Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/o0OOQNKaAdQqWl1WCNp_lJ3AtRo.roa
File: o0OOQNKaAdQqWl1WCNp_lJ3AtRo.roa (raw, json)
Hash identifier: 5HAw/PAKFoaymUZ4/llBYsKdqMZfa3tVqXdIYQVxnhY=
Subject key identifier: A3:43:8E:40:D2:9A:01:D4:2A:5A:5D:56:08:DA:7F:94:9D:C0:B5:1A
Certificate issuer: /CN=795013346c8d8f23e0128d306997980237db2374
Certificate serial: AA79FD
Authority key identifier: 79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/o0OOQNKaAdQqWl1WCNp_lJ3AtRo.roa
Signing time: Sat 01 Jan 2022 04:58:38 +0000
ROA not before: Sat 01 Jan 2022 04:58:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2914
IP address blocks: 78.158.48.0/20 maxlen: 32
185.158.56.0/22 maxlen: 32
193.104.103.0/24 maxlen: 32
193.104.131.0/24 maxlen: 32
77.240.48.0/20 maxlen: 32
2a03:7600::/32 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11172349 (0xaa79fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=795013346c8d8f23e0128d306997980237db2374
Validity
Not Before: Jan 1 04:58:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3438e40d29a01d42a5a5d5608da7f949dc0b51a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8b:50:c8:f3:7c:ea:15:17:7f:76:39:05:78:
87:1e:cc:1e:96:e3:be:32:3f:b7:12:60:e9:e7:bb:
55:c0:13:f4:34:d2:a0:9f:6a:36:ac:53:a3:a6:81:
5d:bf:aa:ea:86:74:5d:9f:8e:5b:87:96:21:db:39:
cf:ab:37:9c:c2:b0:ca:14:40:37:e0:21:7f:8a:c7:
f5:2f:c7:0c:48:bf:02:ca:69:cf:36:4a:26:ae:d8:
cb:ba:e0:6e:c4:e6:0f:ce:f1:f2:be:40:76:26:d9:
43:d5:cc:b3:92:5f:1d:91:d4:2c:4c:52:7c:eb:ae:
92:dd:83:56:c6:81:4c:24:23:92:91:77:55:82:ae:
62:6a:bb:6a:a3:76:6c:25:c6:c8:7a:32:17:69:0e:
86:64:fe:39:7b:b7:75:3a:5a:c7:b5:b1:4d:bd:db:
df:c9:a7:83:63:f5:bf:b4:f1:da:bb:18:67:a0:a9:
cd:86:02:b2:22:09:62:b2:d7:74:1c:b2:10:9e:7a:
d5:74:d5:6a:db:5f:e4:ef:d3:78:44:d8:a4:10:55:
2c:47:a0:e7:f6:a2:c0:74:dc:35:d0:10:fc:9a:28:
91:85:d2:94:82:fc:59:35:b6:ab:88:ea:99:8e:ba:
22:1c:4e:59:9c:74:07:bf:1b:e3:1a:a8:56:69:7b:
4c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:43:8E:40:D2:9A:01:D4:2A:5A:5D:56:08:DA:7F:94:9D:C0:B5:1A
X509v3 Authority Key Identifier:
keyid:79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/o0OOQNKaAdQqWl1WCNp_lJ3AtRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/eVATNGyNjyPgEo0waZeYAjfbI3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.48.0/20
78.158.48.0/20
185.158.56.0/22
193.104.103.0/24
193.104.131.0/24
IPv6:
2a03:7600::/32
Signature Algorithm: sha256WithRSAEncryption
93:f3:53:93:91:98:c3:fc:ba:74:76:e3:49:f2:6c:4a:eb:d6:
ec:e6:c7:29:87:31:3f:18:1b:de:af:59:f6:7e:49:56:96:c5:
05:ec:5c:e7:a2:46:24:fa:72:b6:16:5f:29:f6:c9:f9:14:ea:
71:d1:7c:02:f4:c4:7e:f2:9d:15:0f:27:f9:4d:c7:82:63:c6:
f7:18:db:43:87:e9:5c:20:18:3a:b8:6e:a8:a8:a2:77:41:c8:
75:d9:34:ff:97:1a:b1:2e:07:97:18:c3:0b:c4:bc:33:f1:f4:
6f:f5:4b:e4:c9:5a:7b:66:29:37:30:75:a6:b1:a9:5b:c8:59:
b9:56:b2:be:6c:db:83:35:11:c6:14:c5:e7:94:b1:6d:a4:67:
a9:84:2a:f6:5f:25:68:66:eb:9f:d3:2a:db:6d:c4:82:bd:0f:
49:1f:e1:e6:a0:e8:42:49:76:67:94:3c:49:72:60:38:44:f5:
bd:aa:ce:14:20:eb:74:cb:04:6b:30:48:84:90:3d:f0:90:ba:
32:ca:2d:17:ee:d9:24:90:cc:1e:c6:b5:4e:fd:94:fc:fa:3b:
4a:57:88:50:8e:d3:c8:5d:d3:46:1d:f2:92:36:03:02:e1:8f:
94:b9:13:3f:e5:da:16:17:14:91:3f:1f:20:30:bf:7e:ce:18:
a4:84:f0:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEAKp5/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTUwMTMzNDZjOGQ4ZjIzZTAxMjhkMzA2OTk3OTgwMjM3ZGIyMzc0MB4XDTIyMDEw
MTA0NTgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM0MzhlNDBkMjlh
MDFkNDJhNWE1ZDU2MDhkYTdmOTQ5ZGMwYjUxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMuLUMjzfOoVF392OQV4hx7MHpbjvjI/txJg6ee7VcAT9DTS
oJ9qNqxTo6aBXb+q6oZ0XZ+OW4eWIds5z6s3nMKwyhRAN+Ahf4rH9S/HDEi/Aspp
zzZKJq7Yy7rgbsTmD87x8r5AdibZQ9XMs5JfHZHULExSfOuukt2DVsaBTCQjkpF3
VYKuYmq7aqN2bCXGyHoyF2kOhmT+OXu3dTpax7WxTb3b38mng2P1v7Tx2rsYZ6Cp
zYYCsiIJYrLXdByyEJ561XTVattf5O/TeETYpBBVLEeg5/aiwHTcNdAQ/JookYXS
lIL8WTW2q4jqmY66IhxOWZx0B78b4xqoVml7TIkCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSjQ45A0poB1CpaXVYI2n+UncC1GjAfBgNVHSMEGDAWgBR5UBM0bI2PI+AS
jTBpl5gCN9sjdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VWQVROR3lOanlQZ0VvMHdhWmVZQWpmYkkzUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvODJjMDFlLWI4Y2QtNDRhZC04YWE3LThlOThlYTZjYThlZS8x
L28wT09RTkthQWRRcVdsMVdDTnBfbEozQXRSby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ODJjMDFlLWI4Y2QtNDRhZC04YWE3LThlOThlYTZjYThlZS8xL2VWQVROR3lOanlQ
Z0VvMHdhWmVZQWpmYkkzUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBE3wMAMEBE6eMAMEArmeOAMEAMFo
ZwMEAMFogzANBAIAAjAHAwUAKgN2ADANBgkqhkiG9w0BAQsFAAOCAQEAk/NTk5GY
w/y6dHbjSfJsSuvW7ObHKYcxPxgb3q9Z9n5JVpbFBexc56JGJPpythZfKfbJ+RTq
cdF8AvTEfvKdFQ8n+U3HgmPG9xjbQ4fpXCAYOrhuqKiid0HIddk0/5casS4HlxjD
C8S8M/H0b/VL5Mlae2YpNzB1prGpW8hZuVayvmzbgzURxhTF55SxbaRnqYQq9l8l
aGbrn9Mq223Egr0PSR/h5qDoQkl2Z5Q8SXJgOET1varOFCDrdMsEazBIhJA98JC6
MsotF+7ZJJDMHsa1Tv2U/Po7SleIUI7TyF3TRh3ykjYDAuGPlLkTP+XaFhcUkT8f
IDC/fs4YpITwNg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:51 2023 by rpki-client on console-fra.rpki-client.org