Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Pvdmyqz8Zm3GsRQ8nP4SWI0VieA.roa
File: Pvdmyqz8Zm3GsRQ8nP4SWI0VieA.roa (raw, json)
Hash identifier: gNPhbd+OfKzij9CbUkGdrI7bG4AH6Gki9SFcEkdf7Gc=
Subject key identifier: 3E:F7:66:CA:AC:FC:66:6D:C6:B1:14:3C:9C:FE:12:58:8D:15:89:E0
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 18FF1155
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Pvdmyqz8Zm3GsRQ8nP4SWI0VieA.roa
Signing time: Fri 04 Mar 2022 08:24:28 +0000
ROA not before: Fri 04 Mar 2022 08:24:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 24
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 32
185.122.59.0/24 maxlen: 32
2a06:82c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 419369301 (0x18ff1155)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 4 08:24:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ef766caacfc666dc6b1143c9cfe12588d1589e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5b:99:73:18:1c:52:1e:c6:75:26:3a:f8:97:
2d:66:e3:ea:30:fa:48:2e:48:4b:69:3a:24:53:a0:
d8:76:b2:b3:c0:d4:29:46:ac:41:45:96:19:c3:a2:
b4:57:65:6a:5e:73:10:a1:91:70:1b:9f:b1:68:42:
a4:e6:ad:83:3c:2b:d0:50:7b:8b:74:2d:ed:e1:58:
16:49:d9:22:c9:7a:42:3f:89:ca:14:3f:32:49:96:
89:94:0f:61:74:13:24:97:34:2d:79:02:9c:ea:dd:
42:0d:9b:f5:2b:c7:ce:8b:33:10:8d:8c:01:b9:70:
57:58:fb:7d:3d:90:f2:2d:bb:78:a8:41:13:48:fd:
b2:f4:33:e2:35:79:a7:80:16:0a:ea:db:c6:df:29:
9c:90:9b:ce:f8:10:fc:1b:85:e1:86:c4:5e:cb:cb:
39:86:dc:c1:6b:19:8a:d3:27:59:35:61:60:ca:9c:
34:7b:d5:c8:e5:16:0f:66:b6:b5:33:ce:5a:41:03:
da:a1:d4:dc:02:01:1f:66:b6:84:92:8a:c7:d6:6d:
29:53:fe:eb:54:c4:c3:3a:da:f0:88:9a:a5:4c:ed:
09:de:14:3e:48:23:ba:0c:c9:1b:51:4e:8c:d6:d4:
b8:b4:a7:7d:27:a9:a7:8e:53:09:11:67:95:67:29:
07:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F7:66:CA:AC:FC:66:6D:C6:B1:14:3C:9C:FE:12:58:8D:15:89:E0
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Pvdmyqz8Zm3GsRQ8nP4SWI0VieA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:82c2::/48
Signature Algorithm: sha256WithRSAEncryption
6d:ae:12:41:f0:3b:5c:fa:39:1c:f9:6a:cd:b6:5e:15:6b:a3:
4b:ee:79:58:1a:8e:13:16:00:b9:af:2a:29:6e:ef:74:61:33:
82:4b:9c:22:7b:79:cf:d4:50:85:a6:a2:2f:32:cf:e1:2f:5e:
4e:68:f6:b1:4d:35:2f:74:8c:ea:6e:26:0a:f3:77:cd:b3:2a:
5c:40:b9:6d:59:fa:9f:f4:aa:f7:a4:cd:24:55:c8:67:4e:ad:
c9:7c:7e:c2:6c:d4:c3:b9:68:25:a3:f7:04:20:05:93:2b:22:
df:ad:20:76:ce:d4:f8:c1:93:31:c3:c3:f8:84:c4:e0:9e:ef:
21:81:73:39:37:47:0c:e7:de:f0:7a:e5:df:2d:66:6d:40:1b:
03:7d:8a:c9:c1:30:e0:23:ac:14:98:9e:24:40:f3:49:bb:b0:
44:b2:f3:02:b9:3c:a3:c5:b2:ea:f2:0e:33:f2:40:a9:5b:f0:
fc:30:ac:49:e4:b6:31:38:3e:7e:77:8e:5b:34:05:1f:cb:54:
7b:3d:14:c1:58:72:8f:07:e2:6f:2e:a4:13:60:81:32:b3:71:
9a:83:df:c9:22:2e:aa:7d:1b:41:12:f2:c8:e5:20:01:fd:ae:
83:0b:ed:e8:93:d0:02:5e:55:fc:5a:fd:82:fe:bf:a6:af:c7:
ab:69:d4:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEGP8RVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMw
NDA4MjQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VmNzY2Y2FhY2Zj
NjY2ZGM2YjExNDNjOWNmZTEyNTg4ZDE1ODllMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9bmXMYHFIexnUmOviXLWbj6jD6SC5IS2k6JFOg2Hays8DU
KUasQUWWGcOitFdlal5zEKGRcBufsWhCpOatgzwr0FB7i3Qt7eFYFknZIsl6Qj+J
yhQ/MkmWiZQPYXQTJJc0LXkCnOrdQg2b9SvHzoszEI2MAblwV1j7fT2Q8i27eKhB
E0j9svQz4jV5p4AWCurbxt8pnJCbzvgQ/BuF4YbEXsvLOYbcwWsZitMnWTVhYMqc
NHvVyOUWD2a2tTPOWkED2qHU3AIBH2a2hJKKx9ZtKVP+61TEwzra8IiapUztCd4U
PkgjugzJG1FOjNbUuLSnfSepp45TCRFnlWcpB1sCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQ+92bKrPxmbcaxFDyc/hJYjRWJ4DAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1B2ZG15cXo4Wm0zR3NSUThuUDRTV0kwVmllQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEALl1FgMEArl6OAMEALmFwDAPBAIA
AjAJAwcAKgaCwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQBtrhJB8Dtc+jkc+WrNtl4V
a6NL7nlYGo4TFgC5ryopbu90YTOCS5wie3nP1FCFpqIvMs/hL15OaPaxTTUvdIzq
biYK83fNsypcQLltWfqf9Kr3pM0kVchnTq3JfH7CbNTDuWglo/cEIAWTKyLfrSB2
ztT4wZMxw8P4hMTgnu8hgXM5N0cM597weuXfLWZtQBsDfYrJwTDgI6wUmJ4kQPNJ
u7BEsvMCuTyjxbLq8g4z8kCpW/D8MKxJ5LYxOD5+d45bNAUfy1R7PRTBWHKPB+Jv
LqQTYIEys3Gag9/JIi6qfRtBEvLI5SAB/a6DC+3ok9ACXlX8Wv2C/r+mr8eradR3
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org