Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/yOco0Oz5YVfHwoW8LJzMrEXPBR8.roa
File: yOco0Oz5YVfHwoW8LJzMrEXPBR8.roa (raw, json)
Hash identifier: OzI0zF50+y0LHDWnnYRO5vX/Lb3+JpGEusLe9ehB15c=
Subject key identifier: C8:E7:28:D0:EC:F9:61:57:C7:C2:85:BC:2C:9C:CC:AC:45:CF:05:1F
Certificate issuer: /CN=a3e6e823f6dda67d283a9f41a72909906ac9a837
Certificate serial: 100A2508
Authority key identifier: A3:E6:E8:23:F6:DD:A6:7D:28:3A:9F:41:A7:29:09:90:6A:C9:A8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-boI_bdpn0oOp9BpykJkGrJqDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/yOco0Oz5YVfHwoW8LJzMrEXPBR8.roa
Signing time: Sat 01 Jan 2022 14:04:16 +0000
ROA not before: Sat 01 Jan 2022 14:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44124
IP address blocks: 195.20.218.0/23 maxlen: 23
195.225.244.0/22 maxlen: 22
78.31.136.0/21 maxlen: 21
193.189.116.0/23 maxlen: 23
185.34.236.0/22 maxlen: 24
79.124.96.0/19 maxlen: 24
2a03:6600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 269100296 (0x100a2508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e6e823f6dda67d283a9f41a72909906ac9a837
Validity
Not Before: Jan 1 14:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8e728d0ecf96157c7c285bc2c9cccac45cf051f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:21:f1:24:d2:c1:55:2d:75:2f:d3:9c:fc:a8:
82:ef:88:58:05:c7:ef:be:68:32:a3:91:d4:55:3f:
e3:24:c0:cc:92:ac:98:e2:cc:dd:2a:49:7a:52:47:
3d:65:c0:b3:0c:19:d0:d4:1a:13:4a:38:86:35:c1:
13:22:5d:c2:00:26:04:45:18:8c:be:28:8f:3d:bc:
da:ac:4e:d4:de:e7:23:f4:21:f7:5d:8a:21:17:eb:
a1:dc:77:21:1e:ec:6f:4b:20:47:d2:ff:45:f1:7b:
9d:3e:66:1c:dd:75:5d:49:d8:3a:40:83:f8:cd:03:
8b:65:1d:e8:ba:ab:86:b5:1e:16:86:af:5a:aa:67:
79:46:76:82:f6:77:03:11:99:59:e9:be:a5:c9:fb:
ab:eb:dc:e2:1e:9b:42:44:b2:b7:4d:78:a5:db:01:
98:f1:0a:3a:f3:e8:86:3e:1e:66:ab:fa:01:57:bc:
5e:c3:63:41:3a:5b:52:22:77:ae:b0:4e:6b:ed:b8:
83:a9:4f:ef:93:c5:c8:6b:96:02:18:42:4a:7b:38:
0c:f4:ed:eb:52:58:9b:a0:ae:a1:78:54:6b:4a:44:
0f:70:7b:dc:f0:5a:44:9f:50:62:b1:32:9d:a2:f6:
f6:44:61:49:92:b1:15:36:24:ea:02:73:1f:d7:d7:
44:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E7:28:D0:EC:F9:61:57:C7:C2:85:BC:2C:9C:CC:AC:45:CF:05:1F
X509v3 Authority Key Identifier:
keyid:A3:E6:E8:23:F6:DD:A6:7D:28:3A:9F:41:A7:29:09:90:6A:C9:A8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-boI_bdpn0oOp9BpykJkGrJqDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/yOco0Oz5YVfHwoW8LJzMrEXPBR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/o-boI_bdpn0oOp9BpykJkGrJqDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.136.0/21
79.124.96.0/19
185.34.236.0/22
193.189.116.0/23
195.20.218.0/23
