Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/PSnprc2G-6U7fhAjgQYnE-koFMc.roa
File: PSnprc2G-6U7fhAjgQYnE-koFMc.roa (raw, json)
Hash identifier: BEEamzZP6TaUm4ec+DmqQE9Y30zsfdkyP9ZydHFgS7U=
Subject key identifier: 3D:29:E9:AD:CD:86:FB:A5:3B:7E:10:23:81:06:27:13:E9:28:14:C7
Certificate issuer: /CN=caf613311a7869c335ca66cb423cc6e8b2fa902c
Certificate serial: 15F471F0
Authority key identifier: CA:F6:13:31:1A:78:69:C3:35:CA:66:CB:42:3C:C6:E8:B2:FA:90:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvYTMRp4acM1ymbLQjzG6LL6kCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/PSnprc2G-6U7fhAjgQYnE-koFMc.roa
Signing time: Sat 01 Jan 2022 04:56:55 +0000
ROA not before: Sat 01 Jan 2022 04:56:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6786
IP address blocks: 217.74.192.0/20 maxlen: 24
185.156.224.0/22 maxlen: 24
192.166.192.0/21 maxlen: 24
192.166.200.0/23 maxlen: 24
2a07:a240::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 368341488 (0x15f471f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf613311a7869c335ca66cb423cc6e8b2fa902c
Validity
Not Before: Jan 1 04:56:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d29e9adcd86fba53b7e102381062713e92814c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:11:0f:1a:0a:78:4f:15:bd:81:fe:ef:97:a0:
a0:cd:3f:c9:b5:cc:8d:69:28:c8:c3:d3:f1:0c:3a:
cc:97:a0:24:a3:84:23:9d:77:0f:58:db:8f:cd:42:
c9:b6:a1:e6:ae:1a:61:4c:3b:bf:65:c4:21:0f:cf:
e6:b5:85:47:00:3b:f3:ad:dc:17:11:92:a8:8f:d5:
07:0e:17:93:51:45:17:c4:07:45:0c:6a:72:27:1d:
6b:f5:e1:b7:63:ee:a3:a3:92:b8:82:75:40:74:4e:
b9:71:f7:f1:90:38:fe:1d:a3:b5:3f:89:67:61:73:
fb:7a:3d:f0:4b:bd:84:28:18:ba:e3:43:74:1a:62:
fc:16:0c:e8:ec:05:72:80:22:94:c9:57:d3:b4:2f:
43:fd:4b:3c:23:77:cc:89:18:d2:e4:a9:16:44:8c:
ec:6b:23:28:f4:42:2e:9a:5a:51:1a:05:14:99:d1:
95:54:51:44:0d:a2:f7:da:4d:8c:4a:2b:ae:b3:3d:
dd:3c:e1:4d:20:7e:93:9b:63:bc:3d:e8:5d:25:3a:
fb:74:39:69:bd:02:b3:41:c2:53:ee:7e:04:8d:9d:
73:64:93:fe:3a:54:1e:7a:8c:4a:5d:33:f8:bd:28:
8b:7a:64:4a:21:9f:f7:26:17:18:1e:9c:01:79:d3:
e2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:29:E9:AD:CD:86:FB:A5:3B:7E:10:23:81:06:27:13:E9:28:14:C7
X509v3 Authority Key Identifier:
keyid:CA:F6:13:31:1A:78:69:C3:35:CA:66:CB:42:3C:C6:E8:B2:FA:90:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvYTMRp4acM1ymbLQjzG6LL6kCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/PSnprc2G-6U7fhAjgQYnE-koFMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/yvYTMRp4acM1ymbLQjzG6LL6kCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.224.0/22
192.166.192.0-192.166.201.255
217.74.192.0/20
IPv6:
2a07:a240::/29
