Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/PJtZ72gGSxFmZW7u8gS5gyo6FVY.roa
File: PJtZ72gGSxFmZW7u8gS5gyo6FVY.roa (raw, json)
Hash identifier: nZ3ICR7ODxf59Q0Wbe+HzqNyjjlhKvixQiEUn45DVnk=
Subject key identifier: 3C:9B:59:EF:68:06:4B:11:66:65:6E:EE:F2:04:B9:83:2A:3A:15:56
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 01840F2186168F0B28472D3A9F4F28AA79DC
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/PJtZ72gGSxFmZW7u8gS5gyo6FVY.roa
Signing time: Tue 25 Oct 2022 12:32:45 +0000
ROA not before: Tue 25 Oct 2022 12:32:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200645
IP address blocks: 185.177.232.0/22 maxlen: 22
5.202.208.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:21:86:16:8f:0b:28:47:2d:3a:9f:4f:28:aa:79:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Oct 25 12:32:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c9b59ef68064b1166656eeef204b9832a3a1556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:15:44:c2:b6:e5:03:14:42:e4:6d:ed:bc:b6:
d0:d1:76:1f:d5:7f:03:af:fc:96:49:2a:07:15:6f:
23:ee:52:11:95:a1:fa:86:8f:70:1a:64:6c:bf:8d:
c3:49:88:2a:a3:b9:d6:8d:80:5f:7a:e8:9b:91:33:
d3:e3:87:d1:5e:7a:d6:99:f8:74:dd:d2:7b:4f:8c:
d2:23:a7:4a:8b:0d:ce:2c:8f:2e:f0:83:67:18:02:
ed:89:2f:73:49:68:7c:2d:47:00:5a:90:a8:94:f8:
a1:32:0c:af:7d:6d:e3:76:c4:4e:93:39:11:ea:00:
a4:db:0a:de:7c:d9:12:a8:66:cb:db:05:64:dc:3c:
35:89:23:92:b9:8a:e9:da:ff:38:39:85:41:01:54:
7e:6c:9b:55:b2:69:8a:68:1d:55:83:26:67:8c:e3:
da:a0:2d:cb:0b:42:bf:35:fa:00:5f:0c:be:f4:74:
2f:94:a8:6f:c0:c6:af:6d:05:d5:1b:15:3b:84:55:
b7:f2:57:54:13:49:18:9b:f1:91:00:78:ca:fa:51:
4e:fb:0b:27:83:76:3a:1c:69:eb:23:97:5d:d2:c2:
5d:4d:23:30:f0:7e:d4:f0:02:0b:e6:da:e3:52:75:
e0:5d:38:b9:dc:5e:05:98:a2:4d:c0:67:e4:a8:1f:
16:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9B:59:EF:68:06:4B:11:66:65:6E:EE:F2:04:B9:83:2A:3A:15:56
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/PJtZ72gGSxFmZW7u8gS5gyo6FVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.208.0/20
185.177.232.0/22
Signature Algorithm: sha256WithRSAEncryption
41:a3:ac:53:03:f4:10:6d:f0:1d:d4:ed:d8:29:66:4e:86:9b:
c1:68:af:21:59:36:48:01:5b:b6:f4:d3:ed:ae:ce:6e:b6:99:
a8:35:83:43:e3:1a:a6:a4:77:17:c4:e6:68:0d:a0:b8:f2:89:
ed:d6:03:8c:a7:7d:7c:5a:8b:7c:4f:d0:bf:5e:dd:05:90:54:
30:6b:bf:84:5c:91:32:92:4c:16:de:e5:5a:76:b2:dc:a8:90:
20:7f:1a:69:59:8e:d8:67:f7:80:82:51:7e:34:b1:fb:a8:cf:
3d:28:82:d9:11:5d:49:a1:aa:fa:66:9b:af:00:a3:a1:d8:74:
3d:16:6f:47:c4:d4:27:8a:f2:fc:b4:4c:70:17:e3:5d:7c:a8:
fe:fb:1f:67:39:b4:5b:c3:cf:b5:06:c2:c3:d9:41:59:03:ce:
5b:70:ad:47:67:0c:f5:e4:f8:a0:11:2e:08:b4:53:c2:4e:1e:
e9:2c:c9:99:a6:bb:6a:cc:e5:ab:e8:51:9f:7c:29:c2:85:48:
5c:07:cf:4f:fa:15:25:d8:42:01:48:c4:4c:47:fd:2a:ee:47:
01:57:0d:ff:7c:e4:06:6c:09:0a:93:78:df:20:10:a4:36:01:
1e:5b:f4:db:9e:c9:cd:47:28:f9:5d:b4:3c:35:3e:c3:20:fe:
2c:f8:6e:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQPIYYWjwsoRy06n08oqnncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjIxMDI1MTIzMjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzliNTllZjY4MDY0YjExNjY2NTZlZWVmMjA0Yjk4MzJhM2ExNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBVEwrblAxRC5G3tvLbQ0XYf1X8D
r/yWSSoHFW8j7lIRlaH6ho9wGmRsv43DSYgqo7nWjYBfeuibkTPT44fRXnrWmfh0
3dJ7T4zSI6dKiw3OLI8u8INnGALtiS9zSWh8LUcAWpColPihMgyvfW3jdsROkzkR
6gCk2wrefNkSqGbL2wVk3Dw1iSOSuYrp2v84OYVBAVR+bJtVsmmKaB1VgyZnjOPa
oC3LC0K/NfoAXwy+9HQvlKhvwMavbQXVGxU7hFW38ldUE0kYm/GRAHjK+lFO+wsn
g3Y6HGnrI5dd0sJdTSMw8H7U8AIL5trjUnXgXTi53F4FmKJNwGfkqB8WgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDybWe9oBksRZmVu7vIEuYMqOhVWMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvUEp0WjcyZ0dTeEZtWlc3dThnUzVneW82RlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBcrQAwQC
ubHoMA0GCSqGSIb3DQEBCwUAA4IBAQBBo6xTA/QQbfAd1O3YKWZOhpvBaK8hWTZI
AVu29NPtrs5utpmoNYND4xqmpHcXxOZoDaC48ont1gOMp318Wot8T9C/Xt0FkFQw
a7+EXJEykkwW3uVadrLcqJAgfxppWY7YZ/eAglF+NLH7qM89KILZEV1Joar6Zpuv
AKOh2HQ9Fm9HxNQnivL8tExwF+NdfKj++x9nObRbw8+1BsLD2UFZA85bcK1HZwz1
5PigES4ItFPCTh7pLMmZprtqzOWr6FGffCnChUhcB89P+hUl2EIBSMRMR/0q7kcB
Vw3/fOQGbAkKk3jfIBCkNgEeW/TbnsnNRyj5XbQ8NT7DIP4s+G6H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org