Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a997b6-0bb7-4766-8acc-275ac1443318/1/pfBFPJ8I8_GeTnOwzQQq1zEcwTI.roa
File: pfBFPJ8I8_GeTnOwzQQq1zEcwTI.roa (raw, json)
Hash identifier: UgxvzyHtvX5FuWin+F0YEF2M2K534Kv/8MK+1UiSlno=
Subject key identifier: A5:F0:45:3C:9F:08:F3:F1:9E:4E:73:B0:CD:04:2A:D7:31:1C:C1:32
Certificate issuer: /CN=82b64d7f159e902ea6a5add7a100dc05fa14a9ed
Certificate serial: 0185715E751F21E58997B9422EED8A31F148
Authority key identifier: 82:B6:4D:7F:15:9E:90:2E:A6:A5:AD:D7:A1:00:DC:05:FA:14:A9:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grZNfxWekC6mpa3XoQDcBfoUqe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a997b6-0bb7-4766-8acc-275ac1443318/1/pfBFPJ8I8_GeTnOwzQQq1zEcwTI.roa
Signing time: Mon 02 Jan 2023 07:24:53 +0000
ROA not before: Mon 02 Jan 2023 07:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197721
IP address blocks: 192.162.164.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:75:1f:21:e5:89:97:b9:42:2e:ed:8a:31:f1:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b64d7f159e902ea6a5add7a100dc05fa14a9ed
Validity
Not Before: Jan 2 07:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5f0453c9f08f3f19e4e73b0cd042ad7311cc132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:07:91:2b:da:3d:97:dd:04:b6:65:de:b9:dc:
0e:90:1d:85:fb:ea:c8:6a:31:0f:c5:03:51:be:f5:
77:d1:62:44:b6:07:74:e3:a6:17:fb:76:9c:63:46:
15:38:5c:af:5f:88:ae:50:b6:28:c3:d6:a9:d6:7c:
f5:4b:00:56:ba:af:71:19:07:78:b6:bd:a5:c4:62:
96:49:dc:4c:cf:80:16:78:2d:75:08:ad:bd:21:b8:
0a:ec:0b:6f:8e:cf:c1:40:04:d9:0d:3d:fe:62:77:
71:19:91:60:51:5e:7e:05:bc:9f:95:2a:f7:c2:32:
02:52:a8:d4:74:0f:fd:66:3b:22:b4:c9:fc:67:38:
d6:5e:a6:21:dc:87:8c:fe:20:38:a4:45:2f:fa:71:
59:05:ea:11:97:b4:d8:54:94:ed:15:39:11:b6:a0:
35:5f:9c:1a:e2:28:37:f5:ad:b8:03:c7:9b:ce:7c:
72:42:ef:f7:36:b8:b8:57:4a:e4:e9:67:24:cf:a0:
f4:b6:76:f1:e5:db:b3:e7:af:11:39:55:72:c1:5e:
5f:9b:d7:fd:d6:89:78:16:a0:26:a8:1a:79:cd:51:
1d:82:05:2a:d0:b0:c1:ed:93:03:20:0d:92:e7:c6:
2b:26:e2:f6:4f:67:64:33:cd:d6:fe:e2:b3:79:cd:
7e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F0:45:3C:9F:08:F3:F1:9E:4E:73:B0:CD:04:2A:D7:31:1C:C1:32
X509v3 Authority Key Identifier:
keyid:82:B6:4D:7F:15:9E:90:2E:A6:A5:AD:D7:A1:00:DC:05:FA:14:A9:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grZNfxWekC6mpa3XoQDcBfoUqe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a997b6-0bb7-4766-8acc-275ac1443318/1/pfBFPJ8I8_GeTnOwzQQq1zEcwTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a997b6-0bb7-4766-8acc-275ac1443318/1/grZNfxWekC6mpa3XoQDcBfoUqe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.164.0/22
