Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/PCYOFDeO6h6rJJJxNLnqrEl5mYU.roa
File: PCYOFDeO6h6rJJJxNLnqrEl5mYU.roa (raw, json)
Hash identifier: F1Hqw9VgzqF/R49RXHLJhw5IHcI1SCVym3apx04kKq8=
Subject key identifier: 3C:26:0E:14:37:8E:EA:1E:AB:24:92:71:34:B9:EA:AC:49:79:99:85
Certificate issuer: /CN=adf0df77114741e13a17d7213e6956bf9627b558
Certificate serial: 065E8C6A
Authority key identifier: AD:F0:DF:77:11:47:41:E1:3A:17:D7:21:3E:69:56:BF:96:27:B5:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfDfdxFHQeE6F9chPmlWv5YntVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/PCYOFDeO6h6rJJJxNLnqrEl5mYU.roa
Signing time: Thu 02 Jun 2022 10:41:28 +0000
ROA not before: Thu 02 Jun 2022 10:41:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62319
IP address blocks: 91.142.136.0/24 maxlen: 24
193.106.120.0/22 maxlen: 22
185.150.72.0/22 maxlen: 22
193.169.74.0/23 maxlen: 23
91.216.118.0/24 maxlen: 24
178.209.184.0/22 maxlen: 22
178.209.188.0/23 maxlen: 23
185.203.0.0/22 maxlen: 22
185.66.184.0/22 maxlen: 22
185.4.219.0/24 maxlen: 24
185.4.218.0/24 maxlen: 24
185.4.216.0/23 maxlen: 23
178.209.166.0/24 maxlen: 24
178.209.167.0/24 maxlen: 24
178.209.172.0/24 maxlen: 24
194.126.192.0/24 maxlen: 24
91.194.36.0/23 maxlen: 23
194.116.178.0/23 maxlen: 23
185.40.44.0/22 maxlen: 22
2a02:c900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106859626 (0x65e8c6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf0df77114741e13a17d7213e6956bf9627b558
Validity
Not Before: Jun 2 10:41:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c260e14378eea1eab24927134b9eaac49799985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2d:36:e7:08:5d:12:10:ad:c6:c3:29:8c:5c:
b1:4c:82:b4:4b:e7:60:08:a1:ff:e3:fa:a6:0e:cb:
1b:ea:f6:25:4c:d0:9b:88:fb:2c:34:cf:4e:18:7d:
ef:13:ae:07:b1:f7:79:b8:90:27:40:fa:56:85:e5:
22:80:d6:ae:9f:c6:af:3d:e9:fb:2b:f3:eb:e7:f2:
6b:c7:c4:88:22:c5:d1:9e:7f:e6:fb:6d:2b:bf:d4:
56:4a:89:99:3e:01:61:b9:0c:3e:2e:42:4b:b2:ec:
3b:b5:d2:4c:12:cd:80:f7:90:1f:0b:49:0e:4d:f0:
73:95:46:91:4a:8d:c2:9e:78:0c:86:6b:f2:07:62:
17:d4:74:f6:df:d6:15:55:b1:6e:69:0b:a4:ff:6a:
b8:70:2e:bc:a6:fd:ef:5a:0b:73:0e:3f:25:c8:67:
d0:8b:60:b4:4f:c8:ca:53:f6:70:03:13:7a:36:e6:
24:81:07:f9:07:37:b3:90:dc:20:e9:67:fc:61:cd:
5a:91:7b:e4:a1:75:78:22:3a:26:7a:92:3f:ee:30:
6e:a1:97:30:e7:34:78:b1:e8:4e:08:c1:6d:11:62:
a8:62:cc:1b:01:6d:b2:da:33:5f:22:c3:17:0a:0f:
80:28:97:a4:15:46:a3:12:00:dd:2d:3a:6b:5c:e9:
e0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:26:0E:14:37:8E:EA:1E:AB:24:92:71:34:B9:EA:AC:49:79:99:85
X509v3 Authority Key Identifier:
keyid:AD:F0:DF:77:11:47:41:E1:3A:17:D7:21:3E:69:56:BF:96:27:B5:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfDfdxFHQeE6F9chPmlWv5YntVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/PCYOFDeO6h6rJJJxNLnqrEl5mYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/rfDfdxFHQeE6F9chPmlWv5YntVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.136.0/24
91.194.36.0/23
