Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/pJTQgrkEXAxhY5XE4aBA1AaBDoY.roa
File: pJTQgrkEXAxhY5XE4aBA1AaBDoY.roa (raw, json)
Hash identifier: xb8HjN3Yf/hHI7MVprU/cp50Y54z1qH1vvrqgY5ItmA=
Subject key identifier: A4:94:D0:82:B9:04:5C:0C:61:63:95:C4:E1:A0:40:D4:06:81:0E:86
Certificate issuer: /CN=1678b49f9ae25f1e127534b1915044ac7d0d9e73
Certificate serial: 065F580E
Authority key identifier: 16:78:B4:9F:9A:E2:5F:1E:12:75:34:B1:91:50:44:AC:7D:0D:9E:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fni0n5riXx4SdTSxkVBErH0NnnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/pJTQgrkEXAxhY5XE4aBA1AaBDoY.roa
Signing time: Sat 01 Jan 2022 04:02:03 +0000
ROA not before: Sat 01 Jan 2022 04:02:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48095
IP address blocks: 193.38.242.0/23 maxlen: 23
185.223.40.0/22 maxlen: 22
193.37.54.0/23 maxlen: 23
193.37.52.0/23 maxlen: 23
193.38.240.0/23 maxlen: 23
185.226.80.0/22 maxlen: 22
185.249.236.0/22 maxlen: 22
147.78.52.0/23 maxlen: 23
147.78.54.0/23 maxlen: 23
194.93.36.0/23 maxlen: 23
194.93.38.0/23 maxlen: 23
194.26.176.0/22 maxlen: 22
194.55.80.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106911758 (0x65f580e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1678b49f9ae25f1e127534b1915044ac7d0d9e73
Validity
Not Before: Jan 1 04:02:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a494d082b9045c0c616395c4e1a040d406810e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:36:55:48:4c:a4:d6:2a:bc:e5:fc:2f:22:31:
cf:0f:80:17:ea:db:c4:4f:91:7c:f1:57:a4:cc:51:
7a:39:41:25:54:35:97:40:bb:d6:f6:87:cc:ab:8f:
ea:6a:0c:d6:62:ef:aa:d6:b3:4f:fe:25:89:4e:5a:
26:8a:3f:c3:fb:ab:5b:54:27:e6:2f:09:8d:2a:3b:
2f:95:a6:79:2a:a8:c8:a7:e0:22:1b:57:f0:bf:91:
fd:f0:5b:7d:92:c4:74:33:9b:dc:fc:df:ae:e1:ff:
e3:e2:7c:e4:27:76:43:c9:3f:10:c5:3e:2e:54:3e:
82:3f:71:6a:2f:b0:c8:b6:9c:c1:82:67:0e:ee:6a:
9b:4d:ab:96:fd:2e:4d:45:3b:7b:98:85:ec:d2:11:
54:af:40:cc:f0:72:cf:ae:05:65:95:b7:be:26:9f:
8f:22:07:c0:d4:aa:51:73:df:e2:43:e2:dd:97:1b:
23:9c:d5:dc:d5:10:c1:b5:be:f4:c6:b1:65:1d:4b:
82:51:e8:7a:bd:5b:25:20:fb:a8:56:1e:0d:b6:4b:
62:96:dd:a7:57:c4:39:b8:f7:96:d1:72:2b:a3:fc:
75:a7:b7:d7:04:c4:0f:78:9e:de:42:6c:2e:59:06:
29:97:72:4a:03:66:87:9d:28:65:ef:4f:a4:47:18:
ed:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:94:D0:82:B9:04:5C:0C:61:63:95:C4:E1:A0:40:D4:06:81:0E:86
X509v3 Authority Key Identifier:
keyid:16:78:B4:9F:9A:E2:5F:1E:12:75:34:B1:91:50:44:AC:7D:0D:9E:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fni0n5riXx4SdTSxkVBErH0NnnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/pJTQgrkEXAxhY5XE4aBA1AaBDoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/Fni0n5riXx4SdTSxkVBErH0NnnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.52.0/22
