Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/PTkFsmRnfjTbQ_jLs3SqyS2hMf0.roa
File: PTkFsmRnfjTbQ_jLs3SqyS2hMf0.roa (raw, json)
Hash identifier: K5Wok7LY7RMkRrazf4Z9jJ8N+s4wA3feKkgNqhBvir4=
Subject key identifier: 3D:39:05:B2:64:67:7E:34:DB:43:F8:CB:B3:74:AA:C9:2D:A1:31:FD
Certificate issuer: /CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Certificate serial: 018A745BDE9EEAB5549AD54A949F40A61618
Authority key identifier: 1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/PTkFsmRnfjTbQ_jLs3SqyS2hMf0.roa
Signing time: Fri 08 Sep 2023 10:34:52 +0000
ROA not before: Fri 08 Sep 2023 10:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42306
IP address blocks: 46.253.96.0/21 maxlen: 21
185.134.160.0/22 maxlen: 22
46.253.104.0/21 maxlen: 21
77.236.192.0/19 maxlen: 19
37.44.208.0/22 maxlen: 22
2a06:ed40::/29 maxlen: 29
2a03:f280::/29 maxlen: 29
2a0e:5340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:5b:de:9e:ea:b5:54:9a:d5:4a:94:9f:40:a6:16:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Validity
Not Before: Sep 8 10:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d3905b264677e34db43f8cbb374aac92da131fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ca:e1:a3:8a:54:29:81:fa:0b:0d:ab:ad:43:
87:39:08:95:83:f7:fc:c1:ce:ce:07:47:b1:76:3d:
f7:f3:50:70:1b:2e:2a:5a:6d:b1:b0:2a:60:87:c2:
7e:7a:9d:4a:99:17:b6:22:a7:86:c4:81:a2:01:1d:
31:e1:e6:46:03:4d:d8:57:98:7c:4b:9f:49:f7:68:
0f:18:30:91:3b:d2:8d:36:28:ad:5e:d2:95:b9:a2:
f6:2c:6b:ac:f9:83:f9:c3:d5:57:ab:0c:6b:77:4b:
e6:b9:53:56:28:68:60:d0:51:63:ee:e5:55:8f:29:
bd:67:4e:b8:76:79:e0:68:ae:3b:a6:d2:2b:27:b4:
17:cf:fb:da:5a:0b:10:57:fa:c6:c9:bd:f2:54:90:
4d:2c:22:5d:42:a7:01:2d:5f:e9:dd:aa:e8:e4:fb:
18:3b:87:27:a7:dc:a0:17:37:5f:5a:1f:88:14:a0:
36:24:07:2c:c2:03:c4:de:02:c7:e2:08:d8:a5:63:
47:0a:92:72:76:b7:68:fb:d3:be:d8:3c:63:8d:d3:
2e:b1:71:33:8b:a6:22:ba:c0:70:51:46:1e:c2:c6:
6c:0c:1b:16:10:12:08:31:5d:a2:bc:83:80:8c:15:
db:71:27:a7:12:6c:f4:5c:c6:52:2c:ca:16:33:90:
6e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:39:05:B2:64:67:7E:34:DB:43:F8:CB:B3:74:AA:C9:2D:A1:31:FD
X509v3 Authority Key Identifier:
keyid:1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/PTkFsmRnfjTbQ_jLs3SqyS2hMf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/GpnHX-V3fhNlc-HlHvumeB86WxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.208.0/22
46.253.96.0/20
77.236.192.0/19
185.134.160.0/22
IPv6:
2a03:f280::/29
2a06:ed40::/29
2a0e:5340::/29
Signature Algorithm: sha256WithRSAEncryption
