Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/pFnyzrbp7hGako7v55qsNMMIkKk.roa
File: pFnyzrbp7hGako7v55qsNMMIkKk.roa (raw, json)
Hash identifier: KVYxC+FVbUacQQjke1JReYxQMw7HdGcJ/5Lyq0oLB2c=
Subject key identifier: A4:59:F2:CE:B6:E9:EE:11:9A:92:8E:EF:E7:9A:AC:34:C3:08:90:A9
Certificate issuer: /CN=4789c5dc0dd544fc02b7e67e5f1bac456aabfe61
Certificate serial: 16B53DA9
Authority key identifier: 47:89:C5:DC:0D:D5:44:FC:02:B7:E6:7E:5F:1B:AC:45:6A:AB:FE:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R4nF3A3VRPwCt-Z-XxusRWqr_mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/pFnyzrbp7hGako7v55qsNMMIkKk.roa
Signing time: Thu 17 Feb 2022 09:12:45 +0000
ROA not before: Thu 17 Feb 2022 09:12:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47178
IP address blocks: 93.188.112.0/21 maxlen: 21
185.99.225.0/24 maxlen: 24
185.99.224.0/22 maxlen: 22
185.99.226.0/24 maxlen: 24
185.99.224.0/24 maxlen: 24
185.99.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 380976553 (0x16b53da9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4789c5dc0dd544fc02b7e67e5f1bac456aabfe61
Validity
Not Before: Feb 17 09:12:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a459f2ceb6e9ee119a928eefe79aac34c30890a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:13:8a:2e:f8:a2:d0:c3:10:6a:7d:0b:f3:8d:
71:6a:62:b6:f3:07:d4:be:83:69:b7:10:97:af:a8:
1f:05:dc:7c:b4:11:85:f7:8a:e3:59:61:17:fd:80:
d5:c9:e8:36:28:48:ff:67:73:a2:78:21:97:1e:ca:
d0:50:3a:23:e6:3c:ff:5a:b2:59:5e:fb:ae:56:f7:
31:91:56:79:d3:e4:a1:64:46:9b:e8:90:f0:56:b4:
82:06:45:c1:4c:8e:94:02:a4:f5:8c:fe:3c:35:09:
c1:36:41:2a:fc:05:70:1d:11:1e:b1:ec:ca:12:c0:
d3:4a:70:a9:dd:70:7f:a1:52:94:c7:d1:3b:a8:93:
3a:17:a2:3f:b8:03:2d:9a:db:87:39:68:f5:e7:66:
dd:5f:65:40:89:3c:00:c9:df:6f:f8:11:86:9e:14:
b2:f5:a1:dc:17:30:43:3f:9f:eb:7b:82:c4:f7:58:
ea:fa:46:c5:ee:60:2d:d3:f9:9a:ce:ea:63:c1:d7:
fe:89:7d:9c:fd:d6:e0:59:ec:25:24:2c:15:e6:cc:
b6:e2:b5:a7:12:5f:9e:e9:74:b8:49:37:6d:6a:07:
98:9c:38:c4:93:bd:de:aa:d8:a3:1b:f3:0f:d0:2f:
a5:dd:07:49:a8:f3:12:ad:b5:43:92:27:27:58:5a:
73:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:59:F2:CE:B6:E9:EE:11:9A:92:8E:EF:E7:9A:AC:34:C3:08:90:A9
X509v3 Authority Key Identifier:
keyid:47:89:C5:DC:0D:D5:44:FC:02:B7:E6:7E:5F:1B:AC:45:6A:AB:FE:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R4nF3A3VRPwCt-Z-XxusRWqr_mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/pFnyzrbp7hGako7v55qsNMMIkKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/R4nF3A3VRPwCt-Z-XxusRWqr_mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.112.0/21
