Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/PqdMqKscjrAw-EV4PiMDYRCTj7M.roa
File: PqdMqKscjrAw-EV4PiMDYRCTj7M.roa (raw, json)
Hash identifier: bAp8I27mJQpGk2SqOiWr7DpmMSgnuWRKt+YsM4EfMPs=
Subject key identifier: 3E:A7:4C:A8:AB:1C:8E:B0:30:F8:45:78:3E:23:03:61:10:93:8F:B3
Certificate issuer: /CN=f0ff2c6229af763a99f5349a32510df4a4526143
Certificate serial: 272C8112
Authority key identifier: F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/PqdMqKscjrAw-EV4PiMDYRCTj7M.roa
Signing time: Sat 01 Jan 2022 07:54:08 +0000
ROA not before: Sat 01 Jan 2022 07:54:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1241
IP address blocks: 46.12.0.0/16 maxlen: 24
193.92.0.0/16 maxlen: 24
79.103.0.0/16 maxlen: 24
212.54.192.0/19 maxlen: 24
130.43.0.0/17 maxlen: 24
212.251.0.0/17 maxlen: 24
194.219.0.0/16 maxlen: 24
62.1.0.0/16 maxlen: 24
77.49.0.0/16 maxlen: 24
188.4.0.0/16 maxlen: 24
195.74.224.0/19 maxlen: 24
213.16.128.0/17 maxlen: 24
46.246.128.0/17 maxlen: 24
2a02:2148::/29 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 657228050 (0x272c8112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0ff2c6229af763a99f5349a32510df4a4526143
Validity
Not Before: Jan 1 07:54:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ea74ca8ab1c8eb030f845783e23036110938fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6c:23:4c:86:f6:40:96:e1:2a:8f:de:ba:6c:
0b:61:22:4a:1a:f9:84:68:6e:7e:52:e2:92:49:39:
64:8d:65:30:d5:1f:56:25:0c:65:5a:fb:8d:cf:5a:
ad:a9:a3:63:53:e0:92:82:e2:0d:c0:d2:44:fc:5a:
fa:31:f9:db:4e:bb:c5:88:b2:e1:ca:5b:e2:00:22:
e0:0f:ef:60:a1:39:90:ba:f9:5b:a0:d4:b4:6c:ac:
b9:31:e6:67:83:1c:a3:5e:64:e1:44:c1:6e:fb:f8:
33:66:5c:f4:13:ec:cd:bd:15:05:b6:4d:94:7f:9b:
8e:d6:14:10:66:7c:79:e0:2f:4e:35:0a:28:5a:a2:
e5:56:53:5e:9a:29:e7:b1:3a:29:d3:2d:6f:d0:b0:
b8:dd:79:3d:20:eb:d5:f1:b5:48:4d:42:92:88:0f:
88:f6:66:65:51:2c:fb:ab:20:89:09:8f:f8:1b:52:
f8:22:d8:69:b0:39:d3:42:0d:c7:c0:7b:a5:0f:fa:
03:14:33:17:26:47:78:6e:a4:f7:37:03:a2:52:6b:
46:35:95:07:74:dc:85:bb:67:1f:ef:3a:f3:b7:c8:
27:e4:c8:d1:31:63:ec:95:99:f0:a9:b9:86:ef:16:
11:90:68:f3:1b:5a:33:f8:07:fd:a9:05:05:bd:69:
11:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A7:4C:A8:AB:1C:8E:B0:30:F8:45:78:3E:23:03:61:10:93:8F:B3
X509v3 Authority Key Identifier:
keyid:F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/PqdMqKscjrAw-EV4PiMDYRCTj7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/8P8sYimvdjqZ9TSaMlEN9KRSYUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.12.0.0/16
46.246.128.0/17
62.1.0.0/16
77.49.0.0/16
79.103.0.0/16
130.43.0.0/17
188.4.0.0/16
193.92.0.0/16
194.219.0.0/16
195.74.224.0/19
212.54.192.0/19
212.251.0.0/17
213.16.128.0/17
IPv6:
2a02:2148::/29
