Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/pfsWD-NRtYx2LDRfeV6Os57Xl_A.roa
File: pfsWD-NRtYx2LDRfeV6Os57Xl_A.roa (raw, json)
Hash identifier: p8shoqEHM0f0gJLeRk9HOSRnh3wbONxjmojujLzWDZk=
Subject key identifier: A5:FB:16:0F:E3:51:B5:8C:76:2C:34:5F:79:5E:8E:B3:9E:D7:97:F0
Certificate issuer: /CN=4ec3a062cb96d9a3f21a8b2da848f81c6f73bf95
Certificate serial: 05A1E0E9
Authority key identifier: 4E:C3:A0:62:CB:96:D9:A3:F2:1A:8B:2D:A8:48:F8:1C:6F:73:BF:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TsOgYsuW2aPyGostqEj4HG9zv5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/pfsWD-NRtYx2LDRfeV6Os57Xl_A.roa
Signing time: Sat 01 Jan 2022 13:55:15 +0000
ROA not before: Sat 01 Jan 2022 13:55:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44932
IP address blocks: 185.147.176.0/24 maxlen: 24
185.147.179.0/24 maxlen: 24
185.147.177.0/24 maxlen: 24
185.147.178.0/24 maxlen: 24
2a0b:1fc0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94494953 (0x5a1e0e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ec3a062cb96d9a3f21a8b2da848f81c6f73bf95
Validity
Not Before: Jan 1 13:55:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5fb160fe351b58c762c345f795e8eb39ed797f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ba:15:66:08:8c:5c:54:21:72:2e:e7:d4:be:
0e:0b:07:1a:53:75:70:bb:23:3c:0b:e7:52:a7:25:
85:30:46:a4:ba:11:ce:75:b9:00:c1:ef:74:57:4b:
77:af:1e:46:f3:13:fc:b2:bc:15:1d:ca:90:f0:0a:
4e:0f:49:f5:bc:75:79:08:9e:56:8f:19:18:00:63:
d9:d3:40:62:ec:7a:e2:67:34:b3:7b:48:87:35:18:
ea:c5:68:b2:b1:ed:42:54:3b:94:41:ff:0c:49:13:
80:ad:cc:a9:e0:33:14:27:b6:39:7b:56:f5:23:d2:
c9:32:ca:6c:38:6e:77:41:4d:ca:5a:28:7c:6a:12:
67:19:75:ea:04:4e:8f:ba:54:f6:81:35:aa:f9:e4:
71:13:4f:51:9a:59:c5:9c:a9:47:68:11:0d:8e:04:
e9:90:d1:d6:ef:cd:9b:f0:a1:98:39:bc:83:b5:93:
0e:ab:bb:06:a6:5f:87:9b:1f:13:46:1f:79:14:1c:
bb:64:cf:02:3f:5c:72:52:17:2f:bc:9f:2d:ba:15:
a6:21:1e:fc:47:50:fa:09:7a:35:5d:3a:11:7c:53:
cf:1d:f5:2d:53:f6:2c:a3:69:82:4e:d6:32:b5:f9:
a4:34:36:d9:fe:5e:10:40:1f:53:d6:10:3d:44:e2:
76:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:FB:16:0F:E3:51:B5:8C:76:2C:34:5F:79:5E:8E:B3:9E:D7:97:F0
X509v3 Authority Key Identifier:
keyid:4E:C3:A0:62:CB:96:D9:A3:F2:1A:8B:2D:A8:48:F8:1C:6F:73:BF:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsOgYsuW2aPyGostqEj4HG9zv5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/pfsWD-NRtYx2LDRfeV6Os57Xl_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/TsOgYsuW2aPyGostqEj4HG9zv5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.176.0/22
IPv6:
2a0b:1fc0::/29
