Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CAA3i_PHno9OACPEAjWhoWDpLkU.roa
File: CAA3i_PHno9OACPEAjWhoWDpLkU.roa (raw, json)
Hash identifier: nIKHaQHehHnypVeq7yXuHfrM6Zg+j02cPstFTIV14e4=
Subject key identifier: 08:00:37:8B:F3:C7:9E:8F:4E:00:23:C4:02:35:A1:A1:60:E9:2E:45
Certificate issuer: /CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Certificate serial: 381BCC7A
Authority key identifier: 08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CAA3i_PHno9OACPEAjWhoWDpLkU.roa
Signing time: Sat 01 Jan 2022 01:03:14 +0000
ROA not before: Sat 01 Jan 2022 01:03:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28760
IP address blocks: 185.71.252.0/22 maxlen: 22
5.104.216.0/21 maxlen: 21
213.174.224.0/19 maxlen: 19
77.242.64.0/20 maxlen: 20
2a03:fa00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941345914 (0x381bcc7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Validity
Not Before: Jan 1 01:03:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0800378bf3c79e8f4e0023c40235a1a160e92e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d3:68:32:cf:1a:82:ef:1b:5f:94:7c:c2:18:
38:29:8e:3e:86:54:32:b4:81:dd:5c:3f:db:61:1c:
ba:45:e5:e3:5f:39:74:97:d0:34:66:4c:4f:30:77:
d5:b4:7e:29:6a:71:5f:36:44:e3:1b:6d:cb:76:45:
05:b5:e7:d4:3f:cd:e1:5e:50:67:a0:68:49:b0:c3:
be:43:5b:b3:e6:c3:4b:26:83:e6:af:f3:96:7c:e6:
4a:bc:18:f8:c6:f5:67:c3:77:ac:b6:9d:58:e4:ea:
e3:03:03:ef:b5:ac:b6:96:63:60:35:c2:aa:dd:3b:
61:7c:a3:ae:3d:cd:51:87:65:d0:da:6f:c3:2c:8e:
27:a9:47:b8:03:33:90:b4:49:ef:90:07:b3:24:8c:
74:e0:11:64:fb:2c:7b:e1:46:aa:9c:cb:f9:65:8f:
15:7c:ec:a5:0c:3e:a5:92:d7:50:8c:78:42:3f:b0:
bd:6d:91:94:66:27:5e:6b:29:3c:8e:7b:a3:7f:f0:
6e:40:c7:b6:d5:91:97:6f:cc:8d:90:49:23:31:9a:
4c:52:c9:1b:3a:74:ac:56:ab:0e:67:69:ec:b2:68:
33:f2:9c:cc:76:1a:03:a4:dd:4a:14:5e:b2:b9:cf:
df:0b:8b:30:18:85:dc:38:8a:92:2d:6f:04:d0:28:
37:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:00:37:8B:F3:C7:9E:8F:4E:00:23:C4:02:35:A1:A1:60:E9:2E:45
X509v3 Authority Key Identifier:
keyid:08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CAA3i_PHno9OACPEAjWhoWDpLkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.216.0/21
77.242.64.0/20
185.71.252.0/22
213.174.224.0/19
IPv6:
2a03:fa00::/32
Signature Algorithm: sha256WithRSAEncryption
15:7a:4e:bd:fb:3d:94:d9:8d:6b:2a:db:d4:56:b8:9e:ef:4b:
c3:5f:fe:56:5c:fb:4e:8d:db:8a:e5:be:c1:67:1c:25:11:f9:
a6:d2:40:93:2d:4f:53:8f:0d:84:b9:86:51:b9:42:99:c0:16:
29:9b:ea:87:62:62:85:0a:bb:65:d4:c5:0a:89:93:55:db:6a:
6b:9c:87:72:b9:d6:3c:61:a1:be:fb:f2:8c:d3:9c:28:b0:67:
11:c1:f3:dc:53:7d:33:0f:da:01:59:3d:6f:94:16:fd:f2:11:
7e:38:a6:5a:b0:aa:f8:82:ba:11:9f:61:dd:31:3e:84:ed:b7:
4a:d9:6a:1a:c5:5d:87:d9:f5:2b:aa:f8:92:de:20:e5:7b:31:
b6:2b:3c:cc:da:9d:fc:d8:35:d1:ce:0e:33:c7:8f:0e:86:fe:
b0:d7:d2:dc:c7:82:2e:6a:2d:fd:c9:66:e8:72:54:00:10:08:
c0:49:a9:42:58:39:65:06:3d:52:00:90:df:85:36:45:30:1a:
9a:77:c8:1c:91:d6:de:57:d5:74:d8:b6:8c:38:22:82:52:b9:
b7:f2:9c:83:41:5b:eb:e9:04:08:13:6b:61:cb:46:d6:a9:0c:
6f:4c:80:93:73:47:f3:91:99:72:f7:bd:7d:d5:2f:8c:bd:b1:
c5:cc:f2:23
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEOBvMejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OGE1YzNhYmE0MjFiNzhhN2Q1ZDA5Yjc1YjRjZTNiZTUyNzNjYWFjMB4XDTIyMDEw
MTAxMDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDgwMDM3OGJmM2M3
OWU4ZjRlMDAyM2M0MDIzNWExYTE2MGU5MmU0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7TaDLPGoLvG1+UfMIYOCmOPoZUMrSB3Vw/22EcukXl4185
dJfQNGZMTzB31bR+KWpxXzZE4xtty3ZFBbXn1D/N4V5QZ6BoSbDDvkNbs+bDSyaD
5q/zlnzmSrwY+Mb1Z8N3rLadWOTq4wMD77WstpZjYDXCqt07YXyjrj3NUYdl0Npv
wyyOJ6lHuAMzkLRJ75AHsySMdOARZPsse+FGqpzL+WWPFXzspQw+pZLXUIx4Qj+w
vW2RlGYnXmspPI57o3/wbkDHttWRl2/MjZBJIzGaTFLJGzp0rFarDmdp7LJoM/Kc
zHYaA6TdShResrnP3wuLMBiF3DiKki1vBNAoN0UCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQIADeL88eej04AI8QCNaGhYOkuRTAfBgNVHSMEGDAWgBQIpcOrpCG3in1d
CbdbTOO+UnPKrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NLWERxNlFodDRwOVhRbTNXMHpqdmxKenlxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvN2JkOGNmLTJhNjEtNGI3NC04NjBkLTM2NGZhZTdjNzJjNC8x
L0NBQTNpX1BIbm85T0FDUEVBaldob1dEcExrVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
N2JkOGNmLTJhNjEtNGI3NC04NjBkLTM2NGZhZTdjNzJjNC8xL0NLWERxNlFodDRw
OVhRbTNXMHpqdmxKenlxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAwVo2AMEBE3yQAMEArlH/AMEBdWu
4DANBAIAAjAHAwUAKgP6ADANBgkqhkiG9w0BAQsFAAOCAQEAFXpOvfs9lNmNayrb
1Fa4nu9Lw1/+Vlz7To3biuW+wWccJRH5ptJAky1PU48NhLmGUblCmcAWKZvqh2Ji
hQq7ZdTFComTVdtqa5yHcrnWPGGhvvvyjNOcKLBnEcHz3FN9Mw/aAVk9b5QW/fIR
fjimWrCq+IK6EZ9h3TE+hO23StlqGsVdh9n1K6r4kt4g5Xsxtis8zNqd/Ng10c4O
M8ePDob+sNfS3MeCLmot/clm6HJUABAIwEmpQlg5ZQY9UgCQ34U2RTAamnfIHJHW
3lfVdNi2jDgiglK5t/Kcg0Fb6+kECBNrYctG1qkMb0yAk3NH85GZcve9fdUvjL2x
xczyIw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:28 2023 by rpki-client on console-fra.rpki-client.org