185.223.40.0/22
185.226.80.0/22
185.249.236.0/22
193.37.52.0/22
193.38.240.0/22
194.26.176.0/22
194.55.80.0/22
194.93.36.0/22
Signature Algorithm: sha256WithRSAEncryption
13:8a:95:21:8a:f8:e0:b4:1a:00:47:7e:dd:73:23:8a:34:a8:
9b:63:79:48:18:cc:98:73:45:ca:81:d6:73:0f:d9:2b:4c:39:
49:18:58:9e:c4:55:49:0a:39:4c:fb:92:da:28:30:1e:5b:5c:
a1:e4:4e:5a:cf:73:26:d0:0c:07:13:da:c3:0d:10:69:69:73:
3b:36:13:50:90:82:80:7f:b0:10:cb:ae:e5:35:ae:67:b3:0b:
49:6f:6f:0e:21:13:41:fa:a6:9d:21:41:23:ee:8a:74:85:c7:
2b:38:9e:1a:5d:85:58:42:9b:da:b4:b6:27:72:d0:3b:2a:35:
03:b0:53:89:75:7e:ef:7d:b0:f5:b3:ad:90:b2:fd:18:08:3c:
5b:a3:18:75:b3:a0:75:89:1b:96:bb:a1:98:48:f6:72:72:ce:
46:2c:f0:0b:32:99:1b:ff:47:da:ce:d6:1a:38:b9:61:6d:e3:
59:37:04:f0:6a:8e:ea:9c:76:5b:d3:c5:a4:c9:98:26:7d:4b:
5f:36:c1:3b:a1:2b:05:77:1c:8f:9a:ef:14:6a:50:29:42:c3:
e8:d0:2d:53:99:5e:54:9f:09:82:f8:be:f6:14:9d:68:7a:c0:
bb:96:5f:51:ca:1c:5e:2f:d7:62:17:4c:29:38:8e:0b:42:86:
86:6f:fa:3a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBl9YDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Njc4YjQ5ZjlhZTI1ZjFlMTI3NTM0YjE5MTUwNDRhYzdkMGQ5ZTczMB4XDTIyMDEw
MTA0MDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ5NGQwODJiOTA0
NWMwYzYxNjM5NWM0ZTFhMDQwZDQwNjgxMGU4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMA2VUhMpNYqvOX8LyIxzw+AF+rbxE+RfPFXpMxRejlBJVQ1
l0C71vaHzKuP6moM1mLvqtazT/4liU5aJoo/w/urW1Qn5i8JjSo7L5WmeSqoyKfg
IhtX8L+R/fBbfZLEdDOb3PzfruH/4+J85Cd2Q8k/EMU+LlQ+gj9xai+wyLacwYJn
Du5qm02rlv0uTUU7e5iF7NIRVK9AzPByz64FZZW3viafjyIHwNSqUXPf4kPi3Zcb
I5zV3NUQwbW+9MaxZR1LglHoer1bJSD7qFYeDbZLYpbdp1fEObj3ltFyK6P8dae3
1wTED3ie3kJsLlkGKZdySgNmh50oZe9PpEcY7aECAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBSklNCCuQRcDGFjlcThoEDUBoEOhjAfBgNVHSMEGDAWgBQWeLSfmuJfHhJ1
NLGRUESsfQ2eczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZuaTBuNXJpWHg0U2RUU3hrVkJFckgwTm5uTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvMGY3MWYzLTdlMTMtNDcxMy1iMjMyLTc0NTRhMTlkMzJkMS8x
L3BKVFFncmtFWEF4aFk1WEU0YUJBMUFhQkRvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
MGY3MWYzLTdlMTMtNDcxMy1iMjMyLTc0NTRhMTlkMzJkMS8xL0ZuaTBuNXJpWHg0
U2RUU3hrVkJFckgwTm5uTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEApNONAMEArnfKAMEArniUAMEArn5
7AMEAsElNAMEAsEm8AMEAsIasAMEAsI3UAMEAsJdJDANBgkqhkiG9w0BAQsFAAOC
AQEAE4qVIYr44LQaAEd+3XMjijSom2N5SBjMmHNFyoHWcw/ZK0w5SRhYnsRVSQo5
TPuS2igwHltcoeROWs9zJtAMBxPaww0QaWlzOzYTUJCCgH+wEMuu5TWuZ7MLSW9v
DiETQfqmnSFBI+6KdIXHKzieGl2FWEKb2rS2J3LQOyo1A7BTiXV+732w9bOtkLL9
GAg8W6MYdbOgdYkblruhmEj2cnLORizwCzKZG/9H2s7WGji5YW3jWTcE8GqO6px2
W9PFpMmYJn1LXzbBO6ErBXccj5rvFGpQKULD6NAtU5leVJ8Jgvi+9hSdaHrAu5Zf
UcocXi/XYhdMKTiOC0KGhm/6Og==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:43 2023 by rpki-client on console-fra.rpki-client.org