Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/3Pzc8QyXmPisZrukiOTXnjxVhA0.roa
File: 3Pzc8QyXmPisZrukiOTXnjxVhA0.roa (raw, json)
Hash identifier: ynJLI/mzCW1ftTIbKvKSo9VhtAtqPOOMDasoPll1too=
Subject key identifier: DC:FC:DC:F1:0C:97:98:F8:AC:66:BB:A4:88:E4:D7:9E:3C:55:84:0D
Certificate issuer: /CN=fc0487a04f5aa442be519a17cb2bb22d783df23b
Certificate serial: 027A59B5
Authority key identifier: FC:04:87:A0:4F:5A:A4:42:BE:51:9A:17:CB:2B:B2:2D:78:3D:F2:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ASHoE9apEK-UZoXyyuyLXg98js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/3Pzc8QyXmPisZrukiOTXnjxVhA0.roa
Signing time: Sat 01 Jan 2022 08:58:12 +0000
ROA not before: Sat 01 Jan 2022 08:58:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44764
IP address blocks: 78.41.120.0/21 maxlen: 21
46.29.216.0/21 maxlen: 21
92.42.64.0/21 maxlen: 21
185.46.132.0/22 maxlen: 22
2a00:1400::/32 maxlen: 32
2a00:13e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41572789 (0x27a59b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc0487a04f5aa442be519a17cb2bb22d783df23b
Validity
Not Before: Jan 1 08:58:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcfcdcf10c9798f8ac66bba488e4d79e3c55840d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:35:95:6d:7b:34:5f:95:a2:5f:f2:83:9a:e8:
5c:52:79:4f:1a:c2:11:87:84:75:82:51:9d:57:0e:
98:1d:d2:98:0c:dd:7a:a0:db:12:da:e8:e9:04:21:
ac:19:93:dd:fb:b9:5d:c9:36:41:58:63:1f:9c:85:
72:68:33:e5:f6:99:c1:b5:a8:a1:6e:1e:73:75:0a:
57:60:d2:de:e1:f9:ef:fe:b7:c2:8b:85:b4:de:ab:
3c:62:48:88:83:db:2c:8e:72:1b:b0:6c:d1:b7:2a:
47:a1:32:14:14:78:75:d3:bf:f2:64:5a:60:8b:ce:
41:25:4f:72:13:5b:61:08:34:93:c7:28:c3:60:e6:
47:59:47:5f:4e:66:b1:54:07:78:1f:a3:fc:2b:ea:
89:69:9b:8e:cb:8c:68:a6:2d:28:6b:d4:c2:f4:4f:
17:a3:0b:f7:ff:96:74:28:3e:d4:c6:ea:4d:aa:13:
17:c9:8d:93:55:3b:f9:a7:40:9d:8f:32:2d:61:fc:
5b:e9:d0:b2:37:a7:f4:f6:a8:cb:d7:c7:b2:dd:f7:
be:72:3c:cf:96:8a:8b:ee:2a:a6:8f:e0:ac:b4:81:
6f:92:dc:7f:c7:63:67:92:e6:14:6f:0a:fd:ab:f9:
59:bd:df:d8:8c:4b:ad:36:99:53:b1:e3:9f:1b:c7:
90:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FC:DC:F1:0C:97:98:F8:AC:66:BB:A4:88:E4:D7:9E:3C:55:84:0D
X509v3 Authority Key Identifier:
keyid:FC:04:87:A0:4F:5A:A4:42:BE:51:9A:17:CB:2B:B2:2D:78:3D:F2:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ASHoE9apEK-UZoXyyuyLXg98js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/3Pzc8QyXmPisZrukiOTXnjxVhA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/_ASHoE9apEK-UZoXyyuyLXg98js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.216.0/21
78.41.120.0/21
92.42.64.0/21
185.46.132.0/22
IPv6:
2a00:13e0::/32
2a00:1400::/32
Signature Algorithm: sha256WithRSAEncryption
6b:89:74:fc:df:10:60:4a:d9:07:9e:75:85:1f:50:2f:cd:46:
60:32:50:c8:7c:a4:44:5e:61:85:bf:f2:0b:89:e6:78:1e:0b:
fe:98:75:c3:e9:2c:0f:f4:3a:f3:53:a3:4e:d8:0d:c5:d1:cb:
e5:b2:e7:3b:34:9d:7d:9c:77:65:bd:88:12:6e:5b:b1:4a:4b:
ab:d0:ec:f3:84:d8:ba:60:b5:ec:68:73:7f:cb:93:93:2c:0b:
a3:a8:72:5d:61:3f:2a:b1:fd:57:31:05:0e:eb:0b:22:64:bb:
27:79:f0:1f:4f:52:e4:9f:cc:ab:58:cb:cb:8b:7c:13:02:c1:
dc:72:49:0f:7d:fa:89:f8:65:a7:da:6f:ae:de:21:22:ee:4e:
5f:79:b5:f3:16:04:63:52:a1:e6:29:8f:b5:50:21:bf:b8:38:
2e:0b:4d:0e:0f:5c:e3:53:df:53:0d:ba:a5:2d:b5:6b:d1:1c:
95:de:13:e8:33:4a:17:ea:0e:de:64:cb:3b:61:a5:f0:ad:e8:
16:40:1e:80:78:89:ae:15:e6:cb:ca:3e:36:6f:7e:b3:e8:4b:
3b:d4:b2:07:c3:4a:3f:36:b2:b6:58:ad:27:8a:f1:35:c3:d3:
20:34:0f:46:72:fd:7d:39:e2:22:44:b5:16:83:8d:d9:42:62:
56:7a:00:3d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEAnpZtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzA0ODdhMDRmNWFhNDQyYmU1MTlhMTdjYjJiYjIyZDc4M2RmMjNiMB4XDTIyMDEw
MTA4NTgxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNmY2RjZjEwYzk3
OThmOGFjNjZiYmE0ODhlNGQ3OWUzYzU1ODQwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO81lW17NF+Vol/yg5roXFJ5TxrCEYeEdYJRnVcOmB3SmAzd
eqDbEtro6QQhrBmT3fu5Xck2QVhjH5yFcmgz5faZwbWooW4ec3UKV2DS3uH57/63
wouFtN6rPGJIiIPbLI5yG7Bs0bcqR6EyFBR4ddO/8mRaYIvOQSVPchNbYQg0k8co
w2DmR1lHX05msVQHeB+j/CvqiWmbjsuMaKYtKGvUwvRPF6ML9/+WdCg+1MbqTaoT
F8mNk1U7+adAnY8yLWH8W+nQsjen9Paoy9fHst33vnI8z5aKi+4qpo/grLSBb5Lc
f8djZ5LmFG8K/av5Wb3f2IxLrTaZU7HjnxvHkPECAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBTc/NzxDJeY+Kxmu6SI5NeePFWEDTAfBgNVHSMEGDAWgBT8BIegT1qkQr5R
mhfLK7IteD3yOzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19BU0hvRTlhcEVLLVVab1h5eXV5TFhnOThqcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvNzgxYTYxLTdkMDMtNGE4ZS05MGJhLTFiM2EzNmUxYWNhOC8x
LzNQemM4UXlYbVBpc1pydWtpT1RYbmp4VmhBMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
NzgxYTYxLTdkMDMtNGE4ZS05MGJhLTFiM2EzNmUxYWNhOC8xL19BU0hvRTlhcEVL
LVVab1h5eXV5TFhnOThqcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEAy4d2AMEA04peAMEA1wqQAMEArku
hDAUBAIAAjAOAwUAKgAT4AMFACoAFAAwDQYJKoZIhvcNAQELBQADggEBAGuJdPzf
EGBK2QeedYUfUC/NRmAyUMh8pEReYYW/8guJ5ngeC/6YdcPpLA/0OvNTo07YDcXR
y+Wy5zs0nX2cd2W9iBJuW7FKS6vQ7POE2Lpgtexoc3/Lk5MsC6Oocl1hPyqx/Vcx
BQ7rCyJkuyd58B9PUuSfzKtYy8uLfBMCwdxySQ99+on4Zafab67eISLuTl95tfMW
BGNSoeYpj7VQIb+4OC4LTQ4PXONT31MNuqUttWvRHJXeE+gzShfqDt5kyzthpfCt
6BZAHoB4ia4V5svKPjZvfrPoSzvUsgfDSj82srZYrSeK8TXD0yA0D0Zy/X054iJE
tRaDjdlCYlZ6AD0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:58 2025 by rpki-client