Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/pcrPpoPh1sDHPcISmyoZFuBcuyg.roa
File: pcrPpoPh1sDHPcISmyoZFuBcuyg.roa (raw, json)
Hash identifier: rzOC5Bk30lj70Jl5aJPyz9vzOKqaFGw4zbTFVFfEeWs=
Subject key identifier: A5:CA:CF:A6:83:E1:D6:C0:C7:3D:C2:12:9B:2A:19:16:E0:5C:BB:28
Certificate issuer: /CN=5a61102ed4d66dcd952de01304e0afe1384d00bf
Certificate serial: 034B89B1
Authority key identifier: 5A:61:10:2E:D4:D6:6D:CD:95:2D:E0:13:04:E0:AF:E1:38:4D:00:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/pcrPpoPh1sDHPcISmyoZFuBcuyg.roa
Signing time: Mon 23 May 2022 14:13:11 +0000
ROA not before: Mon 23 May 2022 14:13:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12886
IP address blocks: 170.81.52.0/22 maxlen: 22
62.204.160.0/19 maxlen: 19
212.118.192.0/19 maxlen: 19
103.21.236.0/22 maxlen: 22
103.192.160.0/22 maxlen: 22
170.84.228.0/22 maxlen: 22
128.65.144.0/21 maxlen: 21
185.88.92.0/22 maxlen: 22
103.234.232.0/22 maxlen: 22
94.101.120.0/22 maxlen: 22
193.23.64.0/19 maxlen: 19
103.51.228.0/22 maxlen: 22
103.76.96.0/22 maxlen: 22
2a02:f90::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55282097 (0x34b89b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a61102ed4d66dcd952de01304e0afe1384d00bf
Validity
Not Before: May 23 14:13:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5cacfa683e1d6c0c73dc2129b2a1916e05cbb28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:73:6f:fb:d3:3b:64:f5:41:46:cb:9f:17:14:
8c:c6:5a:24:1d:b6:d3:ec:fb:42:eb:f2:b0:bd:3e:
30:ee:69:e3:93:ce:39:26:3f:ba:8b:5d:00:89:81:
53:9e:df:39:da:3f:cd:ba:58:69:86:a5:b7:a8:d4:
65:fd:af:0b:83:58:83:e6:9f:5c:87:7a:a7:22:30:
0b:0b:f1:7e:41:73:cf:67:af:45:1b:c0:59:84:2c:
50:2e:2a:71:7f:7a:9e:32:41:01:d0:64:bc:a4:2c:
96:7a:95:4f:48:36:63:46:38:39:43:af:1e:c9:18:
ee:ec:fe:08:6f:60:84:ab:54:39:be:bf:19:60:66:
14:99:9a:57:f2:99:3e:50:6e:85:4a:ba:71:6f:5e:
fe:5c:4c:66:b7:cc:1f:54:82:b0:df:12:92:0f:28:
2b:c2:ba:61:25:80:d6:5c:e2:fc:db:1d:27:6c:f9:
c8:5d:63:5f:8d:f2:f8:5b:35:d1:b2:25:62:91:a6:
f6:5e:db:fe:02:b5:0c:60:36:e8:49:44:7b:87:3f:
89:60:28:20:25:82:ed:01:7d:b3:67:03:87:d4:ba:
75:c5:c4:7f:5b:ee:bb:63:49:05:0d:1b:e4:fd:95:
39:7e:24:20:75:71:82:20:70:25:7b:9a:dc:5c:31:
b3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:CA:CF:A6:83:E1:D6:C0:C7:3D:C2:12:9B:2A:19:16:E0:5C:BB:28
X509v3 Authority Key Identifier:
keyid:5A:61:10:2E:D4:D6:6D:CD:95:2D:E0:13:04:E0:AF:E1:38:4D:00:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/pcrPpoPh1sDHPcISmyoZFuBcuyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/WmEQLtTWbc2VLeATBOCv4ThNAL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.160.0/19
94.101.120.0/22
103.21.236.0/22
103.51.228.0/22
103.76.96.0/22
103.192.160.0/22
103.234.232.0/22
128.65.144.0/21
170.81.52.0/22