66:f1:4b:aa:5b:cd:2d:eb:b7:89:97:f8:54:b8:59:ed:f7:4c:
2d:02:d3:0f:d7:15:50:c8:ae:97:39:ee:77:9a:04:04:86:63:
21:63:12:8a:f3:87:68:ed:7b:ad:5f:12:fb:78:3e:e3:e8:b1:
12:7e:a9:15:4e:e2:1d:98:03:30:a4:0a:66:37:b4:be:f4:09:
f1:cc:70:21:0c:c8:7f:b7:89:44:bc:ce:2f:b8:97:fb:6a:95:
05:b8:73:20:eb:bd:af:45:f3:17:90:16:79:d7:85:d7:b8:c2:
b8:6c:69:94:c9:8d:14:ad:e8:eb:4e:b9:a0:51:7c:77:3b:44:
eb:f9:33:ef:6a:cd:42:2e:ae:8b:36:1f:f7:33:71:9f:fc:d4:
2a:50:46:4e:31:02:92:b6:da:fc:ae:ca:38:cf:be:eb:57:21:
ee:6d:9a:0f:07:a0:52:10:1f:b3:e7:8a:88:de:89:71:eb:c5:
d8:ab:77:a5:49:96:a7:b8:1f:74:0e:c1:a8:06:89:5e:88:f4:
2e:cc:4b:a0:5a:fa:5a:03:3e:e4:f7:5c:8c:9b:5c:a8:b3:30:
65:dc:60:d7:7e:50:13:ec:b7:7a:fc:80:33:95:c3:5a:a8:6e:
4c:e4:c1:76:52:46:29:00:d0:bc:3c:1d:39:56:cd:78:43:b8:
d0:d3:3a:bf
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYp0W96e6rVUmtVKlJ9AphYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTljNzVmZTU3NzdlMTM2NTczZTFlNTFlZmJhNjc4MWYz
YTViMTYwHhcNMjMwOTA4MTAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDM5MDViMjY0Njc3ZTM0ZGI0M2Y4Y2JiMzc0YWFjOTJkYTEzMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8rho4pUKYH6Cw2rrUOHOQiVg/f8
wc7OB0exdj3381BwGy4qWm2xsCpgh8J+ep1KmRe2IqeGxIGiAR0x4eZGA03YV5h8
S59J92gPGDCRO9KNNiitXtKVuaL2LGus+YP5w9VXqwxrd0vmuVNWKGhg0FFj7uVV
jym9Z064dnngaK47ptIrJ7QXz/vaWgsQV/rGyb3yVJBNLCJdQqcBLV/p3aro5PsY
O4cnp9ygFzdfWh+IFKA2JAcswgPE3gLH4gjYpWNHCpJydrdo+9O+2DxjjdMusXEz
i6YiusBwUUYewsZsDBsWEBIIMV2ivIOAjBXbcSenEmz0XMZSLMoWM5BuswIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFD05BbJkZ34020P4y7N0qsktoTH9MB8GA1UdIwQY
MBaAFBqZx1/ld34TZXPh5R77pngfOlsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BuSFgtVjNmaE5sYy1IbEh2dW1lQjg2V3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83MTE3M2ItMTkzOC00ODM1LWFmMDAt
YTY5OWJjYjA4YWUzLzEvUFRrRnNtUm5malRiUV9qTHMzU3F5UzJoTWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83MTE3M2ItMTkzOC00ODM1LWFmMDAtYTY5OWJjYjA4YWUz
LzEvR3BuSFgtVjNmaE5sYy1IbEh2dW1lQjg2V3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCJSzQAwQE
Lv1gAwQFTezAAwQCuYagMBsEAgACMBUDBQMqA/KAAwUDKgbtQAMFAyoOU0AwDQYJ
KoZIhvcNAQELBQADggEBAGbxS6pbzS3rt4mX+FS4We33TC0C0w/XFVDIrpc57nea
BASGYyFjEorzh2jte61fEvt4PuPosRJ+qRVO4h2YAzCkCmY3tL70CfHMcCEMyH+3
iUS8zi+4l/tqlQW4cyDrva9F8xeQFnnXhde4wrhsaZTJjRSt6OtOuaBRfHc7ROv5
M+9qzUIuros2H/czcZ/81CpQRk4xApK22vyuyjjPvutXIe5tmg8HoFIQH7Pnioje
iXHrxdird6VJlqe4H3QOwagGiV6I9C7MS6Ba+loDPuT3XIybXKizMGXcYNd+UBPs
t3r8gDOVw1qobkzkwXZSRikA0Lw8HTlWzXhDuNDTOr8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:39 2025 by rpki-client