Signature Algorithm: sha256WithRSAEncryption
95:49:46:2a:6f:0c:7f:75:ad:a6:f6:30:a0:26:ed:53:75:bd:
ae:8b:a7:d2:3f:df:3a:cf:15:ed:ac:f1:b5:42:78:a4:14:48:
de:c6:8f:53:c4:b3:7d:fe:85:21:11:66:46:14:8e:c0:b7:02:
09:eb:15:91:49:23:1b:ef:f8:de:1d:c3:6a:17:03:d7:24:d6:
5e:42:ad:df:f0:90:77:45:4e:49:12:9b:97:fc:44:e3:98:8a:
5a:b8:75:99:e4:b4:ba:c6:23:82:d4:26:a7:52:f8:1f:3b:51:
0e:6a:e4:79:31:48:8e:99:02:07:a4:de:2d:0a:c0:2e:80:94:
39:fa:54:c9:31:30:ae:76:ba:e1:05:67:d0:aa:a5:9d:b6:2c:
e5:f0:2f:ec:58:dc:ee:b8:f6:18:0b:49:40:a4:4f:e9:21:81:
99:2d:dd:aa:9c:f0:60:23:e0:6e:c2:c6:12:f6:e3:76:ae:66:
2f:d6:49:5e:ea:9d:3f:72:86:d6:d2:ec:56:f6:ee:85:a3:aa:
5f:6c:38:8c:cc:5f:74:fc:74:a5:c9:69:b1:ee:f6:fb:f0:86:
14:73:2a:98:5c:b9:ed:f0:e1:a5:a6:bb:44:b4:a9:e1:5b:5a:
b3:7f:1a:b6:e5:94:9a:3b:31:f4:95:ea:e6:cf:f2:5a:c8:67:
51:9a:f1:16
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBaHg6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZWMzYTA2MmNiOTZkOWEzZjIxYThiMmRhODQ4ZjgxYzZmNzNiZjk1MB4XDTIyMDEw
MTEzNTUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVmYjE2MGZlMzUx
YjU4Yzc2MmMzNDVmNzk1ZThlYjM5ZWQ3OTdmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+6FWYIjFxUIXIu59S+DgsHGlN1cLsjPAvnUqclhTBGpLoR
znW5AMHvdFdLd68eRvMT/LK8FR3KkPAKTg9J9bx1eQieVo8ZGABj2dNAYux64mc0
s3tIhzUY6sVosrHtQlQ7lEH/DEkTgK3MqeAzFCe2OXtW9SPSyTLKbDhud0FNyloo
fGoSZxl16gROj7pU9oE1qvnkcRNPUZpZxZypR2gRDY4E6ZDR1u/Nm/ChmDm8g7WT
Dqu7BqZfh5sfE0YfeRQcu2TPAj9cclIXL7yfLboVpiEe/EdQ+gl6NV06EXxTzx31
LVP2LKNpgk7WMrX5pDQ22f5eEEAfU9YQPUTidv0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSl+xYP41G1jHYsNF95Xo6znteX8DAfBgNVHSMEGDAWgBROw6Biy5bZo/Ia
iy2oSPgcb3O/lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RzT2dZc3VXMmFQeUdvc3RxRWo0SEc5enY1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvNzg2YjUxLWUyZGYtNGZkNi05YzliLWY1NjdjM2U5ZjVmZi8x
L3Bmc1dELU5SdFl4MkxEUmZlVjZPczU3WGxfQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
Nzg2YjUxLWUyZGYtNGZkNi05YzliLWY1NjdjM2U5ZjVmZi8xL1RzT2dZc3VXMmFQ
eUdvc3RxRWo0SEc5enY1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmTsDANBAIAAjAHAwUDKgsfwDAN
BgkqhkiG9w0BAQsFAAOCAQEAlUlGKm8Mf3WtpvYwoCbtU3W9roun0j/fOs8V7azx
tUJ4pBRI3saPU8Szff6FIRFmRhSOwLcCCesVkUkjG+/43h3DahcD1yTWXkKt3/CQ
d0VOSRKbl/xE45iKWrh1meS0usYjgtQmp1L4HztRDmrkeTFIjpkCB6TeLQrALoCU
OfpUyTEwrna64QVn0KqlnbYs5fAv7Fjc7rj2GAtJQKRP6SGBmS3dqpzwYCPgbsLG
Evbjdq5mL9ZJXuqdP3KG1tLsVvbuhaOqX2w4jMxfdPx0pclpse72+/CGFHMqmFy5
7fDhpaa7RLSp4Vtas38atuWUmjsx9JXq5s/yWshnUZrxFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:13 2024 by rpki-client on console-fra.rpki-client.org