Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/PLN23jb9C6cglrp3oQBIOf90sWw.roa
File: PLN23jb9C6cglrp3oQBIOf90sWw.roa (raw, json)
Hash identifier: mi/CZaydftkXl4fo5zz+ROFR916PCo51Ahf5anu5VBY=
Subject key identifier: 3C:B3:76:DE:36:FD:0B:A7:20:96:BA:77:A1:00:48:39:FF:74:B1:6C
Certificate issuer: /CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Certificate serial: 03BFD9CE
Authority key identifier: 54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/PLN23jb9C6cglrp3oQBIOf90sWw.roa
Signing time: Thu 31 Mar 2022 11:01:11 +0000
ROA not before: Thu 31 Mar 2022 11:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35394
IP address blocks: 185.143.96.0/22 maxlen: 22
80.67.44.0/22 maxlen: 22
185.186.28.0/22 maxlen: 22
185.236.168.0/22 maxlen: 22
185.172.168.0/22 maxlen: 22
45.85.136.0/22 maxlen: 22
130.185.88.0/21 maxlen: 21
185.93.44.0/22 maxlen: 22
185.217.204.0/22 maxlen: 22
185.93.152.0/22 maxlen: 22
185.72.44.0/22 maxlen: 22
2a03:3d60::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62904782 (0x3bfd9ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Validity
Not Before: Mar 31 11:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3cb376de36fd0ba72096ba77a1004839ff74b16c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:21:62:64:e7:f7:40:44:16:ae:a2:f8:61:75:
f3:dc:dd:16:ad:09:57:39:a3:01:ef:a2:61:f4:fb:
0d:06:8d:50:b9:45:d3:c3:e8:ac:f5:e0:fa:fe:7f:
ae:ea:ee:5a:e4:e2:b1:6b:8b:ed:e1:9d:e4:7d:89:
33:3e:98:9f:bc:96:53:c8:f3:3a:f5:75:af:3d:42:
0a:4e:29:42:65:fa:d0:a6:d2:23:d0:d1:18:bd:35:
b4:0e:1e:85:38:ab:86:94:3a:01:f5:6b:a8:1c:eb:
95:31:11:df:3a:e8:b6:ce:4d:cc:79:83:03:65:e5:
a6:d3:ea:e9:38:fc:29:21:40:be:6b:fe:43:4e:03:
92:07:b7:aa:34:7e:41:83:f7:4a:12:c1:21:f4:16:
bc:6a:e8:78:23:35:60:63:94:80:93:27:b9:fa:4f:
40:b8:ab:9e:d8:02:87:32:fb:2e:9a:6e:f3:df:1d:
43:78:af:43:88:5c:35:ac:5b:76:ee:ae:8f:ac:81:
a4:a3:3b:5a:80:44:f2:b5:2f:f3:7c:6e:80:5c:72:
7d:00:31:b9:21:0c:b9:85:61:d6:87:84:77:99:6a:
87:92:d9:f7:25:52:79:82:cd:71:37:26:18:6b:b0:
55:72:50:a0:59:23:39:c1:15:c2:05:18:e0:9c:5d:
cc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:B3:76:DE:36:FD:0B:A7:20:96:BA:77:A1:00:48:39:FF:74:B1:6C
X509v3 Authority Key Identifier:
keyid:54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/PLN23jb9C6cglrp3oQBIOf90sWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/VNb_E0vWVvDOFNQQsCvsVR62miw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.136.0/22
80.67.44.0/22
130.185.88.0/21
185.72.44.0/22
185.93.44.0/22
185.93.152.0/22
185.143.96.0/22
185.172.168.0/22
185.186.28.0/22
185.217.204.0/22
185.236.168.0/22
IPv6:
2a03:3d60::/29
Signature Algorithm: sha256WithRSAEncryption
