Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/pfpRQcW1KTa6m1B-uq0_1AgOnq0.roa
File: pfpRQcW1KTa6m1B-uq0_1AgOnq0.roa (raw, json)
Hash identifier: hesDHLPl9sS2isdLYN/XFiXp8Do/f7mXgaq8g0cZb8w=
Subject key identifier: A5:FA:51:41:C5:B5:29:36:BA:9B:50:7E:BA:AD:3F:D4:08:0E:9E:AD
Certificate issuer: /CN=dd2a695c41221dd8eddcfc5c4b5cc0b789cb953b
Certificate serial: 01856E6FCC4A43B8F2EDFB600E619EF8F206
Authority key identifier: DD:2A:69:5C:41:22:1D:D8:ED:DC:FC:5C:4B:5C:C0:B7:89:CB:95:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SppXEEiHdjt3PxcS1zAt4nLlTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/pfpRQcW1KTa6m1B-uq0_1AgOnq0.roa
Signing time: Sun 01 Jan 2023 17:44:58 +0000
ROA not before: Sun 01 Jan 2023 17:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39090
IP address blocks: 185.116.17.0/24 maxlen: 24
185.116.19.0/24 maxlen: 24
84.39.64.0/19 maxlen: 19
2a02:d180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:cc:4a:43:b8:f2:ed:fb:60:0e:61:9e:f8:f2:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd2a695c41221dd8eddcfc5c4b5cc0b789cb953b
Validity
Not Before: Jan 1 17:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5fa5141c5b52936ba9b507ebaad3fd4080e9ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:26:81:07:10:8d:d0:f3:b3:06:6c:bf:ef:09:
e5:22:83:b1:b6:ff:55:35:32:c3:78:f7:d7:82:cf:
4a:5c:da:f5:1a:d1:36:fe:f6:6f:65:e7:35:67:d2:
41:77:0f:cd:94:e8:f3:b6:b7:b8:24:e1:72:ea:66:
15:16:2f:eb:2c:38:4b:dd:3a:30:44:18:a7:8a:fc:
ef:cb:fc:27:a5:35:77:e0:1d:26:9c:8d:c6:0a:ca:
35:ba:1b:96:f3:05:ef:f5:07:55:c5:ce:19:38:53:
d6:d0:ee:9f:f4:78:67:68:f7:9e:60:7b:0e:78:21:
62:da:f6:cb:50:c8:b7:55:33:c9:db:1e:05:c7:ac:
85:ec:7d:aa:ac:f2:cd:57:09:07:9a:8e:40:14:ab:
6d:1b:3e:06:f8:c6:08:a6:3a:a3:1d:3f:9b:b4:ea:
1a:da:6d:5d:0a:04:43:f0:fc:73:ac:e3:a6:c5:6a:
c4:65:e4:63:5e:31:dd:00:c8:79:0e:3d:a2:49:a2:
9f:33:c9:ed:d7:4b:0b:28:40:a0:e1:4b:87:bd:60:
62:71:fa:59:5a:68:7f:14:e1:f4:d5:f6:22:0f:55:
08:0a:40:59:94:1b:9f:a1:4e:e4:b2:93:2a:37:97:
02:bb:f8:a5:73:ae:83:fe:df:c5:19:14:dd:e2:c8:
66:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:FA:51:41:C5:B5:29:36:BA:9B:50:7E:BA:AD:3F:D4:08:0E:9E:AD
X509v3 Authority Key Identifier:
keyid:DD:2A:69:5C:41:22:1D:D8:ED:DC:FC:5C:4B:5C:C0:B7:89:CB:95:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SppXEEiHdjt3PxcS1zAt4nLlTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/pfpRQcW1KTa6m1B-uq0_1AgOnq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/3SppXEEiHdjt3PxcS1zAt4nLlTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.64.0/19
185.116.17.0/24
185.116.19.0/24
