Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/pec3ikGC30NklCGr5HPeWDv1R_4.roa
File: pec3ikGC30NklCGr5HPeWDv1R_4.roa (raw, json)
Hash identifier: PZZQrHiY8lcPMKQocEqbMt0qxR7pfrFpdUaKjQk4vVE=
Subject key identifier: A5:E7:37:8A:41:82:DF:43:64:94:21:AB:E4:73:DE:58:3B:F5:47:FE
Certificate issuer: /CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Certificate serial: 0A0B8AE9
Authority key identifier: E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/pec3ikGC30NklCGr5HPeWDv1R_4.roa
Signing time: Sat 01 Jan 2022 02:58:21 +0000
ROA not before: Sat 01 Jan 2022 02:58:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51859
IP address blocks: 87.237.204.0/24 maxlen: 24
87.237.204.0/22 maxlen: 24
87.237.200.0/21 maxlen: 24
87.237.201.0/24 maxlen: 24
87.237.202.0/23 maxlen: 24
87.237.203.0/24 maxlen: 24
185.29.100.0/22 maxlen: 24
188.93.120.0/21 maxlen: 24
91.222.4.0/22 maxlen: 24
2a04:2e40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168528617 (0xa0b8ae9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Validity
Not Before: Jan 1 02:58:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5e7378a4182df43649421abe473de583bf547fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ec:15:ac:5e:30:bf:4f:91:fc:1f:6f:06:20:
d0:ae:8d:ea:ae:b7:66:11:78:a8:3d:b5:97:db:e4:
da:fd:4e:66:47:8b:30:a2:bc:a3:1e:fd:d6:c3:70:
3e:1d:0b:28:c3:26:fe:25:eb:e9:19:22:cc:38:1c:
e4:3b:7b:45:35:7d:e5:8b:f6:61:0a:12:c3:6f:8e:
15:ec:26:03:8d:e0:0f:4c:eb:97:8e:2a:22:60:0b:
f8:f1:8b:6b:8a:b0:7d:1a:29:4b:59:06:17:91:8d:
90:1c:96:53:24:e0:2b:c5:9c:85:16:bf:18:d9:91:
45:75:44:87:3a:8a:cb:ab:fd:1a:e5:6f:39:5e:0b:
33:4f:e0:3e:86:3c:18:4e:d6:04:fe:70:ef:63:1c:
96:50:3e:e8:8a:fb:45:03:e6:4e:7c:71:ba:78:57:
ea:9a:b7:b3:e9:d5:be:54:01:56:ec:3d:bf:af:b1:
35:c0:18:f7:68:17:f0:43:da:f1:2f:9e:48:ba:47:
b7:b3:f6:5d:51:19:0d:b4:38:63:32:ab:3e:4f:50:
73:d3:40:99:64:5b:27:84:52:b6:86:07:2c:76:67:
66:16:d4:9e:34:02:76:2a:51:79:b5:a3:9d:00:b9:
ac:97:f9:39:e8:b4:70:b5:ff:d3:46:c2:40:49:db:
e8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E7:37:8A:41:82:DF:43:64:94:21:AB:E4:73:DE:58:3B:F5:47:FE
X509v3 Authority Key Identifier:
keyid:E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/pec3ikGC30NklCGr5HPeWDv1R_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/6T86Qea-UkEVxsK1WLwoAEOgIk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.200.0/21
91.222.4.0/22
185.29.100.0/22
188.93.120.0/21
IPv6:
2a04:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
b1:9f:6b:e7:d7:8f:8c:05:44:83:e4:50:f2:e2:d9:eb:a4:cb:
e5:5d:42:ed:1b:b9:56:d2:60:d5:da:a6:34:25:44:ab:38:f0:
ad:c5:2a:ab:f1:0d:e4:10:fe:61:3a:5f:94:88:5e:37:37:b2:
26:f9:47:3f:e6:09:a5:42:b0:24:f4:37:fd:53:8c:54:58:05:
19:ba:3b:ec:a9:06:58:7c:dc:8d:ca:d5:14:a7:c7:57:cd:1e:
2e:00:3b:b3:53:6b:13:3d:fb:0c:e2:f3:9e:f9:6a:2e:d0:b3:
6a:44:29:a6:85:c0:d6:d9:84:d4:e9:07:aa:3c:ab:30:4f:9e:
bc:3c:ab:df:b4:7f:8a:1a:9c:8d:c0:44:59:03:92:0f:59:ed:
98:33:a7:ca:6c:8f:40:3d:d9:c9:5d:7d:fa:be:e4:89:95:32:
58:f8:2d:5b:03:3b:31:86:3d:59:d8:aa:bc:16:33:96:89:ee:
97:63:9a:9e:06:62:86:2d:9e:b6:bd:3a:0a:bb:cd:b2:4d:ee:
82:61:bf:7e:6f:18:63:9b:cd:4c:dd:95:5b:c4:6b:d1:cd:bc:
73:35:3c:65:48:42:de:ac:d1:b1:01:22:56:13:35:ae:93:04:
26:91:f6:c6:d3:18:76:2f:e4:42:e2:14:f8:61:e1:f7:1b:d4:
56:33:61:90
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECguK6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OTNmM2E0MWU2YmU1MjQxMTVjNmMyYjU1OGJjMjgwMDQzYTAyMjRlMB4XDTIyMDEw
MTAyNTgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVlNzM3OGE0MTgy
ZGY0MzY0OTQyMWFiZTQ3M2RlNTgzYmY1NDdmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnsFaxeML9PkfwfbwYg0K6N6q63ZhF4qD21l9vk2v1OZkeL
MKK8ox791sNwPh0LKMMm/iXr6RkizDgc5Dt7RTV95Yv2YQoSw2+OFewmA43gD0zr
l44qImAL+PGLa4qwfRopS1kGF5GNkByWUyTgK8WchRa/GNmRRXVEhzqKy6v9GuVv
OV4LM0/gPoY8GE7WBP5w72McllA+6Ir7RQPmTnxxunhX6pq3s+nVvlQBVuw9v6+x
NcAY92gX8EPa8S+eSLpHt7P2XVEZDbQ4YzKrPk9Qc9NAmWRbJ4RStoYHLHZnZhbU
njQCdipRebWjnQC5rJf5Oei0cLX/00bCQEnb6K8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSl5zeKQYLfQ2SUIavkc95YO/VH/jAfBgNVHSMEGDAWgBTpPzpB5r5SQRXG
wrVYvCgAQ6AiTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZUODZRZWEtVWtFVnhzSzFXTHdvQUVPZ0lrNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvYTE3NDBlLTg0MDQtNDJkMi1hZjVjLTEwZTI0NjI1YTRkNC8x
L3BlYzNpa0dDMzBOa2xDR3I1SFBlV0R2MVJfNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
YTE3NDBlLTg0MDQtNDJkMi1hZjVjLTEwZTI0NjI1YTRkNC8xLzZUODZRZWEtVWtF
VnhzSzFXTHdvQUVPZ0lrNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA1ftyAMEAlveBAMEArkdZAMEA7xd
eDANBAIAAjAHAwUDKgQuQDANBgkqhkiG9w0BAQsFAAOCAQEAsZ9r59ePjAVEg+RQ
8uLZ66TL5V1C7Ru5VtJg1dqmNCVEqzjwrcUqq/EN5BD+YTpflIheNzeyJvlHP+YJ
pUKwJPQ3/VOMVFgFGbo77KkGWHzcjcrVFKfHV80eLgA7s1NrEz37DOLznvlqLtCz
akQppoXA1tmE1OkHqjyrME+evDyr37R/ihqcjcBEWQOSD1ntmDOnymyPQD3ZyV19
+r7kiZUyWPgtWwM7MYY9WdiqvBYzlonul2OangZihi2etr06CrvNsk3ugmG/fm8Y
Y5vNTN2VW8Rr0c28czU8ZUhC3qzRsQEiVhM1rpMEJpH2xtMYdi/kQuIU+GHh9xvU
VjNhkA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:49 2023 by rpki-client on console-ams.rpki-client.org