Signature Algorithm: sha256WithRSAEncryption
5f:9f:54:bb:0d:c4:f9:c4:ba:47:19:22:d0:58:75:f5:56:d7:
b5:49:5d:24:d9:0e:4d:13:6a:48:03:ea:5f:ae:08:ab:97:7a:
64:1b:70:20:04:57:71:90:3f:27:17:44:4a:a0:f7:e6:f9:96:
38:3d:13:64:be:ae:68:ee:36:18:01:e3:15:1c:69:6e:0f:b0:
9d:24:ba:0f:7d:15:a0:34:9a:17:df:75:17:5d:84:1f:88:f1:
e6:11:c6:62:c6:2b:b4:01:a8:d1:bf:d9:8a:25:5a:ba:26:0d:
6c:02:f7:de:bd:09:be:cf:fd:87:70:38:a5:d1:5f:42:ee:d4:
b9:cf:da:f9:14:52:b7:1c:88:14:12:c0:cf:93:19:82:68:71:
07:c9:8c:0b:a3:82:6f:e7:66:85:b5:1f:b0:2a:3f:54:9c:5a:
19:f8:23:44:6f:2c:23:d1:db:f4:6f:66:7a:4e:90:0f:37:b3:
54:33:f3:35:2b:4c:59:16:bf:c5:d5:ab:fe:ca:47:98:15:dc:
5f:83:d7:31:25:b2:66:37:1a:0f:8f:83:5b:e6:e3:d1:fa:0c:
34:09:48:0f:73:33:38:f8:c0:d2:5f:ea:07:23:11:fd:10:11:
da:ef:f2:b6:c7:55:29:0a:85:23:c1:46:1f:a3:34:f0:c8:c2:
b7:1b:0d:81
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEFfRx8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YWY2MTMzMTFhNzg2OWMzMzVjYTY2Y2I0MjNjYzZlOGIyZmE5MDJjMB4XDTIyMDEw
MTA0NTY1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QyOWU5YWRjZDg2
ZmJhNTNiN2UxMDIzODEwNjI3MTNlOTI4MTRjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQRDxoKeE8VvYH+75egoM0/ybXMjWkoyMPT8Qw6zJegJKOE
I513D1jbj81Cybah5q4aYUw7v2XEIQ/P5rWFRwA7863cFxGSqI/VBw4Xk1FFF8QH
RQxqcicda/Xht2Puo6OSuIJ1QHROuXH38ZA4/h2jtT+JZ2Fz+3o98Eu9hCgYuuND
dBpi/BYM6OwFcoAilMlX07QvQ/1LPCN3zIkY0uSpFkSM7GsjKPRCLppaURoFFJnR
lVRRRA2i99pNjEorrrM93TzhTSB+k5tjvD3oXSU6+3Q5ab0Cs0HCU+5+BI2dc2ST
/jpUHnqMSl0z+L0oi3pkSiGf9yYXGB6cAXnT4tcCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQ9KemtzYb7pTt+ECOBBicT6SgUxzAfBgNVHSMEGDAWgBTK9hMxGnhpwzXK
ZstCPMbosvqQLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l2WVRNUnA0YWNNMXltYkxRanpHNkxMNmtDdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvOTRlYTRiLTNmZjAtNGY3Yi05ZDgzLWMzMTBlY2EzYzA3Yi8x
L1BTbnByYzJHLTZVN2ZoQWpnUVluRS1rb0ZNYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
OTRlYTRiLTNmZjAtNGY3Yi05ZDgzLWMzMTBlY2EzYzA3Yi8xL3l2WVRNUnA0YWNN
MXltYkxRanpHNkxMNmtDdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEArmc4DAMAwQGwKbAAwQBwKbIAwQE
2UrAMA0EAgACMAcDBQMqB6JAMA0GCSqGSIb3DQEBCwUAA4IBAQBfn1S7DcT5xLpH
GSLQWHX1Vte1SV0k2Q5NE2pIA+pfrgirl3pkG3AgBFdxkD8nF0RKoPfm+ZY4PRNk
vq5o7jYYAeMVHGluD7CdJLoPfRWgNJoX33UXXYQfiPHmEcZixiu0AajRv9mKJVq6
Jg1sAvfevQm+z/2HcDil0V9C7tS5z9r5FFK3HIgUEsDPkxmCaHEHyYwLo4Jv52aF
tR+wKj9UnFoZ+CNEbywj0dv0b2Z6TpAPN7NUM/M1K0xZFr/F1av+ykeYFdxfg9cx
JbJmNxoPj4Nb5uPR+gw0CUgPczM4+MDSX+oHIxH9EBHa7/K2x1UpCoUjwUYfozTw
yMK3Gw2B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:35 2024 by rpki-client on console-ams.rpki-client.org