Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/pfeIVxJlrVjzRIdOuEjJeIFv5BY.roa
File: pfeIVxJlrVjzRIdOuEjJeIFv5BY.roa (raw, json)
Hash identifier: MDHK40wX9RgPa9sGkNHlVFej+AMe4yQi9rxQB4y8dVI=
Subject key identifier: A5:F7:88:57:12:65:AD:58:F3:44:87:4E:B8:48:C9:78:81:6F:E4:16
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0A2F26FD
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/pfeIVxJlrVjzRIdOuEjJeIFv5BY.roa
Signing time: Sat 01 Jan 2022 14:59:17 +0000
ROA not before: Sat 01 Jan 2022 14:59:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 85.239.34.0/24 maxlen: 24
85.239.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170862333 (0xa2f26fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 14:59:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5f788571265ad58f344874eb848c978816fe416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:aa:3c:5f:25:3f:59:bb:d9:b2:dd:0b:6a:76:
84:99:ed:f9:2e:b5:1e:3f:fb:5f:e6:4b:e9:5d:5a:
50:d6:a7:82:82:6b:79:43:61:25:37:e7:47:53:61:
b5:cf:a2:2a:12:a8:b5:41:32:57:9b:98:bb:82:38:
9c:5b:fd:84:69:bb:08:3c:94:31:2b:7b:22:4f:7c:
bf:f9:3c:ac:75:17:45:1a:5f:da:a9:7d:e6:92:78:
71:81:de:17:59:b4:de:7f:f8:71:a2:0a:31:81:4d:
23:b3:d1:24:68:7c:04:37:0c:bd:2d:fb:72:56:4a:
b7:9c:1a:4c:be:2b:9b:29:f7:09:a4:ab:83:60:7b:
99:f7:a0:09:8f:bf:59:57:12:17:2c:2f:0b:09:42:
16:c7:e0:7c:48:b9:1e:43:3b:eb:3d:35:45:71:88:
0b:76:e5:e5:31:0b:bf:51:3e:f7:4d:72:67:5e:ee:
74:54:5e:f5:3b:2c:ff:f3:8d:42:fb:48:ea:54:6f:
25:8b:3c:58:9b:7c:a4:9a:2c:e4:e4:34:3c:8d:2a:
19:58:3a:29:cf:f4:88:b5:20:a7:9d:03:8b:ec:6c:
7e:8f:c9:d9:51:bf:07:c0:93:3c:1e:24:46:4d:bb:
c7:a8:0c:d4:ce:69:54:23:ff:ea:54:57:4f:3f:19:
eb:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F7:88:57:12:65:AD:58:F3:44:87:4E:B8:48:C9:78:81:6F:E4:16
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/pfeIVxJlrVjzRIdOuEjJeIFv5BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.33.0-85.239.34.255
Signature Algorithm: sha256WithRSAEncryption
05:70:22:54:6c:7d:15:16:d3:03:52:12:4d:c7:ef:16:14:ca:
25:f3:8b:44:20:64:75:bd:b2:69:73:3b:9b:a9:58:6b:6b:4f:
44:02:1e:31:00:26:d2:c9:75:eb:f9:04:e9:3e:bf:0e:e2:ed:
3a:ec:13:b9:a9:75:e5:bd:d8:14:fc:55:6b:e2:37:42:0c:98:
aa:71:59:a3:7f:0f:c3:33:fe:92:98:5b:0f:60:62:c6:ad:f3:
c4:15:21:89:c6:7d:bf:af:93:3a:cc:69:02:7d:f8:2e:af:42:
3a:9a:0e:bf:eb:a7:39:e9:e8:d0:b5:ea:4e:7f:c8:9b:e6:9b:
1d:89:03:1b:94:c1:d6:b9:41:d2:12:b9:7a:02:d1:9c:89:20:
f0:6a:73:95:be:59:ba:ce:77:c3:cc:56:07:ec:74:70:f5:44:
09:91:e8:db:b5:06:70:86:34:49:b2:e9:dc:be:4c:0b:21:91:
86:e1:46:13:ec:81:55:e9:19:ba:cb:33:0f:78:40:05:f9:32:
f6:49:00:9e:31:46:07:36:08:a7:85:50:35:51:62:41:c0:c2:
2f:a4:86:44:76:3a:aa:e4:71:4a:0b:eb:f6:56:14:67:2c:6c:
29:55:0d:dd:bf:d8:c8:44:67:d2:2f:16:d6:95:c2:ec:57:fc:
44:af:c0:2a
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECi8m/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjdlYzk0MjNiZjkwYzgxZDIyZDk0ODQxYzEwMzU3YTU0MjYwMzc5MB4XDTIyMDEw
MTE0NTkxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVmNzg4NTcxMjY1
YWQ1OGYzNDQ4NzRlYjg0OGM5Nzg4MTZmZTQxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANWqPF8lP1m72bLdC2p2hJnt+S61Hj/7X+ZL6V1aUNangoJr
eUNhJTfnR1Nhtc+iKhKotUEyV5uYu4I4nFv9hGm7CDyUMSt7Ik98v/k8rHUXRRpf
2ql95pJ4cYHeF1m03n/4caIKMYFNI7PRJGh8BDcMvS37clZKt5waTL4rmyn3CaSr
g2B7mfegCY+/WVcSFywvCwlCFsfgfEi5HkM76z01RXGIC3bl5TELv1E+901yZ17u
dFRe9Tss//ONQvtI6lRvJYs8WJt8pJos5OQ0PI0qGVg6Kc/0iLUgp50Di+xsfo/J
2VG/B8CTPB4kRk27x6gM1M5pVCP/6lRXTz8Z62kCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSl94hXEmWtWPNEh064SMl4gW/kFjAfBgNVHSMEGDAWgBQ7fslCO/kMgdIt
lIQcEDV6VCYDeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08zN0pRanY1RElIU0xaU0VIQkExZWxRbUEzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvOGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8x
L3BmZUlWeEpsclZqelJJZE91RWpKZUlGdjVCWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
OGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8xL08zN0pRanY1RElI
U0xaU0VIQkExZWxRbUEzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAVe8hAwQAVe8iMA0GCSqGSIb3
DQEBCwUAA4IBAQAFcCJUbH0VFtMDUhJNx+8WFMol84tEIGR1vbJpczubqVhra09E
Ah4xACbSyXXr+QTpPr8O4u067BO5qXXlvdgU/FVr4jdCDJiqcVmjfw/DM/6SmFsP
YGLGrfPEFSGJxn2/r5M6zGkCffgur0I6mg6/66c56ejQtepOf8ib5psdiQMblMHW
uUHSErl6AtGciSDwanOVvlm6znfDzFYH7HRw9UQJkejbtQZwhjRJsuncvkwLIZGG
4UYT7IFV6Rm6yzMPeEAF+TL2SQCeMUYHNginhVA1UWJBwMIvpIZEdjqq5HFKC+v2
VhRnLGwpVQ3dv9jIRGfSLxbWlcLsV/xEr8Aq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org