Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/pfW4bcwBGMihNRHynLG6nq_G_aA.roa
File: pfW4bcwBGMihNRHynLG6nq_G_aA.roa (raw, json)
Hash identifier: 6cW7R+3e9JWaqGlYxCw/Ss2lDs9whYuQyyEAjUrUv8s=
Subject key identifier: A5:F5:B8:6D:CC:01:18:C8:A1:35:11:F2:9C:B1:BA:9E:AF:C6:FD:A0
Certificate issuer: /CN=b96e8b6d73f2f38548996f66621330a8d7108529
Certificate serial: 068B663B
Authority key identifier: B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/pfW4bcwBGMihNRHynLG6nq_G_aA.roa
Signing time: Sat 01 Jan 2022 04:56:08 +0000
ROA not before: Sat 01 Jan 2022 04:56:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43366
IP address blocks: 192.145.24.0/22 maxlen: 24
5.133.84.0/22 maxlen: 24
185.197.188.0/22 maxlen: 24
185.205.240.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109798971 (0x68b663b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b96e8b6d73f2f38548996f66621330a8d7108529
Validity
Not Before: Jan 1 04:56:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5f5b86dcc0118c8a13511f29cb1ba9eafc6fda0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:58:9f:b6:39:f9:24:2c:72:26:70:e2:59:34:
9b:39:27:69:b1:cb:35:bb:e4:4d:ff:bf:0f:e4:46:
ed:74:0c:d5:93:3a:da:11:1f:ac:f9:2b:42:dd:11:
70:5d:e4:e4:b6:9f:c1:c9:c0:27:c8:e3:1a:ef:96:
b3:f4:a1:b2:9f:8a:92:38:86:3b:62:5c:0b:bb:93:
17:ee:6c:94:9b:06:22:e3:c3:02:78:7b:9b:f2:29:
ac:b7:f6:a1:e7:87:51:8d:86:4d:27:98:01:33:05:
e3:ad:48:a6:e6:87:9c:17:b4:ab:7f:7d:19:fd:01:
5b:ee:fd:77:0d:08:59:09:91:50:e6:04:a8:5e:ab:
a0:67:b6:5d:d8:65:94:83:a9:f1:0c:b5:74:b2:19:
24:c1:b2:71:fd:30:bc:b2:2f:6b:47:18:98:9a:e0:
d2:f4:50:89:d5:df:9b:40:3f:36:f5:56:08:5f:4e:
4a:a9:47:15:da:6f:f8:81:02:03:0f:35:a4:28:fa:
75:cd:dd:0e:b4:b9:45:b2:b6:b3:49:6a:49:8a:15:
c9:b9:8b:44:d8:a3:ef:ce:1e:7f:bd:52:88:fc:23:
08:89:5d:44:d6:1f:a4:2d:3b:4a:84:56:8d:64:28:
c7:e8:8b:42:0f:ef:d6:64:36:44:8b:9d:72:43:d8:
12:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F5:B8:6D:CC:01:18:C8:A1:35:11:F2:9C:B1:BA:9E:AF:C6:FD:A0
X509v3 Authority Key Identifier:
keyid:B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/pfW4bcwBGMihNRHynLG6nq_G_aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.84.0/22
185.197.188.0/22
185.205.240.0/22
192.145.24.0/22
Signature Algorithm: sha256WithRSAEncryption
24:d5:bf:f7:a5:32:fc:13:b4:53:dc:05:85:94:93:af:f6:38:
16:39:c5:86:ca:c7:94:f9:d5:b1:a9:e4:2a:cf:ff:21:2f:49:
dd:d3:19:8d:8b:c2:81:e3:eb:27:14:f8:52:a2:00:4a:91:f5:
c3:3c:6f:c8:74:4d:cf:9a:fc:e6:10:12:9b:79:fe:4c:45:3c:
14:c6:fa:7d:0b:ac:07:9f:56:bb:df:7e:b5:f6:51:97:89:b0:
c1:0a:ba:4a:15:7d:60:f4:d3:d5:d1:59:ef:13:83:29:67:61:
5c:97:9f:54:06:ce:34:52:e7:6d:20:67:5f:7f:e0:f5:de:02:
3d:5e:c9:7d:4a:e5:ae:b0:84:c7:3f:19:0a:b8:5b:2c:38:07:
f6:46:97:6f:fb:e7:cf:90:9e:6e:c6:d8:28:d3:fb:72:e3:42:
de:87:a7:4f:b9:d4:2d:25:89:6f:79:77:64:76:92:5d:d2:dd:
f2:32:09:1a:bc:cf:c5:b9:cd:58:36:04:8c:02:d0:8b:f6:81:
03:8b:c8:81:5c:4d:ab:e2:12:91:56:8e:9c:36:ed:ef:a4:77:
46:49:a3:2b:12:da:2b:a1:02:bc:dc:a0:a8:63:8b:1b:99:52:
a9:cc:70:8f:48:35:80:87:29:50:9c:e7:87:2a:b0:13:35:f8:
d5:e8:19:3a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBotmOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTZlOGI2ZDczZjJmMzg1NDg5OTZmNjY2MjEzMzBhOGQ3MTA4NTI5MB4XDTIyMDEw
MTA0NTYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVmNWI4NmRjYzAx
MThjOGExMzUxMWYyOWNiMWJhOWVhZmM2ZmRhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhYn7Y5+SQsciZw4lk0mzknabHLNbvkTf+/D+RG7XQM1ZM6
2hEfrPkrQt0RcF3k5LafwcnAJ8jjGu+Ws/Shsp+KkjiGO2JcC7uTF+5slJsGIuPD
Anh7m/IprLf2oeeHUY2GTSeYATMF461IpuaHnBe0q399Gf0BW+79dw0IWQmRUOYE
qF6roGe2XdhllIOp8Qy1dLIZJMGycf0wvLIva0cYmJrg0vRQidXfm0A/NvVWCF9O
SqlHFdpv+IECAw81pCj6dc3dDrS5RbK2s0lqSYoVybmLRNij784ef71SiPwjCIld
RNYfpC07SoRWjWQox+iLQg/v1mQ2RIudckPYEn8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSl9bhtzAEYyKE1EfKcsbqer8b9oDAfBgNVHSMEGDAWgBS5bottc/LzhUiZ
b2ZiEzCo1xCFKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VXNkxiWFB5ODRWSW1XOW1ZaE13cU5jUWhTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzE0YTYyLWFhNmEtNDg2ZC1iOWU2LWJjMDA0NjQ5ZWU5OS8x
L3BmVzRiY3dCR01paE5SSHluTEc2bnFfR19hQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
YzE0YTYyLWFhNmEtNDg2ZC1iOWU2LWJjMDA0NjQ5ZWU5OS8xL3VXNkxiWFB5ODRW
SW1XOW1ZaE13cU5jUWhTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAgWFVAMEArnFvAMEArnN8AMEAsCR
GDANBgkqhkiG9w0BAQsFAAOCAQEAJNW/96Uy/BO0U9wFhZSTr/Y4FjnFhsrHlPnV
sankKs//IS9J3dMZjYvCgePrJxT4UqIASpH1wzxvyHRNz5r85hASm3n+TEU8FMb6
fQusB59Wu99+tfZRl4mwwQq6ShV9YPTT1dFZ7xODKWdhXJefVAbONFLnbSBnX3/g
9d4CPV7JfUrlrrCExz8ZCrhbLDgH9kaXb/vnz5CebsbYKNP7cuNC3oenT7nULSWJ
b3l3ZHaSXdLd8jIJGrzPxbnNWDYEjALQi/aBA4vIgVxNq+ISkVaOnDbt76R3Rkmj
KxLaK6ECvNygqGOLG5lSqcxwj0g1gIcpUJznhyqwEzX41egZOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:01 2024 by rpki-client on console-ams.rpki-client.org