Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/OvBgKDK79DENp5Gx9mY1jrbhwN8.roa
File: OvBgKDK79DENp5Gx9mY1jrbhwN8.roa (raw, json)
Hash identifier: OwOe1Be6qL9YQI3vRbtwFzC6t6PVbN2H8t9ufZUGdn8=
Subject key identifier: 3A:F0:60:28:32:BB:F4:31:0D:A7:91:B1:F6:66:35:8E:B6:E1:C0:DF
Certificate issuer: /CN=ebbc0d60bd3a90bd5e31509deadf447076b078d8
Certificate serial: 1B82C784
Authority key identifier: EB:BC:0D:60:BD:3A:90:BD:5E:31:50:9D:EA:DF:44:70:76:B0:78:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/OvBgKDK79DENp5Gx9mY1jrbhwN8.roa
Signing time: Sat 01 Jan 2022 15:02:28 +0000
ROA not before: Sat 01 Jan 2022 15:02:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42459
IP address blocks: 212.45.67.0/24 maxlen: 24
212.45.65.0/24 maxlen: 24
212.45.72.0/21 maxlen: 24
79.134.48.0/20 maxlen: 32
79.134.56.0/21 maxlen: 24
193.32.4.0/23 maxlen: 23
193.32.0.0/23 maxlen: 23
212.45.64.0/20 maxlen: 32
212.45.64.0/21 maxlen: 24
2a02:2660::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 461555588 (0x1b82c784)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebbc0d60bd3a90bd5e31509deadf447076b078d8
Validity
Not Before: Jan 1 15:02:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3af0602832bbf4310da791b1f666358eb6e1c0df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:af:96:42:59:e2:14:85:e7:c2:85:c4:b7:
c4:77:1d:16:49:14:57:1b:1a:6c:2c:70:3a:6a:80:
f9:2e:44:fe:37:0f:2b:d9:e1:df:13:23:06:cb:6f:
83:08:a3:d5:98:af:51:cd:0b:39:25:49:5f:63:64:
ff:cc:6a:8b:6e:ce:ee:7d:73:4a:8d:eb:98:be:39:
50:89:3b:d1:6b:0b:23:e5:20:d1:5e:1c:69:76:c1:
46:2b:0c:b7:22:80:7a:7c:f8:5a:64:b5:3c:f9:b7:
eb:0b:ac:96:06:f8:9f:0c:2e:a2:2a:70:00:75:f7:
82:52:45:03:4f:6b:72:a2:dc:a3:34:17:5d:1c:49:
2b:d0:52:5d:5e:b5:2a:f5:89:0c:8d:bf:46:60:ec:
57:53:5e:9f:54:34:4c:0a:db:e8:a9:40:bf:96:28:
45:c1:65:70:a6:f1:6c:66:21:2a:b6:d5:b3:b8:cc:
dc:f7:bd:c8:93:51:75:94:38:75:12:8b:67:ed:cc:
58:d6:39:5b:02:99:1d:23:2d:45:85:d7:58:ce:53:
d7:1e:04:a1:08:7c:9c:8d:92:cf:6d:03:50:99:9c:
65:0c:23:c4:de:76:7e:df:3c:e6:21:e1:dc:ad:a2:
d4:aa:c7:43:0b:bb:72:cd:09:31:22:82:eb:e3:9d:
4b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F0:60:28:32:BB:F4:31:0D:A7:91:B1:F6:66:35:8E:B6:E1:C0:DF
X509v3 Authority Key Identifier:
keyid:EB:BC:0D:60:BD:3A:90:BD:5E:31:50:9D:EA:DF:44:70:76:B0:78:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/OvBgKDK79DENp5Gx9mY1jrbhwN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/67wNYL06kL1eMVCd6t9EcHaweNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.134.48.0/20
193.32.0.0/23
193.32.4.0/23
212.45.64.0/20
IPv6:
2a02:2660::/32