170.84.228.0/22
185.88.92.0/22
193.23.64.0/19
212.118.192.0/19
IPv6:
2a02:f90::/32
Signature Algorithm: sha256WithRSAEncryption
8b:96:60:e2:d6:61:d5:04:66:ee:74:7a:73:7f:bd:35:9b:45:
a0:7f:d0:42:43:19:9f:b1:8c:b8:03:90:6b:57:55:eb:0a:d6:
47:4a:cb:cd:8a:87:22:28:8f:0a:33:23:e2:58:ca:4e:54:5e:
3d:fa:21:25:ab:bb:71:92:b4:4c:b0:bc:85:63:d5:55:2c:92:
30:33:cc:32:a9:b5:eb:60:96:18:2d:ac:36:ec:36:b2:a7:8f:
1b:c5:06:da:25:11:15:64:66:9f:e0:a0:06:a5:05:f6:29:18:
48:9c:40:8c:71:81:7a:59:c8:47:9e:22:9b:6c:53:7f:9d:36:
0e:0a:f7:49:14:95:a1:e6:e5:78:77:68:52:8a:95:55:67:64:
ee:76:7b:07:e8:3c:14:ca:d1:18:1b:66:6f:bb:5a:8e:3b:e6:
74:26:99:9e:87:b7:7c:7c:15:91:7e:a1:84:d2:ac:3f:e2:65:
88:0c:ff:80:7d:f0:3e:db:4d:21:0d:78:c3:f7:1c:ea:db:40:
4c:29:38:47:67:cd:03:b5:3a:09:4d:a8:95:21:5e:8e:d0:04:
d5:42:bd:fe:c0:5e:e8:99:2c:84:d4:36:76:8b:7e:e6:8b:19:
f8:c6:53:cc:da:c6:a6:65:9f:76:64:15:7d:48:1d:73:c8:d1:
4a:7d:57:e6
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIEA0uJsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTYxMTAyZWQ0ZDY2ZGNkOTUyZGUwMTMwNGUwYWZlMTM4NGQwMGJmMB4XDTIyMDUy
MzE0MTMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVjYWNmYTY4M2Ux
ZDZjMGM3M2RjMjEyOWIyYTE5MTZlMDVjYmIyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVzb/vTO2T1QUbLnxcUjMZaJB220+z7QuvysL0+MO5p45PO
OSY/uotdAImBU57fOdo/zbpYaYalt6jUZf2vC4NYg+afXId6pyIwCwvxfkFzz2ev
RRvAWYQsUC4qcX96njJBAdBkvKQslnqVT0g2Y0Y4OUOvHskY7uz+CG9ghKtUOb6/
GWBmFJmaV/KZPlBuhUq6cW9e/lxMZrfMH1SCsN8Skg8oK8K6YSWA1lzi/NsdJ2z5
yF1jX43y+Fs10bIlYpGm9l7b/gK1DGA26ElEe4c/iWAoICWC7QF9s2cDh9S6dcXE
f1vuu2NJBQ0b5P2VOX4kIHVxgiBwJXua3Fwxs58CAwEAAaOCAmAwggJcMB0GA1Ud
DgQWBBSlys+mg+HWwMc9whKbKhkW4Fy7KDAfBgNVHSMEGDAWgBRaYRAu1NZtzZUt
4BME4K/hOE0AvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dtRVFMdFRXYmMyVkxlQVRCT0N2NFRoTkFMOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvOTVlNzhhLTU3ZTctNGE1OC05MzE2LTI4OGJkNmI5ZTA5Mi8x
L3BjclBwb1BoMXNESFBjSVNteW9aRnVCY3V5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
OTVlNzhhLTU3ZTctNGE1OC05MzE2LTI4OGJkNmI5ZTA5Mi8xL1dtRVFMdFRXYmMy
VkxlQVRCT0N2NFRoTkFMOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB2
BggrBgEFBQcBBwEB/wRnMGUwVAQCAAEwTgMEBT7MoAMEAl5leAMEAmcV7AMEAmcz
5AMEAmdMYAMEAmfAoAMEAmfq6AMEA4BBkAMEAqpRNAMEAqpU5AMEArlYXAMEBcEX
QAMEBdR2wDANBAIAAjAHAwUAKgIPkDANBgkqhkiG9w0BAQsFAAOCAQEAi5Zg4tZh
1QRm7nR6c3+9NZtFoH/QQkMZn7GMuAOQa1dV6wrWR0rLzYqHIiiPCjMj4ljKTlRe
PfohJau7cZK0TLC8hWPVVSySMDPMMqm162CWGC2sNuw2sqePG8UG2iURFWRmn+Cg
BqUF9ikYSJxAjHGBelnIR54im2xTf502Dgr3SRSVoebleHdoUoqVVWdk7nZ7B+g8
FMrRGBtmb7tajjvmdCaZnoe3fHwVkX6hhNKsP+JliAz/gH3wPttNIQ14w/cc6ttA
TCk4R2fNA7U6CU2olSFejtAE1UK9/sBe6JkshNQ2dot+5osZ+MZTzNrGpmWfdmQV
fUgdc8jRSn1X5g==
-----END CERTIFICATE-----
Generated at Thu Feb 20 17:32:21 2025 by rpki-client