Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/PA_v3ptFTh5lXm8WwbOW6l2cI0k.roa
File: PA_v3ptFTh5lXm8WwbOW6l2cI0k.roa (raw, json)
Hash identifier: sHhMalPASP2RT+ICZ7LiMLKlZOFBOeCVG4Anacb+iRs=
Subject key identifier: 3C:0F:EF:DE:9B:45:4E:1E:65:5E:6F:16:C1:B3:96:EA:5D:9C:23:49
Certificate issuer: /CN=d3e8d4cb8e442ec38a6bc3fa400a2a517cee0d1e
Certificate serial: 01856F391E5B74466F6326473705546F3A41
Authority key identifier: D3:E8:D4:CB:8E:44:2E:C3:8A:6B:C3:FA:40:0A:2A:51:7C:EE:0D:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-jUy45ELsOKa8P6QAoqUXzuDR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/PA_v3ptFTh5lXm8WwbOW6l2cI0k.roa
Signing time: Sun 01 Jan 2023 21:24:52 +0000
ROA not before: Sun 01 Jan 2023 21:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48659
IP address blocks: 185.29.84.0/24 maxlen: 24
185.29.85.0/24 maxlen: 24
185.29.86.0/24 maxlen: 24
185.29.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:1e:5b:74:46:6f:63:26:47:37:05:54:6f:3a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e8d4cb8e442ec38a6bc3fa400a2a517cee0d1e
Validity
Not Before: Jan 1 21:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c0fefde9b454e1e655e6f16c1b396ea5d9c2349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:22:3b:85:c0:a4:1f:13:a7:91:e6:fe:f6:6a:
de:b6:db:a0:71:8c:96:23:a6:cc:42:a9:ac:5c:6d:
12:3d:e5:84:11:50:f7:d6:46:84:11:48:78:be:52:
09:88:e6:a0:85:02:8a:9a:ac:5a:05:1c:92:05:4f:
30:02:6d:2d:28:f9:15:be:b0:49:a6:75:c6:0f:9c:
8c:10:54:ff:75:c7:2f:93:ee:84:3a:ac:25:fa:d6:
3a:4c:96:56:81:19:a9:78:19:38:94:05:49:cc:d1:
d1:99:81:20:15:a8:2e:e7:c2:18:bf:53:ba:f1:9e:
61:23:c9:47:3e:78:59:64:6c:9e:7d:f6:9a:35:67:
c9:6b:31:d0:3d:e7:26:f6:c5:7b:3d:97:65:b6:97:
77:4b:df:3c:42:8f:5c:fb:c1:4d:37:5e:60:8d:ae:
4d:64:f6:c1:cf:9f:79:ec:c7:93:43:97:df:3c:81:
0e:67:4d:b6:89:44:f2:f0:5c:19:ba:8c:4e:1f:29:
df:77:a5:45:23:d4:b8:ae:49:86:6a:e9:7a:a0:67:
c0:e0:c3:de:8c:0d:77:ed:0c:6c:97:6f:ef:dd:5d:
5d:75:b4:57:28:b1:be:6b:01:08:49:46:62:bf:85:
b0:6e:ba:ff:7b:c6:4c:ee:23:91:fe:40:a0:fd:00:
f6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:0F:EF:DE:9B:45:4E:1E:65:5E:6F:16:C1:B3:96:EA:5D:9C:23:49
X509v3 Authority Key Identifier:
keyid:D3:E8:D4:CB:8E:44:2E:C3:8A:6B:C3:FA:40:0A:2A:51:7C:EE:0D:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-jUy45ELsOKa8P6QAoqUXzuDR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/PA_v3ptFTh5lXm8WwbOW6l2cI0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/0-jUy45ELsOKa8P6QAoqUXzuDR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.84.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:21:13:1e:f3:de:9d:f8:29:7e:af:21:2f:ec:a7:06:36:2d:
