Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/PrH4QSR_V2NbibiFrKF_eCHTX_E.roa
File: PrH4QSR_V2NbibiFrKF_eCHTX_E.roa (raw, json)
Hash identifier: kv3xJJQEFfLQbUh5HIVa4qNPWRg3nnWndZqsBsXyY+k=
Subject key identifier: 3E:B1:F8:41:24:7F:57:63:5B:89:B8:85:AC:A1:7F:78:21:D3:5F:F1
Certificate issuer: /CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Certificate serial: 06718BA6
Authority key identifier: D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/PrH4QSR_V2NbibiFrKF_eCHTX_E.roa
Signing time: Mon 21 Mar 2022 17:45:23 +0000
ROA not before: Mon 21 Mar 2022 17:45:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200561
IP address blocks: 185.79.24.0/22 maxlen: 22
185.79.24.0/24 maxlen: 24
185.79.25.0/24 maxlen: 24
185.175.29.0/24 maxlen: 24
185.175.28.0/24 maxlen: 24
2a0b:cb00::/29 maxlen: 29
2a03:20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108104614 (0x6718ba6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Validity
Not Before: Mar 21 17:45:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3eb1f841247f57635b89b885aca17f7821d35ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2c:0d:48:df:c8:c2:f3:06:7c:e8:08:f3:66:
a9:a0:16:23:76:1c:e4:a1:6c:6b:3d:b4:60:5f:15:
05:a7:c4:26:09:6f:f7:b2:90:89:6c:27:e0:29:71:
53:b9:12:f3:1f:73:13:70:19:44:21:ca:fb:04:8d:
e7:15:2a:8d:94:08:ce:ea:b0:cc:54:2b:64:3e:46:
d0:e6:59:d6:f9:c0:49:4c:f0:e0:4c:71:0b:b9:48:
19:c2:6f:26:6a:5a:93:8e:e5:1c:b2:cd:fd:7b:d6:
52:da:d4:5a:ba:91:3c:60:99:12:54:2a:47:a6:7b:
69:07:15:3d:69:49:a1:f0:92:b7:c9:e7:92:2a:cc:
90:55:93:67:05:33:48:b0:e2:3b:3c:6c:cf:69:29:
b0:3f:f8:be:b4:03:e1:ef:99:9f:ed:79:cf:c4:90:
36:a9:c4:f9:64:fd:c5:9d:f4:bc:e4:5a:95:a1:c3:
68:2e:f9:fd:a6:c1:3a:63:e5:e6:f3:a8:35:33:b8:
b2:87:4d:03:ae:ed:0a:3e:9d:c4:4a:2f:d5:73:6d:
d5:3a:88:eb:5a:67:31:1e:8a:c7:72:3a:a8:e6:a0:
ad:7d:0f:b8:a7:2d:04:2f:70:1d:dc:e0:c1:b0:9f:
1f:56:76:59:50:6b:bf:2a:ea:31:09:97:a7:83:06:
9b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B1:F8:41:24:7F:57:63:5B:89:B8:85:AC:A1:7F:78:21:D3:5F:F1
X509v3 Authority Key Identifier:
keyid:D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/PrH4QSR_V2NbibiFrKF_eCHTX_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1TX4-scGL3fyS5jNXDtUqJutSDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.24.0/22
185.175.28.0/23
IPv6:
2a03:20::/32
2a0b:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
0d:7a:67:59:5e:6d:26:36:93:de:22:fc:fc:40:7f:2a:28:f8:
c9:12:19:a9:64:3a:76:45:6b:10:14:0b:07:e6:6f:05:de:be:
