Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PzRPCj5vbgcRdAl927TcOg8qgUQ.roa
File: PzRPCj5vbgcRdAl927TcOg8qgUQ.roa (raw, json)
Hash identifier: 1XUooU9BnzHxo27yMeiMVInH6QIO2Eb4t0nlP4rnGFE=
Subject key identifier: 3F:34:4F:0A:3E:6F:6E:07:11:74:09:7D:DB:B4:DC:3A:0F:2A:81:44
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 07C9A282
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PzRPCj5vbgcRdAl927TcOg8qgUQ.roa
Signing time: Wed 04 May 2022 16:06:10 +0000
ROA not before: Wed 04 May 2022 16:06:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210876
IP address blocks: 194.35.40.0/24 maxlen: 24
185.255.124.0/22 maxlen: 22
45.134.84.0/23 maxlen: 23
45.134.84.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130654850 (0x7c9a282)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 4 16:06:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f344f0a3e6f6e071174097ddbb4dc3a0f2a8144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ec:a8:2c:bd:22:fe:28:d4:77:87:7d:70:7f:
85:cb:57:63:a1:22:5e:55:20:11:f2:85:42:f0:8f:
56:1f:8d:08:a9:4e:ec:be:f2:6c:42:9a:3d:87:68:
6a:25:b3:e7:b6:d2:c3:4d:03:1b:ac:f3:a4:9e:a0:
d7:de:08:56:c7:e3:fa:41:e5:96:f7:c7:cc:3d:fb:
aa:9c:7b:b3:81:5d:c2:f1:00:27:37:76:c3:1b:8f:
f3:1a:e2:5d:a2:00:98:30:c4:48:27:ca:01:ae:73:
b9:ff:95:be:f6:e0:24:70:ce:cc:4c:de:f3:82:a3:
3b:71:85:14:5d:2a:96:33:23:b8:57:e4:fa:ba:81:
54:da:f7:d4:c1:bf:20:f5:57:bf:78:23:bd:4f:20:
96:ed:9e:21:79:2d:0c:bd:c5:b7:d3:f1:fa:35:82:
be:e0:b3:75:3f:55:27:53:25:6f:d5:b5:f3:20:93:
58:4d:eb:77:4a:ad:14:8c:df:fc:35:2d:cb:80:68:
0d:cb:19:86:7f:ac:c4:43:3a:20:f0:b9:f5:2d:71:
2c:e9:0b:c0:10:63:d2:7d:70:7e:15:61:49:db:7a:
ef:e2:bd:6b:01:4d:bd:cf:fa:a2:12:27:75:0a:54:
39:ac:7e:7e:5b:f7:c4:26:b7:47:24:13:cf:89:e7:
2a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:34:4F:0A:3E:6F:6E:07:11:74:09:7D:DB:B4:DC:3A:0F:2A:81:44
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PzRPCj5vbgcRdAl927TcOg8qgUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
45.147.116.0/22
185.255.124.0/22
194.35.40.0/24
Signature Algorithm: sha256WithRSAEncryption
64:2f:54:d1:8d:85:fd:da:e0:13:bc:00:b1:50:56:15:48:3c:
bc:d3:29:00:dd:a7:6b:cb:1a:e7:39:7d:69:3f:07:de:6f:f7:
1a:ad:bc:80:99:5f:d1:ea:05:f7:1b:00:5d:e2:27:2d:32:6b:
92:d8:5f:f3:75:00:96:be:cc:68:c9:3f:e8:8a:ae:eb:8f:23:
e4:37:fc:7b:2a:e5:fc:86:a1:80:9d:9c:00:02:c1:e3:1e:fb:
f1:b6:cd:36:c4:11:62:a6:04:0a:76:80:31:94:cb:a9:1a:55:
a0:de:54:d0:d0:d4:7e:78:f4:ca:55:ad:f2:aa:ae:b7:f7:78:
b1:8d:40:35:03:11:6f:64:3f:7f:6b:c9:ba:b1:1c:5f:e8:ca:
19:81:7f:cc:bd:41:94:97:dc:5e:c9:18:48:3e:ac:3f:48:80:
19:3a:f6:fa:3f:9f:57:90:e5:22:41:c7:86:8f:2a:f9:6b:e8:
e6:ae:b8:e2:b1:58:70:7e:69:41:00:64:b0:cc:21:a9:3d:30:
6d:c9:a9:61:e8:d6:26:4f:fa:ac:48:27:21:18:c4:1e:35:9f:
8d:75:fc:bb:6e:25:17:0c:8a:e7:74:c9:67:bb:e5:2f:66:ea:
18:c6:8e:35:64:b7:e9:00:c8:7d:2e:70:72:ba:ab:fd:ff:61:
1c:60:90:72
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEB8migjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY3ODRjMTA1MDg1YjlkNmFkNWY3M2EwM2IyMGQ5YTVjMTE0Y2FmMB4XDTIyMDUw
NDE2MDYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2YzNDRmMGEzZTZm
NmUwNzExNzQwOTdkZGJiNGRjM2EwZjJhODE0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvsqCy9Iv4o1HeHfXB/hctXY6EiXlUgEfKFQvCPVh+NCKlO
7L7ybEKaPYdoaiWz57bSw00DG6zzpJ6g194IVsfj+kHllvfHzD37qpx7s4FdwvEA
Jzd2wxuP8xriXaIAmDDESCfKAa5zuf+VvvbgJHDOzEze84KjO3GFFF0qljMjuFfk
+rqBVNr31MG/IPVXv3gjvU8glu2eIXktDL3Ft9Px+jWCvuCzdT9VJ1Mlb9W18yCT
WE3rd0qtFIzf/DUty4BoDcsZhn+sxEM6IPC59S1xLOkLwBBj0n1wfhVhSdt67+K9
awFNvc/6ohIndQpUOax+flv3xCa3RyQTz4nnKhMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ/NE8KPm9uBxF0CX3btNw6DyqBRDAfBgNVHSMEGDAWgBRgZ4TBBQhbnWrV
9zoDsg2aXBFMrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8x
L1B6UlBDajV2YmdjUmRBbDkyN1RjT2c4cWdVUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8xL1lHZUV3UVVJVzUx
cTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAi2GVAMEAi2TdAMEArn/fAMEAMIj
KDANBgkqhkiG9w0BAQsFAAOCAQEAZC9U0Y2F/drgE7wAsVBWFUg8vNMpAN2na8sa
5zl9aT8H3m/3Gq28gJlf0eoF9xsAXeInLTJrkthf83UAlr7MaMk/6Iqu648j5Df8
eyrl/IahgJ2cAALB4x778bbNNsQRYqYECnaAMZTLqRpVoN5U0NDUfnj0ylWt8qqu
t/d4sY1ANQMRb2Q/f2vJurEcX+jKGYF/zL1BlJfcXskYSD6sP0iAGTr2+j+fV5Dl
IkHHho8q+Wvo5q644rFYcH5pQQBksMwhqT0wbcmpYejWJk/6rEgnIRjEHjWfjXX8
u24lFwyK53TJZ7vlL2bqGMaONWS36QDIfS5wcrqr/f9hHGCQcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org