Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/pcQLmZF37E9_1OWv97tFJYhS-6o.roa
File: pcQLmZF37E9_1OWv97tFJYhS-6o.roa (raw, json)
Hash identifier: Rb9lpKbF7tckhfhC/B2LNCH0PB6nctQ3DwLLJ3Pse+I=
Subject key identifier: A5:C4:0B:99:91:77:EC:4F:7F:D4:E5:AF:F7:BB:45:25:88:52:FB:AA
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 01848AF275078FBD52643BB5E8FCC7B26A88
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/pcQLmZF37E9_1OWv97tFJYhS-6o.roa
Signing time: Fri 18 Nov 2022 13:34:16 +0000
ROA not before: Fri 18 Nov 2022 13:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197726
IP address blocks: 195.123.248.0/22 maxlen: 22
195.123.176.0/24 maxlen: 24
195.123.179.0/24 maxlen: 24
195.123.178.0/24 maxlen: 24
195.123.191.0/24 maxlen: 24
195.123.190.0/24 maxlen: 24
195.123.189.0/24 maxlen: 24
195.123.188.0/24 maxlen: 24
195.123.187.0/24 maxlen: 24
195.123.192.0/24 maxlen: 24
195.123.196.0/22 maxlen: 22
195.123.195.0/24 maxlen: 24
195.123.194.0/24 maxlen: 24
195.123.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8a:f2:75:07:8f:bd:52:64:3b:b5:e8:fc:c7:b2:6a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Nov 18 13:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5c40b999177ec4f7fd4e5aff7bb45258852fbaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ee:db:6d:fb:d9:b6:8a:23:c2:20:20:92:93:
29:ed:47:c7:a5:70:46:f9:b1:bc:b1:5c:ad:dd:b5:
79:af:eb:6b:04:66:1a:60:62:d3:2a:4d:f0:03:32:
8d:7d:28:2e:6d:3c:a1:91:bd:e8:b0:fc:bd:31:82:
09:7d:79:bf:ed:19:6d:d3:03:44:f4:21:eb:6f:a5:
95:fa:2d:d8:6d:fe:02:50:fa:12:60:d4:7a:b8:27:
0f:ac:01:aa:fe:3b:1a:c4:34:0a:42:a8:2b:70:7b:
e0:9d:6d:45:77:5b:85:27:a1:2f:81:20:50:10:df:
6e:58:23:1f:a3:3c:cc:cb:ef:92:01:4f:53:fa:e8:
88:52:e0:56:e8:4d:40:74:98:01:85:19:3f:4b:d8:
ac:e1:94:98:f1:bb:f3:b6:52:8b:2c:90:f1:17:0a:
fd:05:f8:28:b0:69:f3:af:39:00:1c:73:88:4e:e7:
48:c0:48:74:4e:5f:ef:5e:26:3c:60:c4:aa:90:82:
10:a2:ee:9a:98:8c:62:90:91:df:30:b1:fe:57:3b:
c9:35:da:89:7a:15:52:de:b4:07:f2:0e:01:9a:a9:
aa:6b:dd:32:1d:84:62:14:e2:58:32:16:fa:72:f9:
91:54:b4:84:f7:5d:1d:e6:05:99:62:a5:0e:a0:61:
14:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C4:0B:99:91:77:EC:4F:7F:D4:E5:AF:F7:BB:45:25:88:52:FB:AA
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/pcQLmZF37E9_1OWv97tFJYhS-6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.176.0/24
195.123.178.0/23
195.123.187.0-195.123.199.255
195.123.248.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:fe:c4:2c:f3:27:69:d6:fd:6e:26:91:61:0d:f1:85:de:a8:
ce:19:79:90:f0:9d:0a:2c:68:ce:37:8b:06:19:eb:6d:4f:59:
25:3e:25:1a:c0:c8:53:ff:8b:01:1c:03:86:b0:b6:56:f6:db:
82:4a:d3:c7:eb:c5:ad:58:64:98:60:59:86:4b:bd:b0:28:17:
d2:66:99:a0:f0:aa:ed:d1:e6:2f:43:cc:a9:47:54:24:67:0d:
f0:8c:86:21:d4:98:5b:50:08:8a:74:a3:04:bd:3f:84:36:7e:
3a:5b:58:b6:9d:7f:3f:78:45:c4:57:86:2b:72:5c:08:35:6f:
1c:23:4e:bf:99:93:24:4d:00:8e:c7:d4:3c:59:6e:5b:2f:06:
bb:bd:2d:79:a4:0f:64:bc:4f:59:aa:fe:b7:ac:c0:f4:08:d1:
bb:6c:9e:5b:09:81:1f:40:38:a3:52:81:9e:e7:8e:69:54:ef:
66:c4:57:38:ff:71:e7:bb:30:7a:ef:3c:ba:46:92:4e:ff:6e:
d5:66:0d:02:7f:3b:11:45:0b:95:11:7f:17:52:f3:f7:e6:d8:
57:6d:0e:06:a4:97:77:ea:f1:80:13:56:91:f5:42:94:bd:25:
43:e0:42:76:f0:de:95:dd:38:63:22:48:8c:51:2e:d7:c0:e5:
1e:50:94:65
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYSK8nUHj71SZDu16PzHsmqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjIxMTE4MTMzNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWM0MGI5OTkxNzdlYzRmN2ZkNGU1YWZmN2JiNDUyNTg4NTJmYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO7bbfvZtoojwiAgkpMp7UfHpXBG
+bG8sVyt3bV5r+trBGYaYGLTKk3wAzKNfSgubTyhkb3osPy9MYIJfXm/7Rlt0wNE
9CHrb6WV+i3Ybf4CUPoSYNR6uCcPrAGq/jsaxDQKQqgrcHvgnW1Fd1uFJ6EvgSBQ
EN9uWCMfozzMy++SAU9T+uiIUuBW6E1AdJgBhRk/S9is4ZSY8bvztlKLLJDxFwr9
BfgosGnzrzkAHHOITudIwEh0Tl/vXiY8YMSqkIIQou6amIxikJHfMLH+VzvJNdqJ
ehVS3rQH8g4Bmqmqa90yHYRiFOJYMhb6cvmRVLSE910d5gWZYqUOoGEUCwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKXEC5mRd+xPf9Tlr/e7RSWIUvuqMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvcGNRTG1aRjM3RTlfMU9Xdjk3dEZKWWhTLTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAw3uwAwQB
w3uyMAwDBADDe7sDBAPDe8ADBALDe/gwDQYJKoZIhvcNAQELBQADggEBAGr+xCzz
J2nW/W4mkWEN8YXeqM4ZeZDwnQosaM43iwYZ621PWSU+JRrAyFP/iwEcA4awtlb2
24JK08frxa1YZJhgWYZLvbAoF9JmmaDwqu3R5i9DzKlHVCRnDfCMhiHUmFtQCIp0
owS9P4Q2fjpbWLadfz94RcRXhityXAg1bxwjTr+ZkyRNAI7H1DxZblsvBru9LXmk
D2S8T1mq/reswPQI0btsnlsJgR9AOKNSgZ7njmlU72bEVzj/cee7MHrvPLpGkk7/
btVmDQJ/OxFFC5URfxdS8/fm2FdtDgakl3fq8YATVpH1QpS9JUPgQnbw3pXdOGMi
SIxRLtfA5R5QlGU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:49 2023 by rpki-client on console-ams.rpki-client.org