Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/PjgaZcLbXA6QlQxbkIExrjxncQ8.roa
File: PjgaZcLbXA6QlQxbkIExrjxncQ8.roa (raw, json)
Hash identifier: bblugnCKlK4swsCloSNo6of/jmFWlR83UU87ljuhnHQ=
Subject key identifier: 3E:38:1A:65:C2:DB:5C:0E:90:95:0C:5B:90:81:31:AE:3C:67:71:0F
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 040542BF
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/PjgaZcLbXA6QlQxbkIExrjxncQ8.roa
Signing time: Fri 18 Mar 2022 20:03:48 +0000
ROA not before: Fri 18 Mar 2022 20:03:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 194.99.62.0/23 maxlen: 32
194.99.60.0/23 maxlen: 32
193.32.96.0/23 maxlen: 32
193.32.98.0/23 maxlen: 32
31.12.78.0/23 maxlen: 32
31.12.76.0/23 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67453631 (0x40542bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Mar 18 20:03:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e381a65c2db5c0e90950c5b908131ae3c67710f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d4:c7:44:c0:0f:f5:6a:e0:43:a2:50:52:3f:
99:e7:e7:ed:07:dd:ae:88:b6:de:c6:d3:95:da:27:
fd:1e:da:de:fa:e8:db:a6:d5:09:ec:74:6f:41:f5:
54:4a:98:e4:f3:94:96:c9:5c:f2:f3:d0:10:c8:64:
a6:e4:52:89:c0:68:3b:57:81:a5:19:ee:a5:ee:74:
d3:11:d7:d8:c0:0d:2a:bc:0a:56:8b:2a:f6:f2:22:
2d:ae:e7:74:12:0d:66:73:cd:db:c5:e3:cc:24:0c:
96:7d:8f:0d:d6:f1:76:fa:71:fd:94:20:83:41:53:
83:13:c5:5c:9a:c1:f3:cc:e4:85:7c:23:84:b1:44:
12:02:1c:88:ca:64:30:d8:0a:a1:cb:40:89:f7:d4:
a5:b4:8e:5e:5f:7e:53:31:74:db:34:75:7d:dd:d3:
20:a8:64:d8:fe:bf:d0:30:33:98:94:92:79:86:18:
1a:4f:a4:00:71:12:71:5f:3e:04:f1:ea:f1:fd:7d:
bb:e2:a9:c0:83:5d:07:44:21:8e:38:b5:94:4b:bc:
85:16:95:92:e7:6d:43:6e:a1:1b:7a:c3:19:7f:0a:
85:32:ea:e5:a7:43:df:81:04:e1:2e:7e:d3:17:d0:
f5:e1:c2:55:80:4f:fd:d7:fd:5c:e0:10:d6:a0:08:
29:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:38:1A:65:C2:DB:5C:0E:90:95:0C:5B:90:81:31:AE:3C:67:71:0F
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/PjgaZcLbXA6QlQxbkIExrjxncQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.76.0/22
193.32.96.0/22
194.99.60.0/22
Signature Algorithm: sha256WithRSAEncryption
76:3f:9d:3d:38:ff:70:85:ae:9b:0e:c4:16:f6:22:98:62:2e:
34:ac:c8:21:d4:95:ba:a9:28:da:16:f0:ce:4d:f6:b1:55:32:
de:e3:88:64:66:27:03:51:22:d6:86:c0:08:4e:36:07:e3:7e:
8e:f8:fa:36:79:42:9b:09:10:78:2e:5e:a7:68:cd:fb:ad:f7:
d7:c4:7c:5d:f3:4f:38:88:2e:c6:0e:6a:e3:5a:21:64:2e:ec:
13:10:cf:2b:19:0e:c4:72:d2:84:69:cc:2b:68:ad:6f:a4:07:
ba:5d:c7:9a:0e:65:20:a8:89:8f:65:95:98:d1:27:88:5a:69:
20:18:6d:1a:e5:84:f4:db:02:41:c4:1d:e2:bb:07:42:dd:fb:
6a:53:d1:89:0d:c5:57:63:89:69:46:1a:47:82:45:c0:a4:a9:
23:16:d9:7d:13:c3:e4:c1:47:65:3e:19:31:47:3e:00:75:3e:
f4:d3:82:96:67:cb:57:03:28:de:c1:75:95:0b:c6:16:db:f0:
b1:61:26:0e:a7:e3:76:63:c5:20:b7:c2:80:43:ea:74:fe:e1:
e4:d7:f4:ee:a4:40:8a:85:93:07:8d:f7:81:28:07:0b:94:d5:
b0:00:da:ce:96:92:60:48:43:1b:d6:4b:f5:b1:e4:18:43:29:
fb:02:06:c6
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBAVCvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWQ2MzE1NmMxODM2ZjE2YzNiNDMwZWZmYmI3MmFjNjk5MzJlYTliMB4XDTIyMDMx
ODIwMDM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2UzODFhNjVjMmRi
NWMwZTkwOTUwYzViOTA4MTMxYWUzYzY3NzEwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/Ux0TAD/Vq4EOiUFI/mefn7Qfdroi23sbTldon/R7a3vro
26bVCex0b0H1VEqY5POUlslc8vPQEMhkpuRSicBoO1eBpRnupe500xHX2MANKrwK
Vosq9vIiLa7ndBINZnPN28XjzCQMln2PDdbxdvpx/ZQgg0FTgxPFXJrB88zkhXwj
hLFEEgIciMpkMNgKoctAiffUpbSOXl9+UzF02zR1fd3TIKhk2P6/0DAzmJSSeYYY
Gk+kAHEScV8+BPHq8f19u+KpwINdB0Qhjji1lEu8hRaVkudtQ26hG3rDGX8KhTLq
5adD34EE4S5+0xfQ9eHCVYBP/df9XOAQ1qAIKW0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQ+OBplwttcDpCVDFuQgTGuPGdxDzAfBgNVHSMEGDAWgBTZ1jFWwYNvFsO0
MO/7tyrGmTLqmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJkWXhWc0dEYnhiRHRERHYtN2NxeHBreTZwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvOGY0NmJlLTAyOGItNGQwMy1hOTczLWZkYTAxMWU1Yzk3Mi8x
L1BqZ2FaY0xiWEE2UWxReGJrSUV4cmp4bmNROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
OGY0NmJlLTAyOGItNGQwMy1hOTczLWZkYTAxMWU1Yzk3Mi8xLzJkWXhWc0dEYnhi
RHRERHYtN2NxeHBreTZwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAh8MTAMEAsEgYAMEAsJjPDANBgkq
hkiG9w0BAQsFAAOCAQEAdj+dPTj/cIWumw7EFvYimGIuNKzIIdSVuqko2hbwzk32
sVUy3uOIZGYnA1Ei1obACE42B+N+jvj6NnlCmwkQeC5ep2jN+63318R8XfNPOIgu
xg5q41ohZC7sExDPKxkOxHLShGnMK2itb6QHul3Hmg5lIKiJj2WVmNEniFppIBht
GuWE9NsCQcQd4rsHQt37alPRiQ3FV2OJaUYaR4JFwKSpIxbZfRPD5MFHZT4ZMUc+
AHU+9NOClmfLVwMo3sF1lQvGFtvwsWEmDqfjdmPFILfCgEPqdP7h5Nf07qRAioWT
B433gSgHC5TVsADazpaSYEhDG9ZL9bHkGEMp+wIGxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:40 2024 by rpki-client on console-fra.rpki-client.org