91.216.118.0/24
178.209.166.0/23
178.209.172.0/24
178.209.184.0-178.209.189.255
185.4.216.0/22
185.40.44.0/22
185.66.184.0/22
185.150.72.0/22
185.203.0.0/22
193.106.120.0/22
193.169.74.0/23
194.116.178.0/23
194.126.192.0/24
IPv6:
2a02:c900::/29
Signature Algorithm: sha256WithRSAEncryption
17:99:47:b8:d2:e6:59:66:40:72:d6:f2:6a:94:94:f1:e0:36:
4c:74:77:ce:36:fb:50:e0:a1:ad:87:ec:0a:ac:e6:ba:78:9c:
3e:81:5d:b4:66:c2:99:11:68:d6:60:ef:ad:97:e2:d3:d9:12:
fa:cf:45:4e:fa:56:2c:dd:b8:04:3d:6c:aa:7a:37:04:1a:04:
6f:5b:1a:f9:23:5a:2f:7b:8d:54:b0:ec:3e:18:7d:53:df:7b:
fc:13:ef:60:e5:04:9f:29:e6:75:6b:46:f0:30:ff:1b:28:60:
54:f2:f7:07:fd:76:f5:9d:16:b1:b7:65:77:fb:4c:ed:04:ff:
9d:a8:5c:5c:d3:54:60:48:d3:3a:a2:a6:74:46:1b:69:9c:81:
48:ec:e4:26:f6:aa:bf:2d:0c:91:65:0b:1c:96:8f:79:3b:f5:
63:c1:d5:40:aa:f5:0e:1d:fd:6b:b6:d3:6d:d2:3e:e7:41:14:
1b:8b:14:ce:6f:5c:2c:3c:55:38:43:9f:be:d8:a6:9d:b7:af:
f5:0d:75:67:ff:8c:9b:e6:a5:74:3e:80:bf:90:d0:1e:da:49:
31:c0:8c:5f:ae:21:e5:11:48:a5:bf:b3:fd:23:24:e1:d0:c2:
3b:5a:bc:f3:01:08:3c:dd:c8:64:2c:e0:06:7e:71:99:d1:5b:
6c:c2:85:c2
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIEBl6MajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGYwZGY3NzExNDc0MWUxM2ExN2Q3MjEzZTY5NTZiZjk2MjdiNTU4MB4XDTIyMDYw
MjEwNDEyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MyNjBlMTQzNzhl
ZWExZWFiMjQ5MjcxMzRiOWVhYWM0OTc5OTk4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANktNucIXRIQrcbDKYxcsUyCtEvnYAih/+P6pg7LG+r2JUzQ
m4j7LDTPThh97xOuB7H3ebiQJ0D6VoXlIoDWrp/Grz3p+yvz6+fya8fEiCLF0Z5/
5vttK7/UVkqJmT4BYbkMPi5CS7LsO7XSTBLNgPeQHwtJDk3wc5VGkUqNwp54DIZr
8gdiF9R09t/WFVWxbmkLpP9quHAuvKb971oLcw4/Jchn0ItgtE/IylP2cAMTejbm
JIEH+Qc3s5DcIOln/GHNWpF75KF1eCI6JnqSP+4wbqGXMOc0eLHoTgjBbRFiqGLM
GwFtstozXyLDFwoPgCiXpBVGoxIA3S06a1zp4JkCAwEAAaOCAnUwggJxMB0GA1Ud
DgQWBBQ8Jg4UN47qHqskknE0ueqsSXmZhTAfBgNVHSMEGDAWgBSt8N93EUdB4ToX
1yE+aVa/lie1WDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JmRGZkeEZIUWVFNkY5Y2hQbWxXdjVZbnRWZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvYTMwYmVhLTllOTMtNDA5MS1iNmUxLWUxZWYyNzc3MmVhZi8x
L1BDWU9GRGVPNmg2ckpKSnhOTG5xckVsNW1ZVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
YTMwYmVhLTllOTMtNDA5MS1iNmUxLWUxZWYyNzc3MmVhZi8xL3JmRGZkeEZIUWVF
NkY5Y2hQbWxXdjVZbnRWZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
igYIKwYBBQUHAQcBAf8EezB5MGgEAgABMGIDBABbjogDBAFbwiQDBABb2HYDBAGy
0aYDBACy0awwDAMEA7LRuAMEAbLRvAMEArkE2AMEArkoLAMEArlCuAMEArmWSAME
ArnLAAMEAsFqeAMEAcGpSgMEAcJ0sgMEAMJ+wDANBAIAAjAHAwUDKgLJADANBgkq
hkiG9w0BAQsFAAOCAQEAF5lHuNLmWWZActbyapSU8eA2THR3zjb7UOChrYfsCqzm
unicPoFdtGbCmRFo1mDvrZfi09kS+s9FTvpWLN24BD1sqno3BBoEb1sa+SNaL3uN
VLDsPhh9U997/BPvYOUEnynmdWtG8DD/GyhgVPL3B/129Z0Wsbdld/tM7QT/nahc
XNNUYEjTOqKmdEYbaZyBSOzkJvaqvy0MkWULHJaPeTv1Y8HVQKr1Dh39a7bTbdI+
50EUG4sUzm9cLDxVOEOfvtimnbev9Q11Z/+Mm+aldD6Av5DQHtpJMcCMX64h5RFI
pb+z/SMk4dDCO1q88wEIPN3IZCzgBn5xmdFbbMKFwg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:55 2023 by rpki-client on console-fra.rpki-client.org