Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/pfVgO-0A2HNfbSKSDoMmzdjnNtQ.roa
File: pfVgO-0A2HNfbSKSDoMmzdjnNtQ.roa (raw, json)
Hash identifier: wIAgNVINbZv2X9CK7wQe2c3tGxCH65LcVMGwzSVr+s0=
Subject key identifier: A5:F5:60:3B:ED:00:D8:73:5F:6D:22:92:0E:83:26:CD:D8:E7:36:D4
Certificate issuer: /CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Certificate serial: 01824F0A2D8EA2E78F8F0C521BE58F0C2BB1
Authority key identifier: 11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/pfVgO-0A2HNfbSKSDoMmzdjnNtQ.roa
Signing time: Sat 30 Jul 2022 12:17:23 +0000
ROA not before: Sat 30 Jul 2022 12:17:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.236.24.0/22 maxlen: 24
185.232.207.0/24 maxlen: 24
185.239.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4f:0a:2d:8e:a2:e7:8f:8f:0c:52:1b:e5:8f:0c:2b:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Validity
Not Before: Jul 30 12:17:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5f5603bed00d8735f6d22920e8326cdd8e736d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c4:3a:b8:a7:40:c0:a1:c9:f2:57:49:14:aa:
da:13:8d:51:7e:fc:38:6d:f1:a0:2d:fb:e0:a5:40:
27:dc:ab:df:48:8f:c9:05:c3:83:49:68:4e:77:03:
a4:fc:db:38:5c:ff:83:b4:8c:39:f6:fc:ba:73:8d:
8f:0d:ff:15:ad:d4:4e:59:21:50:9f:90:8c:5d:b7:
bd:22:65:87:c2:ab:25:bb:a7:6b:9e:0f:03:3b:bf:
f8:f9:a8:43:4e:0e:91:0b:6f:f8:ff:3e:66:df:e6:
c7:d6:98:0a:67:23:88:49:84:c8:07:1e:35:a2:c0:
01:d7:6a:84:f7:7d:01:15:b2:52:99:8b:c0:0d:f8:
60:50:f2:61:0d:12:87:03:3b:43:11:e1:54:04:42:
0b:fa:aa:c4:6c:3c:d5:2a:75:41:e0:b3:4a:d3:e5:
96:67:51:16:da:65:56:f8:a6:17:96:bb:91:7a:17:
c2:41:96:7b:83:0e:d8:61:94:50:d6:66:39:64:1c:
8b:4a:09:ab:80:91:79:32:21:54:fe:1c:e7:29:f3:
0d:34:a1:43:f2:a2:5c:c8:b9:75:f0:10:87:ef:23:
06:d9:0e:e5:f7:1a:a2:a1:32:89:e9:75:6f:88:63:
aa:fe:31:da:16:23:af:25:34:ac:d4:cd:e6:26:f8:
09:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F5:60:3B:ED:00:D8:73:5F:6D:22:92:0E:83:26:CD:D8:E7:36:D4
X509v3 Authority Key Identifier:
keyid:11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/pfVgO-0A2HNfbSKSDoMmzdjnNtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/Ee7NccGT5Kww7QPQufBdoQHGA9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.207.0/24
185.236.24.0/22
185.239.140.0/24
Signature Algorithm: sha256WithRSAEncryption
58:b4:59:0c:92:80:c6:59:da:b5:07:71:e9:81:3e:7a:0c:48:
75:a9:a7:bd:3e:a9:d9:13:97:79:38:2c:e9:d1:57:ab:ce:3e:
d1:41:ec:13:4e:81:01:1e:9a:98:6d:b6:ba:e6:3a:2e:d5:14:
d2:f8:88:f5:56:f3:41:91:60:7a:c7:d9:54:b1:93:a2:f4:0d:
f1:73:d4:15:b5:1d:cc:9e:d2:67:f0:a5:77:8c:e7:cf:56:02:
d1:1c:8c:ba:f1:2d:da:e0:ce:18:7c:92:e7:52:3b:c8:7e:c7:
e8:e6:66:d2:d2:f0:d6:35:5c:d1:56:cd:d8:d6:5f:04:92:ac:
00:af:91:b7:c2:db:ef:6f:6a:5d:6d:d3:68:8d:e4:de:ee:f6:
7e:d2:ca:a7:9e:fb:68:76:f6:61:c7:ca:bb:1c:a2:33:cc:71:
87:ac:4c:56:48:b7:5d:c5:bd:fd:46:e2:fc:ff:69:85:55:e5:
4b:60:9c:2e:29:26:16:52:8b:97:9e:44:ef:32:5c:a8:0c:f9:
d6:5c:4a:b8:f1:ff:9b:61:00:e0:36:45:a0:01:54:a7:0c:df:
cc:79:1b:f3:90:ba:3f:f1:1a:0f:c4:a1:74:a7:1f:4f:37:ec:
8e:40:fa:c3:96:af:23:9d:d6:63:84:28:fe:cc:af:e9:da:ab:
1d:60:72:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJPCi2OouePjwxSG+WPDCuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZWVjZDcxYzE5M2U0YWMzMGVkMDNkMGI5ZjA1ZGExMDFj
NjAzZDIwHhcNMjIwNzMwMTIxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWY1NjAzYmVkMDBkODczNWY2ZDIyOTIwZTgzMjZjZGQ4ZTczNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8Q6uKdAwKHJ8ldJFKraE41Rfvw4
bfGgLfvgpUAn3KvfSI/JBcODSWhOdwOk/Ns4XP+DtIw59vy6c42PDf8VrdROWSFQ
n5CMXbe9ImWHwqslu6drng8DO7/4+ahDTg6RC2/4/z5m3+bH1pgKZyOISYTIBx41
osAB12qE930BFbJSmYvADfhgUPJhDRKHAztDEeFUBEIL+qrEbDzVKnVB4LNK0+WW
Z1EW2mVW+KYXlruRehfCQZZ7gw7YYZRQ1mY5ZByLSgmrgJF5MiFU/hznKfMNNKFD
8qJcyLl18BCH7yMG2Q7l9xqioTKJ6XVviGOq/jHaFiOvJTSs1M3mJvgJ9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKX1YDvtANhzX20ikg6DJs3Y5zbUMB8GA1UdIwQY
MBaAFBHuzXHBk+SsMO0D0LnwXaEBxgPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4Njgt
MTM4OTk1Yzk5Yjk3LzEvcGZWZ08tMEEySE5mYlNLU0RvTW16ZGpuTnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4NjgtMTM4OTk1Yzk5Yjk3
LzEvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuejPAwQC
uewYAwQAue+MMA0GCSqGSIb3DQEBCwUAA4IBAQBYtFkMkoDGWdq1B3HpgT56DEh1
qae9PqnZE5d5OCzp0Verzj7RQewTToEBHpqYbba65jou1RTS+Ij1VvNBkWB6x9lU
sZOi9A3xc9QVtR3MntJn8KV3jOfPVgLRHIy68S3a4M4YfJLnUjvIfsfo5mbS0vDW
NVzRVs3Y1l8EkqwAr5G3wtvvb2pdbdNojeTe7vZ+0sqnnvtodvZhx8q7HKIzzHGH
rExWSLddxb39RuL8/2mFVeVLYJwuKSYWUouXnkTvMlyoDPnWXEq48f+bYQDgNkWg
AVSnDN/MeRvzkLo/8RoPxKF0px9PN+yOQPrDlq8jndZjhCj+zK/p2qsdYHJ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:54 2024 by rpki-client on console-fra.rpki-client.org