Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/Plq4Z_3KilucUh-DG99n-52mAAg.roa
File: Plq4Z_3KilucUh-DG99n-52mAAg.roa (raw, json)
Hash identifier: 16MFHVi0EeID5pahGRh1l1Gj0c/rxfMbfqIf9IV9IzA=
Subject key identifier: 3E:5A:B8:67:FD:CA:8A:5B:9C:52:1F:83:1B:DF:67:FB:9D:A6:00:08
Certificate issuer: /CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Certificate serial: 0187999EEBD46A332450BAB5382B1AC4EC0E
Authority key identifier: 42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/Plq4Z_3KilucUh-DG99n-52mAAg.roa
Signing time: Wed 19 Apr 2023 13:05:41 +0000
ROA not before: Wed 19 Apr 2023 13:05:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 185.206.71.0/24 maxlen: 24
194.146.156.0/24 maxlen: 24
194.146.157.0/24 maxlen: 24
194.146.158.0/24 maxlen: 24
194.146.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:9e:eb:d4:6a:33:24:50:ba:b5:38:2b:1a:c4:ec:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Validity
Not Before: Apr 19 13:05:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e5ab867fdca8a5b9c521f831bdf67fb9da60008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:97:c7:70:39:e9:76:fc:6f:a7:90:63:15:23:
d9:90:69:ee:ad:45:40:ab:91:a8:af:f2:11:cf:c3:
c6:b5:4a:a0:72:44:b6:e1:0d:52:6c:ad:34:76:64:
45:fa:cf:af:af:5a:eb:0f:32:4e:a8:36:ea:3c:f1:
d5:7c:b8:c2:75:62:5c:a0:ac:69:27:0b:cb:b3:88:
7a:74:15:15:06:55:59:b9:68:0a:92:8b:a5:46:47:
89:20:94:cd:76:08:c3:a4:09:c6:40:2a:47:a8:35:
c0:2a:f6:ae:36:42:39:9e:c5:20:0b:26:49:05:15:
45:f1:00:4f:70:5a:af:e4:9e:7e:a4:bf:e3:e7:d3:
81:ed:b9:60:54:56:63:66:f8:a0:25:3f:d9:58:37:
1f:49:3b:c8:6f:a2:21:9a:a1:d3:1e:85:57:86:ce:
b0:e2:14:aa:70:b0:c4:ea:1f:70:90:3b:3a:fb:38:
9c:55:c1:ab:08:4e:3a:01:43:4a:58:f0:ba:1d:a4:
70:3b:42:44:54:33:53:90:e1:77:84:82:fb:b1:0c:
05:e4:5d:10:09:25:57:cc:e0:93:d5:5e:71:5e:ea:
82:6f:18:6e:83:46:fb:de:1d:ba:ad:a1:47:87:17:
eb:61:c3:f7:75:37:b4:4e:87:0f:d9:68:0f:20:f8:
1a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5A:B8:67:FD:CA:8A:5B:9C:52:1F:83:1B:DF:67:FB:9D:A6:00:08
X509v3 Authority Key Identifier:
keyid:42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/Plq4Z_3KilucUh-DG99n-52mAAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.71.0/24
194.146.156.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:4d:b5:68:a0:55:b4:7d:1f:33:10:f5:2e:3d:e3:b3:df:20:
f0:c0:cd:e0:f8:3c:4f:e8:50:eb:e7:88:76:c6:f1:26:a6:93:
26:8e:a3:74:88:5c:31:f2:7e:c1:4f:c9:b8:50:ec:0b:ac:20:
dd:22:f8:7d:9b:30:a5:59:cd:78:ad:27:d0:68:57:9c:98:71:
42:6a:23:53:dd:49:ef:7b:d2:6b:22:b8:c1:0d:3e:47:00:d4:
f6:7a:b2:2c:f5:85:46:74:60:1e:8d:fb:33:0c:cc:a3:3d:a6:
f3:80:7b:f8:a6:56:52:10:eb:e9:43:e0:58:fd:b3:ca:29:b6:
b0:f4:67:a3:9a:2b:07:f6:c7:ce:70:a6:06:7e:50:43:4f:c1:
b1:31:ff:5d:b7:68:f5:3d:03:51:00:5f:8f:00:e7:21:1f:9d:
db:08:3e:14:40:44:5a:c7:4a:07:13:8f:92:42:05:04:3d:94:
fa:be:e1:b3:6c:cc:89:23:34:64:a6:8c:c4:ec:4c:66:71:65:
99:9e:e3:d2:8c:ee:fb:e0:79:61:2f:95:30:07:81:8c:16:c3:
c4:3f:78:79:f2:ad:77:50:9a:0f:09:9e:c0:00:2c:5c:91:04:
69:ab:7f:47:df:48:e1:88:29:cb:8d:cb:6e:71:3c:4a:90:8c:
89:a7:68:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeZnuvUajMkULq1OCsaxOwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzRjOTBlZDE2YWEyMGU0OTE3ODQyMGJmYzg0YTg4M2Mx
MmFjNjgwHhcNMjMwNDE5MTMwNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTVhYjg2N2ZkY2E4YTViOWM1MjFmODMxYmRmNjdmYjlkYTYwMDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJfHcDnpdvxvp5BjFSPZkGnurUVA
q5Gor/IRz8PGtUqgckS24Q1SbK00dmRF+s+vr1rrDzJOqDbqPPHVfLjCdWJcoKxp
JwvLs4h6dBUVBlVZuWgKkoulRkeJIJTNdgjDpAnGQCpHqDXAKvauNkI5nsUgCyZJ
BRVF8QBPcFqv5J5+pL/j59OB7blgVFZjZvigJT/ZWDcfSTvIb6IhmqHTHoVXhs6w
4hSqcLDE6h9wkDs6+zicVcGrCE46AUNKWPC6HaRwO0JEVDNTkOF3hIL7sQwF5F0Q
CSVXzOCT1V5xXuqCbxhug0b73h26raFHhxfrYcP3dTe0TocP2WgPIPgaIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD5auGf9yopbnFIfgxvfZ/udpgAIMB8GA1UdIwQY
MBaAFELEyQ7RaqIOSReEIL/ISog8EqxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYt
YThlNGU3MWJlZTUxLzEvUGxxNFpfM0tpbHVjVWgtREc5OW4tNTJtQUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYtYThlNGU3MWJlZTUx
LzEvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuc5HAwQC
wpKcMA0GCSqGSIb3DQEBCwUAA4IBAQBLTbVooFW0fR8zEPUuPeOz3yDwwM3g+DxP
6FDr54h2xvEmppMmjqN0iFwx8n7BT8m4UOwLrCDdIvh9mzClWc14rSfQaFecmHFC
aiNT3Unve9JrIrjBDT5HANT2erIs9YVGdGAejfszDMyjPabzgHv4plZSEOvpQ+BY
/bPKKbaw9GejmisH9sfOcKYGflBDT8GxMf9dt2j1PQNRAF+PAOchH53bCD4UQERa
x0oHE4+SQgUEPZT6vuGzbMyJIzRkpozE7ExmcWWZnuPSjO774HlhL5UwB4GMFsPE
P3h58q13UJoPCZ7AACxckQRpq39H30jhiCnLjctucTxKkIyJp2j+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:47 2025 by rpki-client