Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/px_k1BvmQvtdeLAFpqYzPVlcBRA.roa
File: px_k1BvmQvtdeLAFpqYzPVlcBRA.roa (raw, json)
Hash identifier: PU1ZFnwsdwprWhFLrugvKqKy0tsJGzo9R+r5te9Fei4=
Subject key identifier: A7:1F:E4:D4:1B:E6:42:FB:5D:78:B0:05:A6:A6:33:3D:59:5C:05:10
Certificate issuer: /CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Certificate serial: 0CCE0AE2
Authority key identifier: A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/px_k1BvmQvtdeLAFpqYzPVlcBRA.roa
Signing time: Tue 17 May 2022 14:55:29 +0000
ROA not before: Tue 17 May 2022 14:55:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51265
IP address blocks: 176.126.39.0/24 maxlen: 24
193.9.252.0/23 maxlen: 24
178.157.4.0/22 maxlen: 22
185.44.52.0/22 maxlen: 22
185.69.244.0/22 maxlen: 22
62.240.128.0/19 maxlen: 24
83.216.32.0/19 maxlen: 21
2a07:1740::/29 maxlen: 29
2a04:9540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214829794 (0xcce0ae2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Validity
Not Before: May 17 14:55:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a71fe4d41be642fb5d78b005a6a6333d595c0510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:43:65:14:00:ed:95:1e:5e:bf:1c:60:76:46:
6d:72:93:ee:77:1d:c9:24:77:87:56:6e:1f:65:70:
54:1e:1e:46:f2:34:63:c9:20:7f:22:f6:15:62:78:
b6:13:68:8a:24:4d:66:4a:75:21:79:03:09:12:71:
9d:51:01:45:f0:fe:b4:3e:88:46:e3:e9:c4:6e:d1:
21:dc:1f:43:ba:81:5c:64:29:19:eb:2e:5b:a3:4e:
d0:9c:2a:50:0d:60:61:2e:6e:e4:2c:32:8a:35:d5:
62:3c:94:ba:49:35:26:f3:fc:52:9b:a5:cc:b3:e6:
a0:69:1b:59:3c:4e:b4:9b:dc:7a:47:ae:b0:ae:5b:
b2:86:f2:41:70:66:a6:44:da:6c:78:0d:d7:47:70:
44:2f:ef:a5:75:1a:7d:96:46:06:10:56:ed:b0:84:
c0:cb:63:cd:9f:22:fb:34:c5:a6:c1:26:a9:77:37:
a2:66:28:f5:7b:b1:01:39:df:93:4c:65:53:db:71:
cc:4d:3e:72:1a:96:19:c8:d9:f1:59:b2:c3:41:18:
77:7d:e2:45:5c:9e:85:ec:c3:ab:e0:d2:37:57:ef:
bf:45:91:c1:e9:dd:c5:21:d4:86:9a:ed:82:1c:ba:
2e:b6:ec:6d:f9:d1:ba:ad:f6:8d:19:17:1a:e9:68:
67:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:1F:E4:D4:1B:E6:42:FB:5D:78:B0:05:A6:A6:33:3D:59:5C:05:10
X509v3 Authority Key Identifier:
keyid:A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/px_k1BvmQvtdeLAFpqYzPVlcBRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.240.128.0/19
83.216.32.0/19
176.126.39.0/24
178.157.4.0/22
185.44.52.0/22
185.69.244.0/22
193.9.252.0/23
IPv6:
2a04:9540::/29
2a07:1740::/29
Signature Algorithm: sha256WithRSAEncryption
1b:e8:ef:03:3b:1c:27:32:72:bd:d3:c1:e9:18:85:9d:79:1d:
46:b5:f9:94:c2:60:9f:b0:58:99:b6:0e:13:c8:51:4c:81:ee:
89:f1:59:96:4a:d1:9e:b4:35:b1:05:cd:89:39:5a:bf:a6:94:
97:12:51:46:ca:35:ea:4c:9d:52:68:5d:06:7a:b0:9b:68:e1:
06:1f:66:31:b1:9f:22:eb:cd:c2:b7:0a:33:bd:9b:4f:e6:22:
ba:b5:7d:e1:88:f7:a4:b4:2b:40:65:71:f0:b4:bc:21:7f:19:
9b:f1:09:e5:e3:47:94:6e:9d:43:a4:d4:a8:6e:df:c5:72:43:
f5:3f:cc:66:2f:68:f7:85:2e:8f:e7:78:0d:79:39:99:22:75:
17:9e:89:4c:4a:ae:e8:c7:4a:00:14:ef:18:08:a2:a4:e1:03:
52:8a:3d:37:00:be:0b:95:34:0e:97:78:2b:64:58:7d:e6:15:
42:00:39:30:30:cf:93:b0:a5:08:e9:24:3e:92:cc:c9:3c:fc:
84:cc:13:f1:a3:e7:03:01:9b:fc:61:b1:10:31:f2:e7:38:32:
43:2b:f5:a1:41:9b:5c:1c:e7:52:e0:41:3f:5a:c3:e3:91:9c:
46:93:a8:a5:52:0d:68:f3:1c:ec:22:48:37:00:9b:66:73:15:
3a:73:2f:ea
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEDM4K4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGJmZDA2Y2U4NTViNjJkOWI2ODhjZDhjNTM1ZDVmNDk0Y2QzOTMyMB4XDTIyMDUx
NzE0NTUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTcxZmU0ZDQxYmU2
NDJmYjVkNzhiMDA1YTZhNjMzM2Q1OTVjMDUxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFDZRQA7ZUeXr8cYHZGbXKT7ncdySR3h1ZuH2VwVB4eRvI0
Y8kgfyL2FWJ4thNoiiRNZkp1IXkDCRJxnVEBRfD+tD6IRuPpxG7RIdwfQ7qBXGQp
GesuW6NO0JwqUA1gYS5u5CwyijXVYjyUukk1JvP8UpulzLPmoGkbWTxOtJvcekeu
sK5bsobyQXBmpkTabHgN10dwRC/vpXUafZZGBhBW7bCEwMtjzZ8i+zTFpsEmqXc3
omYo9XuxATnfk0xlU9txzE0+chqWGcjZ8Vmyw0EYd33iRVyehezDq+DSN1fvv0WR
wendxSHUhprtghy6LrbsbfnRuq32jRkXGuloZ6kCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBSnH+TUG+ZC+114sAWmpjM9WVwFEDAfBgNVHSMEGDAWgBSgv9Bs6FW2LZto
jNjFNdX0lM05MjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29MX1FiT2hWdGkyYmFJell4VFhWOUpUTk9USS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvMDMzMTZkLTA0ZTAtNDY2MC1hNjNlLTY3MTgzOTIwMDYwNC8x
L3B4X2sxQnZtUXZ0ZGVMQUZwcVl6UFZsY0JSQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
MDMzMTZkLTA0ZTAtNDY2MC1hNjNlLTY3MTgzOTIwMDYwNC8xL29MX1FiT2hWdGky
YmFJell4VFhWOUpUTk9USS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwMAQCAAEwKgMEBT7wgAMEBVPYIAMEALB+JwMEArKd
BAMEArksNAMEArlF9AMEAcEJ/DAUBAIAAjAOAwUDKgSVQAMFAyoHF0AwDQYJKoZI
hvcNAQELBQADggEBABvo7wM7HCcycr3TwekYhZ15HUa1+ZTCYJ+wWJm2DhPIUUyB
7onxWZZK0Z60NbEFzYk5Wr+mlJcSUUbKNepMnVJoXQZ6sJto4QYfZjGxnyLrzcK3
CjO9m0/mIrq1feGI96S0K0BlcfC0vCF/GZvxCeXjR5RunUOk1Khu38VyQ/U/zGYv
aPeFLo/neA15OZkidReeiUxKrujHSgAU7xgIoqThA1KKPTcAvguVNA6XeCtkWH3m
FUIAOTAwz5OwpQjpJD6SzMk8/ITME/Gj5wMBm/xhsRAx8uc4MkMr9aFBm1wc51Lg
QT9aw+ORnEaTqKVSDWjzHOwiSDcAm2ZzFTpzL+o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:51 2024 by rpki-client on console-fra.rpki-client.org