Signature Algorithm: sha256WithRSAEncryption
a2:a5:ad:03:25:b5:f0:b9:ad:74:27:71:9f:b2:f5:8d:4b:ae:
13:a4:47:55:9a:8f:54:95:22:93:33:7c:94:9e:3a:8f:a9:06:
8d:a5:24:f9:36:35:25:a0:c8:be:10:12:4e:e5:36:b4:57:36:
60:30:12:e6:c9:34:92:a9:be:ef:67:33:19:6a:5e:9e:ed:8d:
97:33:7a:e1:7b:9d:5c:4d:6f:34:71:3e:61:b0:e8:08:80:ac:
2d:fe:ec:a0:57:a1:be:e3:29:1c:07:00:ef:c7:0a:82:24:73:
a1:1b:6f:5e:0d:b4:de:8e:28:f3:49:4c:85:b3:47:73:cd:12:
99:e8:50:35:88:1e:de:cf:69:83:26:23:c2:84:4e:e6:1c:10:
2f:8d:12:19:57:88:bd:09:f1:a1:97:f6:7e:61:a7:95:4e:23:
22:e1:66:5e:c3:8b:ca:37:9f:07:8f:fc:73:a4:af:b3:9f:2f:
e8:4e:f0:9b:ec:7a:73:35:05:57:07:d8:83:8d:28:76:14:c0:
a9:f3:bb:cb:57:70:f5:a4:e7:52:b6:00:ce:47:a3:e2:64:3b:
57:fe:ae:f5:b3:5d:ce:a2:2d:27:c6:db:2c:ea:ae:b1:2f:00:
f5:c7:0c:2d:bb:b3:7c:86:81:26:ab:c1:31:e8:72:14:81:ad:
fc:46:6e:99
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEG4LHhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmJjMGQ2MGJkM2E5MGJkNWUzMTUwOWRlYWRmNDQ3MDc2YjA3OGQ4MB4XDTIyMDEw
MTE1MDIyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FmMDYwMjgzMmJi
ZjQzMTBkYTc5MWIxZjY2NjM1OGViNmUxYzBkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoHr5ZCWeIUhefChcS3xHcdFkkUVxsabCxwOmqA+S5E/jcP
K9nh3xMjBstvgwij1ZivUc0LOSVJX2Nk/8xqi27O7n1zSo3rmL45UIk70WsLI+Ug
0V4caXbBRisMtyKAenz4WmS1PPm36wuslgb4nwwuoipwAHX3glJFA09rcqLcozQX
XRxJK9BSXV61KvWJDI2/RmDsV1Nen1Q0TArb6KlAv5YoRcFlcKbxbGYhKrbVs7jM
3Pe9yJNRdZQ4dRKLZ+3MWNY5WwKZHSMtRYXXWM5T1x4EoQh8nI2Sz20DUJmcZQwj
xN52ft885iHh3K2i1KrHQwu7cs0JMSKC6+OdS9MCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQ68GAoMrv0MQ2nkbH2ZjWOtuHA3zAfBgNVHSMEGDAWgBTrvA1gvTqQvV4x
UJ3q30RwdrB42DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzY3d05ZTDA2a0wxZU1WQ2Q2dDlFY0hhd2VOZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvMDgwYWY2LThkYzQtNDhlNi05YzYzLWE2Yjk1OTkxY2QyYy8x
L092QmdLREs3OURFTnA1R3g5bVkxanJiaHdOOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
MDgwYWY2LThkYzQtNDhlNi05YzYzLWE2Yjk1OTkxY2QyYy8xLzY3d05ZTDA2a0wx
ZU1WQ2Q2dDlFY0hhd2VOZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBE+GMAMEAcEgAAMEAcEgBAMEBNQt
QDANBAIAAjAHAwUAKgImYDANBgkqhkiG9w0BAQsFAAOCAQEAoqWtAyW18LmtdCdx
n7L1jUuuE6RHVZqPVJUikzN8lJ46j6kGjaUk+TY1JaDIvhASTuU2tFc2YDAS5sk0
kqm+72czGWpenu2NlzN64XudXE1vNHE+YbDoCICsLf7soFehvuMpHAcA78cKgiRz
oRtvXg203o4o80lMhbNHc80SmehQNYge3s9pgyYjwoRO5hwQL40SGVeIvQnxoZf2
fmGnlU4jIuFmXsOLyjefB4/8c6Svs58v6E7wm+x6czUFVwfYg40odhTAqfO7y1dw
9aTnUrYAzkej4mQ7V/6u9bNdzqItJ8bbLOqusS8A9ccMLbuzfIaBJqvBMehyFIGt
/EZumQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:46 2023 by rpki-client on console-ams.rpki-client.org