IPv6:
2a02:d180::/29
Signature Algorithm: sha256WithRSAEncryption
1e:2a:99:76:19:7b:62:2c:62:dc:a5:18:18:2b:4f:ea:18:06:
f0:e1:aa:2e:3b:52:50:57:9c:98:7f:c3:8e:98:cd:48:7b:82:
51:ab:74:de:eb:81:51:f1:5a:91:21:fa:2e:de:e8:55:4a:9c:
80:97:70:c5:9a:11:3e:7f:67:98:6c:8e:b3:a2:1e:8f:e5:cb:
c3:14:0a:66:8d:2a:b5:71:15:0b:d6:3d:bd:a2:19:39:02:76:
07:31:a5:56:a1:21:b9:15:74:d6:2c:1e:cc:32:03:4d:80:9e:
bb:5d:2b:75:75:3e:96:80:72:09:19:52:e0:46:a2:3f:25:3b:
f4:50:f4:21:13:34:a5:be:c8:18:fc:7e:71:6d:22:8b:69:0b:
c2:89:5b:43:15:33:7a:f9:42:87:99:10:f8:c4:47:b0:96:da:
b3:4a:a1:c8:16:64:8b:8b:fa:ae:e0:42:85:a2:93:e1:dc:87:
bc:bb:54:69:03:12:ff:ec:a7:b5:64:64:78:23:dd:b6:d6:b4:
e5:97:32:af:26:be:b1:d7:a0:9c:8e:3e:8b:38:ec:52:c4:42:
b6:96:f6:5b:dc:ca:91:33:90:f3:0d:25:e8:00:31:ab:8b:75:
04:59:a7:2a:f6:ed:7f:59:78:27:e1:81:1d:a7:60:44:3d:1a:
63:39:b1:1b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVub8xKQ7jy7ftgDmGe+PIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMmE2OTVjNDEyMjFkZDhlZGRjZmM1YzRiNWNjMGI3ODlj
Yjk1M2IwHhcNMjMwMTAxMTc0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWZhNTE0MWM1YjUyOTM2YmE5YjUwN2ViYWFkM2ZkNDA4MGU5ZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSaBBxCN0POzBmy/7wnlIoOxtv9V
NTLDePfXgs9KXNr1GtE2/vZvZec1Z9JBdw/NlOjztre4JOFy6mYVFi/rLDhL3Tow
RBinivzvy/wnpTV34B0mnI3GCso1uhuW8wXv9QdVxc4ZOFPW0O6f9HhnaPeeYHsO
eCFi2vbLUMi3VTPJ2x4Fx6yF7H2qrPLNVwkHmo5AFKttGz4G+MYIpjqjHT+btOoa
2m1dCgRD8PxzrOOmxWrEZeRjXjHdAMh5Dj2iSaKfM8nt10sLKECg4UuHvWBicfpZ
Wmh/FOH01fYiD1UICkBZlBufoU7kspMqN5cCu/ilc66D/t/FGRTd4shmJQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKX6UUHFtSk2uptQfrqtP9QIDp6tMB8GA1UdIwQY
MBaAFN0qaVxBIh3Y7dz8XEtcwLeJy5U7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1NwcFhFRWlIZGp0M1B4Y1MxekF0NG5MbFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85NGFjMTctZjlkZC00OWY2LWE4OGEt
MjA4ZGMwNjhkNTNjLzEvcGZwUlFjVzFLVGE2bTFCLXVxMF8xQWdPbnEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85NGFjMTctZjlkZC00OWY2LWE4OGEtMjA4ZGMwNjhkNTNj
LzEvM1NwcFhFRWlIZGp0M1B4Y1MxekF0NG5MbFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVCdAAwQA
uXQRAwQAuXQTMA0EAgACMAcDBQMqAtGAMA0GCSqGSIb3DQEBCwUAA4IBAQAeKpl2
GXtiLGLcpRgYK0/qGAbw4aouO1JQV5yYf8OOmM1Ie4JRq3Te64FR8VqRIfou3uhV
SpyAl3DFmhE+f2eYbI6zoh6P5cvDFApmjSq1cRUL1j29ohk5AnYHMaVWoSG5FXTW
LB7MMgNNgJ67XSt1dT6WgHIJGVLgRqI/JTv0UPQhEzSlvsgY/H5xbSKLaQvCiVtD
FTN6+UKHmRD4xEewltqzSqHIFmSLi/qu4EKFopPh3Ie8u1RpAxL/7Ke1ZGR4I922
1rTllzKvJr6x16Ccjj6LOOxSxEK2lvZb3MqRM5DzDSXoADGri3UEWacq9u1/WXgn
4YEdp2BEPRpjObEb
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:28 2025 by rpki-client