185.99.224.0/22
Signature Algorithm: sha256WithRSAEncryption
86:2c:3e:71:87:92:38:b5:1d:71:aa:04:13:a7:73:76:63:c2:
cb:73:31:fc:81:4e:d3:fc:af:f6:8c:53:9f:d8:03:9b:14:2c:
f6:8e:8d:ba:d9:a1:4c:b7:e8:28:a9:e1:a8:68:af:2f:c7:58:
4f:f8:cc:d5:89:85:29:62:5a:31:54:a3:fb:d2:8b:96:eb:cf:
98:6e:b8:6d:d1:45:94:46:ae:41:74:91:c7:5a:e6:f1:b1:d0:
d7:dc:d3:9d:43:9d:63:8f:2b:11:cd:44:26:91:48:4c:54:f6:
83:a7:bd:28:7c:6f:97:e6:80:36:6e:12:a7:73:71:fd:01:e0:
fa:8d:b5:6e:54:17:0a:cb:67:de:15:ed:0c:14:69:ad:0c:d4:
63:4c:9d:da:e1:dd:8c:8c:c3:f4:2f:4b:1c:5e:e6:48:9a:c4:
08:71:44:8b:52:58:16:b6:15:ed:3e:5c:35:97:8b:c9:5a:90:
63:5d:75:58:5e:1a:89:ff:a4:30:a8:09:3b:d1:ae:56:c1:e0:
4a:77:c7:14:ba:bc:a5:89:d8:50:7b:02:dc:53:90:c8:94:97:
ad:6d:d9:d4:07:d2:3f:47:e3:53:31:cf:ad:10:10:a2:c0:f1:
10:a9:7d:42:c1:f2:77:1b:1b:cd:81:1a:98:1f:d7:8e:27:ef:
66:3b:27:c6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFrU9qTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Nzg5YzVkYzBkZDU0NGZjMDJiN2U2N2U1ZjFiYWM0NTZhYWJmZTYxMB4XDTIyMDIx
NzA5MTI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ1OWYyY2ViNmU5
ZWUxMTlhOTI4ZWVmZTc5YWFjMzRjMzA4OTBhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwTii74otDDEGp9C/ONcWpitvMH1L6DabcQl6+oHwXcfLQR
hfeK41lhF/2A1cnoNihI/2dzonghlx7K0FA6I+Y8/1qyWV77rlb3MZFWedPkoWRG
m+iQ8Fa0ggZFwUyOlAKk9Yz+PDUJwTZBKvwFcB0RHrHsyhLA00pwqd1wf6FSlMfR
O6iTOheiP7gDLZrbhzlo9edm3V9lQIk8AMnfb/gRhp4UsvWh3BcwQz+f63uCxPdY
6vpGxe5gLdP5ms7qY8HX/ol9nP3W4FnsJSQsFebMtuK1pxJfnul0uEk3bWoHmJw4
xJO93qrYoxvzD9Avpd0HSajzEq21Q5InJ1hac10CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSkWfLOtunuEZqSju/nmqw0wwiQqTAfBgNVHSMEGDAWgBRHicXcDdVE/AK3
5n5fG6xFaqv+YTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1I0bkYzQTNWUlB3Q3QtWi1YeHVzUldxcl9tRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvODk1NDJhLTU4N2QtNGMyNy1hNTIzLTZhMWI5YzFjNjkyNC8x
L3BGbnl6cmJwN2hHYWtvN3Y1NXFzTk1NSWtLay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
ODk1NDJhLTU4N2QtNGMyNy1hNTIzLTZhMWI5YzFjNjkyNC8xL1I0bkYzQTNWUlB3
Q3QtWi1YeHVzUldxcl9tRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA128cAMEArlj4DANBgkqhkiG9w0B
AQsFAAOCAQEAhiw+cYeSOLUdcaoEE6dzdmPCy3Mx/IFO0/yv9oxTn9gDmxQs9o6N
utmhTLfoKKnhqGivL8dYT/jM1YmFKWJaMVSj+9KLluvPmG64bdFFlEauQXSRx1rm
8bHQ19zTnUOdY48rEc1EJpFITFT2g6e9KHxvl+aANm4Sp3Nx/QHg+o21blQXCstn
3hXtDBRprQzUY0yd2uHdjIzD9C9LHF7mSJrECHFEi1JYFrYV7T5cNZeLyVqQY111
WF4aif+kMKgJO9GuVsHgSnfHFLq8pYnYUHsC3FOQyJSXrW3Z1AfSP0fjUzHPrRAQ
osDxEKl9QsHydxsbzYEamB/XjifvZjsnxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:18 2024 by rpki-client on console-ams.rpki-client.org