Signature Algorithm: sha256WithRSAEncryption
29:b8:26:0f:6c:98:11:8d:cb:57:54:27:12:03:77:32:7c:a3:
73:ec:21:a7:50:8b:4a:0a:a3:f7:3e:1b:2e:a9:80:13:68:e5:
ac:f5:8e:71:3c:c4:bc:b0:a6:16:c3:90:6b:e1:1d:95:b2:21:
a7:5c:c5:a0:de:bc:f9:03:40:4f:23:09:99:ae:91:07:a9:4e:
7f:e0:cc:17:7d:44:6d:b4:ac:2e:fe:b2:c9:4c:55:c2:fe:2c:
d3:43:d3:78:c0:6a:7e:e3:32:d3:63:95:bf:0d:d6:83:0e:dc:
f7:41:f9:a6:aa:0e:c1:79:b9:5f:9f:76:c5:54:8a:83:ce:51:
23:eb:32:c8:78:2e:71:98:4d:f6:54:bc:8c:d3:86:b3:13:45:
55:4a:10:62:7b:17:1f:37:7b:2a:39:f3:84:7b:cc:e8:a0:1d:
be:c0:8b:fc:63:c7:20:64:b2:72:5a:87:23:ad:cc:42:64:7c:
1d:49:ca:7b:a1:b9:1d:bd:96:89:32:76:34:5f:26:44:d2:8d:
fb:f8:79:98:59:13:2b:5d:df:fa:2d:f9:28:09:78:04:19:c7:
bc:a3:40:48:d9:dc:aa:68:78:23:e7:48:c0:cd:4a:1a:35:31:
63:d6:01:54:77:8a:9f:02:76:81:38:61:91:23:1f:12:c4:f6:
18:d1:64:ae
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIEJyyBEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MGZmMmM2MjI5YWY3NjNhOTlmNTM0OWEzMjUxMGRmNGE0NTI2MTQzMB4XDTIyMDEw
MTA3NTQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VhNzRjYThhYjFj
OGViMDMwZjg0NTc4M2UyMzAzNjExMDkzOGZiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtsI0yG9kCW4SqP3rpsC2EiShr5hGhuflLikkk5ZI1lMNUf
ViUMZVr7jc9aramjY1PgkoLiDcDSRPxa+jH52067xYiy4cpb4gAi4A/vYKE5kLr5
W6DUtGysuTHmZ4Mco15k4UTBbvv4M2Zc9BPszb0VBbZNlH+bjtYUEGZ8eeAvTjUK
KFqi5VZTXpop57E6KdMtb9CwuN15PSDr1fG1SE1CkogPiPZmZVEs+6sgiQmP+BtS
+CLYabA500INx8B7pQ/6AxQzFyZHeG6k9zcDolJrRjWVB3TchbtnH+8687fIJ+TI
0TFj7JWZ8Km5hu8WEZBo8xtaM/gH/akFBb1pEfMCAwEAAaOCAlkwggJVMB0GA1Ud
DgQWBBQ+p0yoqxyOsDD4RXg+IwNhEJOPszAfBgNVHSMEGDAWgBTw/yxiKa92Opn1
NJoyUQ30pFJhQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhQOHNZaW12ZGpxWjlUU2FNbEVOOUtSU1lVTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvMDUxZmEyLWM1ODAtNGEwMi1hMTg2LWU2OWY3YTVkMmQ5MC8x
L1BxZE1xS3NjanJBdy1FVjRQaU1EWVJDVGo3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
MDUxZmEyLWM1ODAtNGEwMi1hMTg2LWU2OWY3YTVkMmQ5MC8xLzhQOHNZaW12ZGpx
WjlUU2FNbEVOOUtSU1lVTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBv
BggrBgEFBQcBBwEB/wRgMF4wTQQCAAEwRwMDAC4MAwQHLvaAAwMAPgEDAwBNMQMD
AE9nAwQHgisAAwMAvAQDAwDBXAMDAMLbAwQFw0rgAwQF1DbAAwQH1PsAAwQH1RCA
MA0EAgACMAcDBQMqAiFIMA0GCSqGSIb3DQEBCwUAA4IBAQApuCYPbJgRjctXVCcS
A3cyfKNz7CGnUItKCqP3PhsuqYATaOWs9Y5xPMS8sKYWw5Br4R2VsiGnXMWg3rz5
A0BPIwmZrpEHqU5/4MwXfURttKwu/rLJTFXC/izTQ9N4wGp+4zLTY5W/DdaDDtz3
Qfmmqg7Beblfn3bFVIqDzlEj6zLIeC5xmE32VLyM04azE0VVShBiexcfN3sqOfOE
e8zooB2+wIv8Y8cgZLJyWocjrcxCZHwdScp7obkdvZaJMnY0XyZE0o37+HmYWRMr
Xd/6LfkoCXgEGce8o0BI2dyqaHgj50jAzUoaNTFj1gFUd4qfAnaBOGGRIx8SxPYY
0WSu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:32 2024 by rpki-client on console-ams.rpki-client.org