195.225.244.0/22
IPv6:
2a03:6600::/32
Signature Algorithm: sha256WithRSAEncryption
78:e8:66:a2:4d:b2:bf:45:b3:93:16:13:6c:34:be:e5:f9:0d:
71:a4:09:3c:d3:bb:9b:eb:02:8d:22:fe:cf:ea:e7:e3:07:3e:
24:59:e6:ce:9c:03:0e:90:b0:4a:73:79:56:0a:2c:9c:c3:4e:
35:88:fd:be:a2:d1:41:29:ac:1d:b3:32:c0:fc:34:52:56:0d:
d7:23:b2:4b:d1:61:3b:c5:de:92:23:a9:74:c3:18:a2:0f:15:
2d:66:35:3f:78:c2:71:0f:3b:82:70:0f:10:6b:e5:92:fe:d6:
60:22:8e:50:1f:5e:6e:a7:33:93:78:81:ed:02:0a:f8:eb:f7:
8f:52:8f:19:16:4c:49:58:70:3a:97:59:01:92:7f:fb:8d:75:
5b:a1:03:8d:04:4c:43:ef:2a:bc:14:d2:2d:de:80:e0:3f:70:
50:df:8a:e0:24:ca:6c:ed:4a:24:94:14:dc:33:18:38:be:7a:
6b:20:02:c5:89:82:8c:e9:40:28:0c:b3:df:f2:45:e6:de:95:
6b:78:d1:c1:13:df:65:56:03:a1:33:17:78:d2:75:ad:a3:fc:
e3:5c:58:37:29:74:49:27:cf:a4:1d:8e:a3:72:ec:4e:2c:85:
2b:9a:f1:13:d6:38:3c:f4:3d:91:12:5d:9d:ad:d0:83:b9:14:
6e:12:59:51
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEEAolCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
M2U2ZTgyM2Y2ZGRhNjdkMjgzYTlmNDFhNzI5MDk5MDZhYzlhODM3MB4XDTIyMDEw
MTE0MDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhlNzI4ZDBlY2Y5
NjE1N2M3YzI4NWJjMmM5Y2NjYWM0NWNmMDUxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUh8STSwVUtdS/TnPyogu+IWAXH775oMqOR1FU/4yTAzJKs
mOLM3SpJelJHPWXAswwZ0NQaE0o4hjXBEyJdwgAmBEUYjL4ojz282qxO1N7nI/Qh
912KIRfrodx3IR7sb0sgR9L/RfF7nT5mHN11XUnYOkCD+M0Di2Ud6LqrhrUeFoav
WqpneUZ2gvZ3AxGZWem+pcn7q+vc4h6bQkSyt014pdsBmPEKOvPohj4eZqv6AVe8
XsNjQTpbUiJ3rrBOa+24g6lP75PFyGuWAhhCSns4DPTt61JYm6CuoXhUa0pED3B7
3PBaRJ9QYrEynaL29kRhSZKxFTYk6gJzH9fXRJkCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTI5yjQ7PlhV8fChbwsnMysRc8FHzAfBgNVHSMEGDAWgBSj5ugj9t2mfSg6
n0GnKQmQasmoNzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28tYm9JX2JkcG4wb09wOUJweWtKa0dySnFEYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvMThhMWJjLTk2N2MtNDkzMS04NWI1LTAwZjAwYWYxYzhkNy8x
L3lPY28wT3o1WVZmSHdvVzhMSnpNckVYUEJSOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
MThhMWJjLTk2N2MtNDkzMS04NWI1LTAwZjAwYWYxYzhkNy8xL28tYm9JX2JkcG4w
b09wOUJweWtKa0dySnFEYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEA04fiAMEBU98YAMEArki7AMEAcG9
dAMEAcMU2gMEAsPh9DANBAIAAjAHAwUAKgNmADANBgkqhkiG9w0BAQsFAAOCAQEA
eOhmok2yv0WzkxYTbDS+5fkNcaQJPNO7m+sCjSL+z+rn4wc+JFnmzpwDDpCwSnN5
VgosnMNONYj9vqLRQSmsHbMywPw0UlYN1yOyS9FhO8XekiOpdMMYog8VLWY1P3jC
cQ87gnAPEGvlkv7WYCKOUB9ebqczk3iB7QIK+Ov3j1KPGRZMSVhwOpdZAZJ/+411
W6EDjQRMQ+8qvBTSLd6A4D9wUN+K4CTKbO1KJJQU3DMYOL56ayACxYmCjOlAKAyz
3/JF5t6Va3jRwRPfZVYDoTMXeNJ1raP841xYNyl0SSfPpB2Oo3LsTiyFK5rxE9Y4
PPQ9kRJdna3Qg7kUbhJZUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:07 2024 by rpki-client on console-ams.rpki-client.org