Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/zATtSkACPQHD9OvAf8LZsRLfHGg.roa
File: zATtSkACPQHD9OvAf8LZsRLfHGg.roa (raw, json)
Hash identifier: u/Ff8XRllCyDD2QHB0DttmYk+gE9TkabepcTc9oW4ew=
Subject key identifier: CC:04:ED:4A:40:02:3D:01:C3:F4:EB:C0:7F:C2:D9:B1:12:DF:1C:68
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 0EAF23D8
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/zATtSkACPQHD9OvAf8LZsRLfHGg.roa
Signing time: Sat 01 Jan 2022 08:03:10 +0000
ROA not before: Sat 01 Jan 2022 08:03:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44933
IP address blocks: 77.70.164.0/22 maxlen: 22
193.220.188.0/24 maxlen: 24
193.220.191.0/24 maxlen: 24
193.220.192.0/20 maxlen: 24
2a02:6604:3::/48 maxlen: 48
2a02:6600:2003::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 246359000 (0xeaf23d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: Jan 1 08:03:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc04ed4a40023d01c3f4ebc07fc2d9b112df1c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ee:ea:9e:fa:57:5a:53:be:33:12:9f:c5:6c:
34:9c:9c:7d:ca:a3:1b:06:aa:2a:44:b9:8f:e7:66:
b4:77:da:94:7d:61:5e:16:34:4a:8d:2f:5b:fe:20:
6e:43:f7:a1:32:dd:e2:12:c7:b8:51:9b:5b:bc:28:
5e:5e:8c:f0:ff:7b:1c:48:83:6d:c8:b4:c3:f4:20:
1d:8b:4d:67:fa:be:d3:66:15:b9:e8:98:0b:55:c4:
dd:59:24:c8:11:bc:db:4a:ef:79:d2:1e:16:52:de:
85:42:e0:71:35:30:06:66:9a:fd:d4:26:9a:a9:73:
dd:af:a8:df:a3:14:0a:c4:4d:ba:89:39:66:3b:25:
a6:db:11:8a:dd:57:6c:f6:87:92:3b:b5:42:1c:92:
1b:ff:42:9c:c3:ff:d8:6b:6a:e8:fa:f4:89:b1:39:
d8:7d:3c:c3:e2:2f:f4:98:da:06:00:60:0f:3b:52:
45:ad:94:e0:e0:ef:8f:5a:e1:fc:fe:dd:34:97:e7:
d1:b9:45:2d:e6:11:56:1b:56:a6:be:c7:44:da:ab:
13:13:18:9f:87:24:46:03:f8:51:c9:ce:e7:6f:b1:
a9:4a:2f:28:c3:4a:e5:4e:3c:ec:b9:2a:65:17:bb:
73:77:8e:f5:3b:50:83:20:4f:13:1e:5c:3c:7f:f7:
0b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:04:ED:4A:40:02:3D:01:C3:F4:EB:C0:7F:C2:D9:B1:12:DF:1C:68
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/zATtSkACPQHD9OvAf8LZsRLfHGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.70.164.0/22
193.220.188.0/24
193.220.191.0-193.220.207.255
IPv6:
2a02:6600:2003::/48
2a02:6604:3::/48
Signature Algorithm: sha256WithRSAEncryption
a6:91:ff:92:aa:52:c2:81:18:c0:2b:e8:da:df:aa:d2:a4:43:
68:7e:bf:76:c1:f1:ca:6f:df:51:a9:40:93:40:0b:1c:02:ef:
97:14:83:18:27:ba:dc:50:aa:e9:6f:e5:f5:99:2d:3a:79:d6:
