmMmEwY2MxZTFjY2UzODQxMWI3YjI4OWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonj43TdzmsQTfrlrtS2DQPiQjVOy
MT7X03U2Th74jw5TmzpoUzcqVQ3HHcYH6FSLtDJHYo6bV2flToPpxr6Xn8xna+6V
7Fl4n5P9WgkK8ZC6nGcsvfVknFBEzKk8+HcUM6PG6J2JjWhXmMGzChmlUwjXdYrK
hG00bbbRBSQPQz1oUm//XNXb2puDhU2QEr+me/DcDpSt0/Qhssf+QFvdDmo43ku/
f6Ot2bY6xhr3eJtLKcomXmcnQP2CTR6xk0xpaKSbNnh9IlEGuUBt3ceXeWbGS2kQ
sAZFz1PH2BQ6ASxu1dEVv8eJZ6AWkvY/eiOAJQTK0gBlkze4GICLrn8PKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDwnZsuV+qb/KgzB4czjhBG3sommMB8GA1UdIwQY
MBaAFABUiCQBsHJIZKjMy66v5CyFJARWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZTSUpBR3dja2hrcU16THJxX2tMSVVrQkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85NWZlNDQtYjAzOS00YzkzLWI5NzUt
NDZlZTk5YTFlZTMwLzEvUENkbXk1WDZwdjhxRE1IaHpPT0VFYmV5aWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85NWZlNDQtYjAzOS00YzkzLWI5NzUtNDZlZTk5YTFlZTMw
LzEvQUZTSUpBR3dja2hrcU16THJxX2tMSVVrQkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWc8MAwQC
uSAMAwQCubu4MA0GCSqGSIb3DQEBCwUAA4IBAQC0Z9j5jV8pnCAmJos/sQ4Whm5N
27jw7QJk5PZ/nTJVKSKVTMAnI3MITiKIY5ycaq4gRDImAHiq7hTPIpoV8+uIsfAY
PuR5LaYZfp2kQt1X0x0jbXcOWrCa8/BnDZWNW1dYKbvudWCIXz6M604127hIgmKJ
1DOrW5602v3jz8L+koE4a1iFnh7XOSPNBrIton7pMpHba3+bz/9LkxY7Wk11CD2u
Mi14yNtCCpjk3li2cklUFVgn21T7rKhc+ScEO7MC67pLhTkBnXHlUfIMTj8unUIC
FlvtweMc1Fz5rt4GpRCfY9w3FwG58krx5FMeZMBuAM6ReXQCFa6Duba6QtkV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:49 2025 by rpki-client