Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/PfDuCoTIfa8Ew-2AVPZ-ldZD5jw.roa
File: PfDuCoTIfa8Ew-2AVPZ-ldZD5jw.roa (raw, json)
Hash identifier: aq7TrR+GLSnb4K3LGLr7gC3H2mjQkNvadl7AJaLZYZQ=
Subject key identifier: 3D:F0:EE:0A:84:C8:7D:AF:04:C3:ED:80:54:F6:7E:95:D6:43:E6:3C
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 0926F977
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/PfDuCoTIfa8Ew-2AVPZ-ldZD5jw.roa
Signing time: Sat 01 Jan 2022 03:56:39 +0000
ROA not before: Sat 01 Jan 2022 03:56:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16243
IP address blocks: 144.43.240.0/21 maxlen: 24
144.43.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153549175 (0x926f977)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 1 03:56:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3df0ee0a84c87daf04c3ed8054f67e95d643e63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f7:0f:ff:e8:d7:51:94:4c:54:ff:09:12:a1:
d7:f6:6e:ad:5d:ee:ee:84:df:fc:ab:53:76:2d:f9:
1d:bd:2a:5a:b3:47:8f:9d:26:36:f9:a6:d8:dd:b7:
25:e1:15:0b:d8:b3:7a:4c:c0:e4:e1:69:92:9b:0f:
dc:ee:45:d3:7b:d3:fe:b9:2a:0d:2f:ae:7d:03:a9:
72:5e:81:e3:93:56:22:42:21:e5:30:cc:23:5e:1f:
9c:4b:d4:48:db:02:27:2f:10:27:e1:e7:df:91:fc:
38:58:c1:c0:6a:7e:91:77:4c:dd:28:ba:81:31:fe:
60:7a:5b:dc:3c:54:86:df:29:ee:63:6f:c3:59:f6:
48:3e:dc:23:97:35:05:08:49:2c:37:e5:9f:35:d8:
99:50:29:fe:3c:c3:30:7c:ad:64:75:c3:a3:e4:ea:
92:50:7d:5d:7e:80:7f:1f:c5:13:7a:c8:67:b0:3a:
90:3a:67:28:ca:e1:09:8d:e0:51:40:0e:68:76:3b:
b7:d3:da:d8:88:e4:19:d9:a6:2c:a6:1c:db:e1:a9:
89:1b:ae:80:48:c8:45:2d:c1:2f:5c:5c:00:38:7c:
e0:d8:4f:08:72:53:e9:c3:b7:13:cb:62:e1:12:bf:
d0:c0:fc:69:ff:f3:ea:cb:51:ce:c8:69:1b:7b:c4:
d9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F0:EE:0A:84:C8:7D:AF:04:C3:ED:80:54:F6:7E:95:D6:43:E6:3C
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/PfDuCoTIfa8Ew-2AVPZ-ldZD5jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.43.240.0/21
144.43.252.0/22
Signature Algorithm: sha256WithRSAEncryption
57:99:89:93:cb:90:80:22:3d:a0:57:84:09:18:41:ad:21:86:
74:35:a8:8b:34:24:c0:6a:f4:04:79:e1:f0:01:3a:42:e9:29:
b9:29:b8:4a:cb:2c:60:0a:26:3d:88:10:52:03:2f:6f:65:b0:
27:08:f3:68:f5:2c:51:aa:78:37:0c:69:af:10:a9:94:8b:fd:
ee:ed:72:4e:db:1d:24:90:a9:fe:c7:1f:3e:f5:92:7d:5e:49:
c1:75:ff:10:b7:9a:35:b5:07:5d:0a:51:e6:42:b8:15:87:61:
2d:76:c1:95:3b:ee:35:d0:e9:1f:b6:7f:28:01:d6:b6:0f:04:
68:b0:62:47:a6:11:a0:19:54:32:58:5e:aa:7a:20:1a:f0:64:
ea:f2:f0:2c:a0:cb:87:02:be:b9:e1:39:10:31:45:33:ea:2a:
48:4d:ec:5b:26:50:c3:a1:4e:8c:95:ad:5f:4a:e4:40:54:03:
b1:c3:0a:94:78:10:e6:8c:dd:07:10:48:21:0f:1c:bb:f4:51:
01:ec:eb:aa:10:55:aa:52:48:77:f2:9d:cc:e0:b9:86:00:b4:
15:b8:c1:c3:95:2b:7c:5f:ad:ef:44:ee:9f:07:12:b9:a3:d9:
7e:9a:49:4b:65:ab:3d:47:3c:d0:83:4b:0d:fa:b0:91:65:e7:
1e:9f:ab:18
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECSb5dzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDA2OWUxOWUxMmMxMDQwMDRlOGI0Yjc1ZjhhNzc4OWI3ZTExMzk2MB4XDTIyMDEw
MTAzNTYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2RmMGVlMGE4NGM4
N2RhZjA0YzNlZDgwNTRmNjdlOTVkNjQzZTYzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKj3D//o11GUTFT/CRKh1/ZurV3u7oTf/KtTdi35Hb0qWrNH
j50mNvmm2N23JeEVC9izekzA5OFpkpsP3O5F03vT/rkqDS+ufQOpcl6B45NWIkIh
5TDMI14fnEvUSNsCJy8QJ+Hn35H8OFjBwGp+kXdM3Si6gTH+YHpb3DxUht8p7mNv
w1n2SD7cI5c1BQhJLDflnzXYmVAp/jzDMHytZHXDo+TqklB9XX6Afx/FE3rIZ7A6
kDpnKMrhCY3gUUAOaHY7t9Pa2IjkGdmmLKYc2+GpiRuugEjIRS3BL1xcADh84NhP
CHJT6cO3E8ti4RK/0MD8af/z6stRzshpG3vE2XkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ98O4KhMh9rwTD7YBU9n6V1kPmPDAfBgNVHSMEGDAWgBRtBp4Z4SwQQATo
tLdfineJt+ETljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JRYWVHZUVzRUVBRTZMUzNYNHAzaWJmaEU1WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvY2Y2NGY2LTA3ODktNDNlMy1iZDZiLTdiZmYyOTZjNmIwMi8x
L1BmRHVDb1RJZmE4RXctMkFWUFotbGRaRDVqdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
Y2Y2NGY2LTA3ODktNDNlMy1iZDZiLTdiZmYyOTZjNmIwMi8xL2JRYWVHZUVzRUVB
RTZMUzNYNHAzaWJmaEU1WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA5Ar8AMEApAr/DANBgkqhkiG9w0B
AQsFAAOCAQEAV5mJk8uQgCI9oFeECRhBrSGGdDWoizQkwGr0BHnh8AE6QukpuSm4
SsssYAomPYgQUgMvb2WwJwjzaPUsUap4NwxprxCplIv97u1yTtsdJJCp/scfPvWS
fV5JwXX/ELeaNbUHXQpR5kK4FYdhLXbBlTvuNdDpH7Z/KAHWtg8EaLBiR6YRoBlU
MlheqnogGvBk6vLwLKDLhwK+ueE5EDFFM+oqSE3sWyZQw6FOjJWtX0rkQFQDscMK
lHgQ5ozdBxBIIQ8cu/RRAezrqhBVqlJId/KdzOC5hgC0FbjBw5UrfF+t70TunwcS
uaPZfppJS2WrPUc80INLDfqwkWXnHp+rGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:02 2024 by rpki-client on console-ams.rpki-client.org