d2:e0:98:43:9b:f8:28:2f:25:24:8b:22:b3:6d:1c:73:52:91:
ae:9d:9a:21:bb:ec:53:30:e2:da:9b:c1:41:05:63:47:a6:6f:
42:df:2b:63:0b:ac:8f:b0:c6:35:18:c3:60:a4:3b:84:f3:56:
ba:2b:6a:b3:39:4a:7e:41:2a:27:24:db:5d:a3:6c:06:db:05:
13:bd:9b:e1:ad:b0:84:14:4f:6b:dc:ac:4f:62:f0:cf:21:9d:
d9:57:25:d4:6c:8e:e5:ef:e8:ee:b3:bb:ea:e8:0b:9f:ae:91:
dc:58:e0:de:4d:75:f3:f1:7b:5e:6f:5b:a7:73:86:f8:ce:7e:
2e:be:27:36:40:20:8b:ad:20:d1:69:2a:02:81:ed:7e:b1:10:
e6:90:ad:23:14:f9:c8:e2:58:d7:9e:25:2c:b1:44:c9:a3:00:
53:31:20:63:65:18:3e:f9:f6:f4:5c:cd:9a:9f:b3:17:5d:2c:
ca:43:fa:39:ef:17:9f:fe:b8:7c:55:25:81:e8:fd:3d:16:2c:
7a:d6:19:84:32:ad:e3:4c:fe:f3:8a:ad:57:5e:13:be:6a:c5:
b6:02:ef:d1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBnGLpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTM1ZjhmYWM3MDYyZjc3ZjI0Yjk4Y2Q1YzNiNTRhODliYWQ0ODM4MB4XDTIyMDMy
MTE3NDUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ViMWY4NDEyNDdm
NTc2MzViODliODg1YWNhMTdmNzgyMWQzNWZmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJssDUjfyMLzBnzoCPNmqaAWI3Yc5KFsaz20YF8VBafEJglv
97KQiWwn4ClxU7kS8x9zE3AZRCHK+wSN5xUqjZQIzuqwzFQrZD5G0OZZ1vnASUzw
4ExxC7lIGcJvJmpak47lHLLN/XvWUtrUWrqRPGCZElQqR6Z7aQcVPWlJofCSt8nn
kirMkFWTZwUzSLDiOzxsz2kpsD/4vrQD4e+Zn+15z8SQNqnE+WT9xZ30vORalaHD
aC75/abBOmPl5vOoNTO4sodNA67tCj6dxEov1XNt1TqI61pnMR6Kx3I6qOagrX0P
uKctBC9wHdzgwbCfH1Z2WVBrvyrqMQmXp4MGm9sCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQ+sfhBJH9XY1uJuIWsoX94IdNf8TAfBgNVHSMEGDAWgBTVNfj6xwYvd/JL
mM1cO1Som61IODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFUWDQtc2NHTDNmeVM1ak5YRHRVcUp1dFNEZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvMDk3ZGExLTdjYzktNDM0My04MDI0LWIzMTBkNzFjMmNhZC8x
L1BySDRRU1JfVjJOYmliaUZyS0ZfZUNIVFhfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
MDk3ZGExLTdjYzktNDM0My04MDI0LWIzMTBkNzFjMmNhZC8xLzFUWDQtc2NHTDNm
eVM1ak5YRHRVcUp1dFNEZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEArlPGAMEAbmvHDAUBAIAAjAOAwUA
KgMAIAMFAyoLywAwDQYJKoZIhvcNAQELBQADggEBAA16Z1lebSY2k94i/PxAfyoo
+MkSGalkOnZFaxAUCwfmbwXevtLgmEOb+CgvJSSLIrNtHHNSka6dmiG77FMw4tqb
wUEFY0emb0LfK2MLrI+wxjUYw2CkO4TzVrorarM5Sn5BKick212jbAbbBRO9m+Gt
sIQUT2vcrE9i8M8hndlXJdRsjuXv6O6zu+roC5+ukdxY4N5NdfPxe15vW6dzhvjO
fi6+JzZAIIutINFpKgKB7X6xEOaQrSMU+cjiWNeeJSyxRMmjAFMxIGNlGD759vRc
zZqfsxddLMpD+jnvF5/+uHxVJYHo/T0WLHrWGYQyreNM/vOKrVdeE75qxbYC79E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:59 2024 by rpki-client on console-fra.rpki-client.org