Signature Algorithm: sha256WithRSAEncryption
87:4f:9a:6b:a3:24:52:18:b7:7a:cf:67:f4:07:63:cf:d5:6a:
43:54:c4:f1:a0:ad:03:8c:96:7c:3e:fa:06:33:1d:6a:d0:b7:
5d:11:27:a5:f1:ff:97:91:fa:27:08:9d:f9:e4:50:76:b5:48:
c5:1e:a9:e1:fa:f9:60:14:ce:10:7a:6b:b6:78:74:3b:6a:f9:
18:23:55:20:ff:08:27:87:bb:fb:b6:02:fe:11:d4:1c:a1:ae:
96:ba:a9:e5:3e:fe:f6:22:12:90:5f:59:27:e6:e4:fd:91:26:
07:01:9e:7d:f0:76:48:54:48:ed:b5:a0:84:1f:ce:4e:a0:e4:
ec:2c:dc:37:1c:1c:d0:d5:ac:6c:fd:f9:d7:0f:68:31:50:fb:
c7:82:df:0d:18:c2:9e:d7:b9:bf:ac:0d:32:05:8b:d8:63:48:
79:3a:a1:61:72:14:5b:81:e7:a2:2c:d5:87:87:8e:19:a0:df:
a7:ff:2a:17:61:ad:4c:eb:4c:f7:01:80:be:70:6b:22:45:53:
c8:af:bc:e9:c0:8f:40:25:5b:93:2c:00:67:39:43:5b:31:d9:
63:32:d0:38:c4:77:00:5c:c4:18:bf:31:0c:80:fc:b8:9c:c4:
5c:f2:a4:10:d8:33:7a:b4:2e:c9:50:7e:83:d5:d6:a3:6a:bb:
2f:22:31:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXnUfIeWJl7lCLu2KMfFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjY0ZDdmMTU5ZTkwMmVhNmE1YWRkN2ExMDBkYzA1ZmEx
NGE5ZWQwHhcNMjMwMTAyMDcyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWYwNDUzYzlmMDhmM2YxOWU0ZTczYjBjZDA0MmFkNzMxMWNjMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwweRK9o9l90EtmXeudwOkB2F++rI
ajEPxQNRvvV30WJEtgd046YX+3acY0YVOFyvX4iuULYow9ap1nz1SwBWuq9xGQd4
tr2lxGKWSdxMz4AWeC11CK29IbgK7Atvjs/BQATZDT3+YndxGZFgUV5+BbyflSr3
wjICUqjUdA/9ZjsitMn8ZzjWXqYh3IeM/iA4pEUv+nFZBeoRl7TYVJTtFTkRtqA1
X5wa4ig39a24A8ebznxyQu/3Nri4V0rk6Wckz6D0tnbx5duz568ROVVywV5fm9f9
1ol4FqAmqBp5zVEdggUq0LDB7ZMDIA2S58YrJuL2T2dkM83W/uKzec1+RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXwRTyfCPPxnk5zsM0EKtcxHMEyMB8GA1UdIwQY
MBaAFIK2TX8VnpAupqWt16EA3AX6FKntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JaTmZ4V2VrQzZtcGEzWG9RRGNCZm9VcWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hOTk3YjYtMGJiNy00NzY2LThhY2Mt
Mjc1YWMxNDQzMzE4LzEvcGZCRlBKOEk4X0dlVG5Pd3pRUXExekVjd1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hOTk3YjYtMGJiNy00NzY2LThhY2MtMjc1YWMxNDQzMzE4
LzEvZ3JaTmZ4V2VrQzZtcGEzWG9RRGNCZm9VcWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwKKkMA0G
CSqGSIb3DQEBCwUAA4IBAQCHT5proyRSGLd6z2f0B2PP1WpDVMTxoK0DjJZ8PvoG
Mx1q0LddESel8f+XkfonCJ355FB2tUjFHqnh+vlgFM4Qemu2eHQ7avkYI1Ug/wgn
h7v7tgL+EdQcoa6WuqnlPv72IhKQX1kn5uT9kSYHAZ598HZIVEjttaCEH85OoOTs
LNw3HBzQ1axs/fnXD2gxUPvHgt8NGMKe17m/rA0yBYvYY0h5OqFhchRbgeeiLNWH
h44ZoN+n/yoXYa1M60z3AYC+cGsiRVPIr7zpwI9AJVuTLABnOUNbMdljMtA4xHcA
XMQYvzEMgPy4nMRc8qQQ2DN6tC7JUH6D1dajarsvIjF7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:49 2025 by rpki-client