Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/pgxrUabknSMQ9y-c_rxMkzR69N0.roa
File: pgxrUabknSMQ9y-c_rxMkzR69N0.roa (raw, json)
Hash identifier: ok/Sy5nktvFlr9SIT5OGjnADfxBj+j1ymUzYkI3ij08=
Subject key identifier: A6:0C:6B:51:A6:E4:9D:23:10:F7:2F:9C:FE:BC:4C:93:34:7A:F4:DD
Certificate issuer: /CN=916f80c35f202eb02766419bfb7d282125ffe158
Certificate serial: 01856C8A5D531BD668C49314B945F9755466
Authority key identifier: 91:6F:80:C3:5F:20:2E:B0:27:66:41:9B:FB:7D:28:21:25:FF:E1:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kW-Aw18gLrAnZkGb-30oISX_4Vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/pgxrUabknSMQ9y-c_rxMkzR69N0.roa
Signing time: Sun 01 Jan 2023 08:54:45 +0000
ROA not before: Sun 01 Jan 2023 08:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58273
IP address blocks: 148.252.16.0/20 maxlen: 24
185.89.32.0/22 maxlen: 24
185.201.32.0/22 maxlen: 24
194.113.44.0/22 maxlen: 24
5.83.8.0/21 maxlen: 24
2a01:6240::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:5d:53:1b:d6:68:c4:93:14:b9:45:f9:75:54:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=916f80c35f202eb02766419bfb7d282125ffe158
Validity
Not Before: Jan 1 08:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a60c6b51a6e49d2310f72f9cfebc4c93347af4dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:73:15:d0:17:0c:21:ce:1f:6c:6a:6f:e8:03:
c0:75:bf:78:38:04:d4:88:95:f7:93:d7:5e:89:5c:
d3:8c:3c:7e:5f:95:bf:de:f3:2b:8c:81:99:3a:42:
d5:cc:91:7c:42:9a:22:ea:81:80:8b:79:c7:99:83:
1b:64:9e:69:50:db:2a:c3:28:0e:5b:ef:92:d3:c6:
79:00:94:39:7f:4a:d5:01:62:ad:3d:61:10:f7:49:
10:77:76:b3:5e:3c:0a:6b:c4:d6:d4:62:4c:7e:51:
a8:3d:ff:f3:f0:f1:83:7e:9b:4d:6f:41:a8:d8:c9:
b2:92:7d:27:a5:25:ab:f3:32:dc:82:3f:cc:07:85:
50:da:7f:8e:4b:3b:ec:cf:07:51:8f:63:e7:be:9b:
94:31:fb:88:b6:f5:1b:b9:fe:30:1b:fc:de:73:af:
cc:c3:e0:86:d7:06:df:a2:0f:ca:28:2b:7c:65:fa:
bc:fc:1f:d0:d5:53:16:89:5e:b6:3e:bf:01:e4:39:
61:55:66:c9:af:d3:ac:e2:0f:db:9d:a1:2b:c4:be:
44:a0:c9:03:c3:e5:26:5f:ba:9c:12:5a:d0:13:5b:
53:75:b8:4c:23:3f:54:99:e1:bb:dd:74:34:0f:32:
c3:72:63:51:23:24:c1:bc:98:43:01:68:bb:a1:e5:
c6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:0C:6B:51:A6:E4:9D:23:10:F7:2F:9C:FE:BC:4C:93:34:7A:F4:DD
X509v3 Authority Key Identifier:
keyid:91:6F:80:C3:5F:20:2E:B0:27:66:41:9B:FB:7D:28:21:25:FF:E1:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kW-Aw18gLrAnZkGb-30oISX_4Vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/pgxrUabknSMQ9y-c_rxMkzR69N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/kW-Aw18gLrAnZkGb-30oISX_4Vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.8.0/21
148.252.16.0/20
185.89.32.0/22
