Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PFaTvH62BuRwWBFlE54kv3Z_yGA.roa
File: PFaTvH62BuRwWBFlE54kv3Z_yGA.roa (raw, json)
Hash identifier: U9Qxap4gPg3ip3fMuJDGT10dc+ZkS88YWNCQre+PLps=
Subject key identifier: 3C:56:93:BC:7E:B6:06:E4:70:58:11:65:13:9E:24:BF:76:7F:C8:60
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0182FA2DCFC52DA0937B09814CDE9EC8072C
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PFaTvH62BuRwWBFlE54kv3Z_yGA.roa
Signing time: Thu 01 Sep 2022 17:51:22 +0000
ROA not before: Thu 01 Sep 2022 17:51:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44486
IP address blocks: 109.72.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fa:2d:cf:c5:2d:a0:93:7b:09:81:4c:de:9e:c8:07:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 1 17:51:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c5693bc7eb606e470581165139e24bf767fc860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5f:aa:18:13:45:9f:46:4f:6c:20:90:2c:58:
a2:24:3d:f1:35:5c:05:00:aa:af:cf:5f:79:ef:78:
f2:0f:93:d6:8b:5a:c9:60:b3:ff:8b:ab:25:44:3f:
52:08:a1:b4:f4:ec:e7:22:b7:0a:93:f4:92:90:fd:
cf:f9:0a:8f:e8:29:91:3a:07:04:ef:06:7c:9a:75:
32:9e:0c:24:02:ff:ef:8b:b8:10:f0:be:7c:8a:48:
13:87:d5:80:ba:11:1d:a6:f7:10:86:7b:80:94:48:
a6:11:6f:13:f7:f5:71:bf:db:0a:1d:2c:5c:a0:77:
bc:b3:68:9d:fd:89:74:38:71:cc:24:3a:3b:ca:0a:
b3:8f:77:dd:97:76:08:b3:5b:ad:2a:9c:bb:99:c7:
6e:a8:02:5a:1b:f6:5a:af:40:71:24:45:39:bb:5a:
1b:f3:b7:b7:98:58:97:2f:3e:9a:f6:77:91:55:d1:
46:d5:87:f2:a4:1c:2e:19:db:68:1c:53:d0:78:26:
03:5e:b9:b3:a9:32:a9:a5:b0:20:a5:82:c5:31:d9:
98:eb:a4:b5:0e:e2:84:33:4c:24:53:bc:ad:2d:ef:
98:79:47:2d:c9:08:47:66:52:4d:2f:d3:06:1b:db:
91:7c:2d:33:b3:a2:d1:b5:a4:09:08:59:dd:f6:ee:
d3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:56:93:BC:7E:B6:06:E4:70:58:11:65:13:9E:24:BF:76:7F:C8:60
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PFaTvH62BuRwWBFlE54kv3Z_yGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
07:ba:36:45:7f:ac:87:88:c0:96:12:c6:de:b3:8c:16:5b:d2:
99:ad:45:fd:5f:14:cf:31:a9:63:b9:bc:9b:a2:2f:05:1d:71:
9f:18:1f:ec:52:6c:c0:59:65:91:ab:83:9a:af:91:54:96:72:
0e:89:d5:87:bc:bb:91:ca:b1:10:c8:d5:52:7a:f4:37:55:dd:
4f:93:58:ff:84:c4:eb:f7:1b:a7:20:35:49:01:1a:ed:37:03:
2e:6e:fd:b3:80:1d:36:0e:5e:46:a9:de:71:c9:c2:c4:34:83:
b8:d9:91:73:89:65:53:89:ce:33:f8:26:20:6a:56:3d:3d:f6:
31:b8:e5:6a:c3:cd:ee:2e:be:6a:50:ae:32:9c:a6:3e:69:a9:
e0:5e:4e:d2:93:b3:9f:08:0e:16:c2:69:db:7c:1b:8a:e7:0e:
43:3b:e8:ad:ff:eb:0e:22:45:31:b4:55:ec:5d:20:3d:07:de:
c1:71:39:bb:e3:d0:45:b8:74:1b:52:2c:46:de:e5:55:1c:e8:
5b:48:65:af:05:4a:c8:52:1c:48:c3:25:1d:93:22:b1:36:d2:
57:27:ee:6c:f5:c9:be:b4:9a:84:9a:7e:d2:2e:4d:ad:9c:91:
fd:93:55:a6:10:ad:29:3e:f9:88:39:af:0d:dd:86:38:cc:5e:
52:1d:da:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYL6Lc/FLaCTewmBTN6eyAcsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIwOTAxMTc1MTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU2OTNiYzdlYjYwNmU0NzA1ODExNjUxMzllMjRiZjc2N2ZjODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl+qGBNFn0ZPbCCQLFiiJD3xNVwF
AKqvz19573jyD5PWi1rJYLP/i6slRD9SCKG09OznIrcKk/SSkP3P+QqP6CmROgcE
7wZ8mnUyngwkAv/vi7gQ8L58ikgTh9WAuhEdpvcQhnuAlEimEW8T9/Vxv9sKHSxc
oHe8s2id/Yl0OHHMJDo7ygqzj3fdl3YIs1utKpy7mcduqAJaG/Zar0BxJEU5u1ob
87e3mFiXLz6a9neRVdFG1YfypBwuGdtoHFPQeCYDXrmzqTKppbAgpYLFMdmY66S1
DuKEM0wkU7ytLe+YeUctyQhHZlJNL9MGG9uRfC0zs6LRtaQJCFnd9u7TWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxWk7x+tgbkcFgRZROeJL92f8hgMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvUEZhVHZINjJCdVJ3V0JGbEU1NGt2M1pfeUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUh7MA0G
CSqGSIb3DQEBCwUAA4IBAQAHujZFf6yHiMCWEsbes4wWW9KZrUX9XxTPMaljubyb
oi8FHXGfGB/sUmzAWWWRq4Oar5FUlnIOidWHvLuRyrEQyNVSevQ3Vd1Pk1j/hMTr
9xunIDVJARrtNwMubv2zgB02Dl5Gqd5xycLENIO42ZFziWVTic4z+CYgalY9PfYx
uOVqw83uLr5qUK4ynKY+aangXk7Sk7OfCA4WwmnbfBuK5w5DO+it/+sOIkUxtFXs
XSA9B97BcTm749BFuHQbUixG3uVVHOhbSGWvBUrIUhxIwyUdkyKxNtJXJ+5s9cm+
tJqEmn7SLk2tnJH9k1WmEK0pPvmIOa8N3YY4zF5SHdrm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org