54:d0:a9:d1:eb:46:55:ec:8b:0c:99:ec:f4:4d:77:3c:62:1f:
30:f2:e8:fe:4c:46:8c:96:a3:a2:49:fa:9b:8f:8f:b0:35:06:
62:77:f4:14:6c:c7:a1:45:b0:89:8c:73:f9:be:09:04:8b:3b:
20:f7:2c:c0:e5:b2:1f:05:da:b7:86:00:7e:52:d7:1b:36:2b:
40:88:f8:bf:a7:b6:3c:f6:22:ce:7d:1a:93:3d:c3:fe:db:b0:
0e:70:0d:cc:0a:71:2c:72:f6:09:62:6e:9a:e6:4c:87:3e:d4:
76:03:c9:c5:3d:74:ae:8a:0a:5a:47:92:c2:8c:e9:17:03:89:
92:d2:a1:52:41:95:9e:67:c5:e1:f8:08:da:2e:4d:52:64:e6:
db:63:e5:a3:f5:0f:a2:49:15:6e:2c:84:8e:fb:9c:1a:bd:07:
57:a1:6a:b7:63:30:fa:51:ee:8b:18:ee:23:26:35:87:ad:22:
8c:c1:a0:8d:3f:49:ea:b5:4c:ae:3c:23:8c:40:97:eb:fc:e5:
b4:a7:f1:88
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEDq8j2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OTZhODJhNzI1ZWQyMmJiNDY4NDdhZTU2ODkxMjA3OGRlMjVjMTA4MB4XDTIyMDEw
MTA4MDMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2MwNGVkNGE0MDAy
M2QwMWMzZjRlYmMwN2ZjMmQ5YjExMmRmMWM2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTu6p76V1pTvjMSn8VsNJycfcqjGwaqKkS5j+dmtHfalH1h
XhY0So0vW/4gbkP3oTLd4hLHuFGbW7woXl6M8P97HEiDbci0w/QgHYtNZ/q+02YV
ueiYC1XE3VkkyBG820rvedIeFlLehULgcTUwBmaa/dQmmqlz3a+o36MUCsRNuok5
ZjslptsRit1XbPaHkju1QhySG/9CnMP/2Gtq6Pr0ibE52H08w+Iv9JjaBgBgDztS
Ra2U4ODvj1rh/P7dNJfn0blFLeYRVhtWpr7HRNqrExMYn4ckRgP4UcnO52+xqUov
KMNK5U487LkqZRe7c3eO9TtQgyBPEx5cPH/3C2UCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBTMBO1KQAI9AcP068B/wtmxEt8caDAfBgNVHSMEGDAWgBSJaoKnJe0iu0aE
euVokSB43iXBCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lXcUNweVh0SXJ0R2hIcmxhSkVnZU40bHdRZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvM2ZjOGRhLTM1MTUtNDM0ZC05ZjBlLTA0MDEyNzEwMjIwOS8x
L3pBVHRTa0FDUFFIRDlPdkFmOExac1JMZkhHZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
M2ZjOGRhLTM1MTUtNDM0ZC05ZjBlLTA0MDEyNzEwMjIwOS8xL2lXcUNweVh0SXJ0
R2hIcmxhSkVnZU40bHdRZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwIAQCAAEwGgMEAk1GpAMEAMHcvDAMAwQAwdy/AwQE
wdzAMBgEAgACMBIDBwAqAmYAIAMDBwAqAmYEAAMwDQYJKoZIhvcNAQELBQADggEB
AKaR/5KqUsKBGMAr6NrfqtKkQ2h+v3bB8cpv31GpQJNACxwC75cUgxgnutxQqulv
5fWZLTp51lTQqdHrRlXsiwyZ7PRNdzxiHzDy6P5MRoyWo6JJ+puPj7A1BmJ39BRs
x6FFsImMc/m+CQSLOyD3LMDlsh8F2reGAH5S1xs2K0CI+L+ntjz2Is59GpM9w/7b
sA5wDcwKcSxy9glibprmTIc+1HYDycU9dK6KClpHksKM6RcDiZLSoVJBlZ5nxeH4
CNouTVJk5ttj5aP1D6JJFW4shI77nBq9B1ehardjMPpR7osY7iMmNYetIozBoI0/
Seq1TK48I4xAl+v85bSn8Yg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:53 2024 by rpki-client on console-fra.rpki-client.org