185.201.32.0/22
194.113.44.0/22
IPv6:
2a01:6240::/29
Signature Algorithm: sha256WithRSAEncryption
76:59:14:09:87:43:13:c3:aa:11:85:d5:5c:a9:40:38:40:26:
f7:6a:40:48:2c:a5:93:f4:85:8f:eb:d1:28:40:a2:28:8d:e2:
58:b2:4c:ac:7e:e9:98:30:91:f0:bf:44:89:77:31:1b:59:80:
3e:5e:25:c2:82:05:78:93:7c:f8:dc:20:11:43:86:58:76:b8:
fa:a9:a4:a9:9b:74:51:2f:85:a1:45:46:e9:78:f9:23:0b:7f:
ba:f3:34:ba:4c:c8:b5:43:eb:44:5d:a0:02:76:2e:93:96:7f:
86:11:69:64:2f:93:29:5c:7c:25:29:a1:a6:0c:b5:b7:6f:bf:
64:29:1e:af:e6:69:fa:92:ff:ba:68:af:39:11:56:07:67:e5:
32:0d:c2:72:cc:6d:17:47:a0:09:9d:39:c4:61:a8:cf:34:e5:
6b:67:0f:8c:5d:12:fb:8d:5a:96:0a:c3:d6:16:b2:31:10:8c:
b6:a6:70:ca:1b:47:74:ce:44:8a:90:b4:cf:8a:32:4e:5c:07:
ce:66:92:a2:b9:4a:81:2f:3a:aa:31:6a:18:06:f7:78:8c:b1:
62:a0:cb:01:e7:a5:6f:0a:53:15:49:d1:2f:23:ec:18:5b:06:
b8:96:6d:dc:a1:b3:35:96:95:18:8a:8d:5c:84:d7:a1:d7:9b:
ed:d1:43:d8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsil1TG9ZoxJMUuUX5dVRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNmY4MGMzNWYyMDJlYjAyNzY2NDE5YmZiN2QyODIxMjVm
ZmUxNTgwHhcNMjMwMTAxMDg1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjBjNmI1MWE2ZTQ5ZDIzMTBmNzJmOWNmZWJjNGM5MzM0N2FmNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHMV0BcMIc4fbGpv6APAdb94OATU
iJX3k9deiVzTjDx+X5W/3vMrjIGZOkLVzJF8Qpoi6oGAi3nHmYMbZJ5pUNsqwygO
W++S08Z5AJQ5f0rVAWKtPWEQ90kQd3azXjwKa8TW1GJMflGoPf/z8PGDfptNb0Go
2Mmykn0npSWr8zLcgj/MB4VQ2n+OSzvszwdRj2PnvpuUMfuItvUbuf4wG/zec6/M
w+CG1wbfog/KKCt8Zfq8/B/Q1VMWiV62Pr8B5DlhVWbJr9Os4g/bnaErxL5EoMkD
w+UmX7qcElrQE1tTdbhMIz9UmeG73XQ0DzLDcmNRIyTBvJhDAWi7oeXGOwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKYMa1Gm5J0jEPcvnP68TJM0evTdMB8GA1UdIwQY
MBaAFJFvgMNfIC6wJ2ZBm/t9KCEl/+FYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1ctQXcxOGdMckFuWmtHYi0zMG9JU1hfNFZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84ZDlhYzEtZDM1ZC00ZTMyLWI4M2Yt
YzEwY2M5NTNiZDFiLzEvcGd4clVhYmtuU01ROXktY19yeE1relI2OU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84ZDlhYzEtZDM1ZC00ZTMyLWI4M2YtYzEwY2M5NTNiZDFi
LzEva1ctQXcxOGdMckFuWmtHYi0zMG9JU1hfNFZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBVMIAwQE
lPwQAwQCuVkgAwQCuckgAwQCwnEsMA0EAgACMAcDBQMqAWJAMA0GCSqGSIb3DQEB
CwUAA4IBAQB2WRQJh0MTw6oRhdVcqUA4QCb3akBILKWT9IWP69EoQKIojeJYskys
fumYMJHwv0SJdzEbWYA+XiXCggV4k3z43CARQ4ZYdrj6qaSpm3RRL4WhRUbpePkj
C3+68zS6TMi1Q+tEXaACdi6Tln+GEWlkL5MpXHwlKaGmDLW3b79kKR6v5mn6kv+6
aK85EVYHZ+UyDcJyzG0XR6AJnTnEYajPNOVrZw+MXRL7jVqWCsPWFrIxEIy2pnDK
G0d0zkSKkLTPijJOXAfOZpKiuUqBLzqqMWoYBvd4jLFioMsB56VvClMVSdEvI+wY
Wwa4lm3cobM1lpUYio1chNeh15vt0UPY
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:49:48 2025 by rpki-client