8d:48:2c:a0:87:43:5e:3a:0f:11:93:b8:39:ef:af:18:2d:92:
9a:f8:7c:9d:51:df:db:c6:50:03:c9:09:21:ce:12:76:1e:b6:
b4:1a:59:b7:37:d9:96:96:25:85:2a:0c:5f:c8:03:cb:84:fe:
21:f5:6f:49:32:6e:53:97:41:f8:c1:f6:ae:cb:22:c9:a8:f7:
61:8a:c2:21:85:44:5e:bb:ee:ca:ae:4e:c5:03:6d:31:59:62:
4f:d0:1e:b6:87:61:29:a2:b2:80:25:58:14:55:c0:ef:0b:53:
76:45:cd:15:48:fc:07:1e:b9:b1:9d:aa:2a:2b:e0:b7:4a:f3:
24:59:5f:38:02:30:cd:7f:97:d9:3e:5e:a3:03:a8:9d:f2:a7:
9a:f3:d1:63:41:a3:09:ec:e7:2b:98:3e:89:f5:9d:b6:ed:b0:
0e:e2:8d:85:c7:dd:2f:ee:a6:32:74:4d:78:51:2c:55:0e:31:
d9:39:a0:92:ea:61:3f:90:21:e8:04:25:a6:8f:55:1b:eb:d1:
5c:b3:44:ab:1e:4c:a4:6b:e4:c3:4d:04:2c:70:2d:81:2f:19:
08:c4:2f:a4:d4:47:12:5d:fa:3d:01:e1:9f:00:32:92:02:83:
74:f3:ec:43:4d:e3:0d:b2:bc:9a:bf:7c:a6:a5:00:37:21:10:
7f:d7:d3:58
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEA7/ZzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGQ2ZmYxMzRiZDY1NmYwY2UxNGQ0MTBiMDJiZWM1NTFlYjY5YTJjMB4XDTIyMDMz
MTExMDExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2NiMzc2ZGUzNmZk
MGJhNzIwOTZiYTc3YTEwMDQ4MzlmZjc0YjE2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIhYmTn90BEFq6i+GF189zdFq0JVzmjAe+iYfT7DQaNULlF
08PorPXg+v5/ruruWuTisWuL7eGd5H2JMz6Yn7yWU8jzOvV1rz1CCk4pQmX60KbS
I9DRGL01tA4ehTirhpQ6AfVrqBzrlTER3zrots5NzHmDA2XlptPq6Tj8KSFAvmv+
Q04Dkge3qjR+QYP3ShLBIfQWvGroeCM1YGOUgJMnufpPQLirntgChzL7Lppu898d
Q3ivQ4hcNaxbdu6uj6yBpKM7WoBE8rUv83xugFxyfQAxuSEMuYVh1oeEd5lqh5LZ
9yVSeYLNcTcmGGuwVXJQoFkjOcEVwgUY4JxdzCcCAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBQ8s3beNv0LpyCWunehAEg5/3SxbDAfBgNVHSMEGDAWgBRU1v8TS9ZW8M4U
1BCwK+xVHraaLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZOYl9FMHZXVnZET0ZOUVFzQ3ZzVlI2Mm1pdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvZjIxZWU3LTQ5MjUtNGRkNi1iMjAyLTY0Mjc4YzBkOGViZi8x
L1BMTjIzamI5QzZjZ2xycDNvUUJJT2Y5MHNXdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
ZjIxZWU3LTQ5MjUtNGRkNi1iMjAyLTY0Mjc4YzBkOGViZi8xL1ZOYl9FMHZXVnZE
T0ZOUVFzQ3ZzVlI2Mm1pdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEAi1ViAMEAlBDLAMEA4K5WAMEArlI
LAMEArldLAMEArldmAMEArmPYAMEArmsqAMEArm6HAMEArnZzAMEArnsqDANBAIA
AjAHAwUDKgM9YDANBgkqhkiG9w0BAQsFAAOCAQEAjUgsoIdDXjoPEZO4Oe+vGC2S
mvh8nVHf28ZQA8kJIc4Sdh62tBpZtzfZlpYlhSoMX8gDy4T+IfVvSTJuU5dB+MH2
rssiyaj3YYrCIYVEXrvuyq5OxQNtMVliT9AetodhKaKygCVYFFXA7wtTdkXNFUj8
Bx65sZ2qKivgt0rzJFlfOAIwzX+X2T5eowOonfKnmvPRY0GjCeznK5g+ifWdtu2w
DuKNhcfdL+6mMnRNeFEsVQ4x2TmgkuphP5Ah6AQlpo9VG+vRXLNEqx5MpGvkw00E
LHAtgS8ZCMQvpNRHEl36PQHhnwAykgKDdPPsQ03jDbK8mr98pqUANyEQf9fTWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:32 2024 by rpki-client on console-ams.rpki-client.org