a5:be:bb:3d:aa:50:c2:af:cd:7c:b4:02:5e:8b:b9:40:21:3d:
cc:6b:80:41:af:1b:ce:15:c5:bc:52:c2:12:b3:57:04:38:1a:
4e:0b:a1:70:56:05:f6:28:34:06:56:07:28:dd:d3:b3:2e:1d:
79:2c:20:61:cd:2e:aa:2d:89:ab:25:b1:78:88:d7:2d:69:83:
40:2d:fb:67:02:c6:0e:8a:a0:97:f8:70:2e:2d:b3:bc:57:cb:
75:e2:7d:3a:e7:f4:08:0b:44:b2:92:cd:94:5a:6f:c1:30:ef:
83:2f:c2:96:da:23:93:c0:a0:8d:ae:e2:ba:60:f1:3f:33:76:
e7:da:f9:a0:10:d2:c7:17:b5:26:2e:d0:ff:35:9d:dc:d5:56:
24:fa:c1:01:87:1c:48:b1:2a:c4:2d:41:e1:0a:9e:7b:e5:97:
3c:40:1d:bb:24:30:47:3c:f4:ac:9b:98:58:3c:e6:85:c2:8b:
a4:50:d9:2a:79:28:55:67:fd:38:27:be:ba:0e:83:95:21:ff:
0c:72:23:4c:fd:b7:24:ac:9e:97:61:93:e6:ec:18:c0:7f:99:
e2:69:c3:4f:e7:d0:f6:03:40:61:cd:ed:3f:30:44:b4:69:13:
49:8c:53:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOR5bdEZvYyZHNwVUbzpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZThkNGNiOGU0NDJlYzM4YTZiYzNmYTQwMGEyYTUxN2Nl
ZTBkMWUwHhcNMjMwMTAxMjEyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzBmZWZkZTliNDU0ZTFlNjU1ZTZmMTZjMWIzOTZlYTVkOWMyMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyI7hcCkHxOnkeb+9mrettugcYyW
I6bMQqmsXG0SPeWEEVD31kaEEUh4vlIJiOaghQKKmqxaBRySBU8wAm0tKPkVvrBJ
pnXGD5yMEFT/dccvk+6EOqwl+tY6TJZWgRmpeBk4lAVJzNHRmYEgFagu58IYv1O6
8Z5hI8lHPnhZZGyeffaaNWfJazHQPecm9sV7PZdltpd3S988Qo9c+8FNN15gja5N
ZPbBz5957MeTQ5ffPIEOZ022iUTy8FwZuoxOHynfd6VFI9S4rkmGaul6oGfA4MPe
jA137Qxsl2/v3V1ddbRXKLG+awEISUZiv4Wwbrr/e8ZM7iOR/kCg/QD29QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwP796bRU4eZV5vFsGzlupdnCNJMB8GA1UdIwQY
MBaAFNPo1MuORC7DimvD+kAKKlF87g0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1qVXk0NUVMc09LYThQNlFBb3FVWHp1RFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi82Yjg1MGEtNGYxMi00MjA2LWE1MGYt
NWQ1ODcxMWYzNjYyLzEvUEFfdjNwdEZUaDVsWG04V3diT1c2bDJjSTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi82Yjg1MGEtNGYxMi00MjA2LWE1MGYtNWQ1ODcxMWYzNjYy
LzEvMC1qVXk0NUVMc09LYThQNlFBb3FVWHp1RFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR1UMA0G
CSqGSIb3DQEBCwUAA4IBAQChIRMe896d+Cl+ryEv7KcGNi2lvrs9qlDCr818tAJe
i7lAIT3Ma4BBrxvOFcW8UsISs1cEOBpOC6FwVgX2KDQGVgco3dOzLh15LCBhzS6q
LYmrJbF4iNctaYNALftnAsYOiqCX+HAuLbO8V8t14n065/QIC0Syks2UWm/BMO+D
L8KW2iOTwKCNruK6YPE/M3bn2vmgENLHF7UmLtD/NZ3c1VYk+sEBhxxIsSrELUHh
Cp575Zc8QB27JDBHPPSsm5hYPOaFwoukUNkqeShVZ/04J766DoOVIf8MciNM/bck
rJ6XYZPm7BjAf5niacNP59D2A0Bhze0/MES0aRNJjFP+
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:03:26 2025 by rpki-client