Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/oDzHQblwYdB_x4CMzyG-baWp3pE.roa
File: oDzHQblwYdB_x4CMzyG-baWp3pE.roa (raw, json)
Hash identifier: HwlYcuyrLwGvgOWCDLRxM8Euk6VPB2OZnY/fjcixgZo=
Subject key identifier: A0:3C:C7:41:B9:70:61:D0:7F:C7:80:8C:CF:21:BE:6D:A5:A9:DE:91
Certificate issuer: /CN=33b9f91816dd4d8226a41e3b4c3b09c7bdcc64a9
Certificate serial: 09DBE485
Authority key identifier: 33:B9:F9:18:16:DD:4D:82:26:A4:1E:3B:4C:3B:09:C7:BD:CC:64:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7n5GBbdTYImpB47TDsJx73MZKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/oDzHQblwYdB_x4CMzyG-baWp3pE.roa
Signing time: Sat 29 Jan 2022 08:32:13 +0000
ROA not before: Sat 29 Jan 2022 08:32:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39257
IP address blocks: 91.212.106.0/24 maxlen: 24
78.31.200.0/22 maxlen: 22
185.26.200.0/22 maxlen: 22
87.238.184.0/21 maxlen: 21
91.214.127.0/24 maxlen: 24
2a02:8c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165405829 (0x9dbe485)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b9f91816dd4d8226a41e3b4c3b09c7bdcc64a9
Validity
Not Before: Jan 29 08:32:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a03cc741b97061d07fc7808ccf21be6da5a9de91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:84:5e:ec:b9:ec:ee:71:30:e4:51:ba:4d:55:
24:07:fb:50:0f:31:38:37:07:0a:b4:8b:57:90:8f:
40:c9:29:39:c0:1f:9d:33:a1:c3:fb:4d:f5:53:1e:
7f:a3:d9:2f:78:89:a5:a1:aa:0b:df:5a:2b:f0:9b:
d9:11:17:26:07:04:d1:41:31:71:e1:a7:28:12:07:
62:05:7d:8c:46:f3:62:67:d4:ac:67:78:8e:3d:d0:
93:c8:e5:60:bb:e2:75:88:0c:fc:50:b1:a6:b4:62:
1b:1c:8c:29:f1:98:27:2c:16:05:c6:13:06:8f:97:
57:f8:41:b1:06:ec:db:a7:87:0a:f2:ad:89:4d:5a:
7a:0f:e1:de:54:0a:4c:f4:cf:19:79:f0:45:ad:1c:
0d:d5:8a:f8:c4:58:24:05:d3:f4:71:21:5e:e4:6b:
ea:e8:b8:93:68:19:a7:70:1f:68:a7:36:a5:db:0a:
56:e2:8b:99:3b:fa:44:17:53:40:c0:2c:a8:e2:45:
b6:07:2d:d5:c5:ee:57:e3:1d:46:89:e5:3b:87:c6:
e1:48:6b:70:ed:97:e7:eb:4c:72:d7:14:7b:c4:bd:
36:e7:b3:b9:6e:49:39:2a:d8:86:3f:a4:d9:bc:c2:
17:c3:6b:b8:80:b5:07:0f:89:bb:e7:73:34:6a:2d:
ac:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3C:C7:41:B9:70:61:D0:7F:C7:80:8C:CF:21:BE:6D:A5:A9:DE:91
X509v3 Authority Key Identifier:
keyid:33:B9:F9:18:16:DD:4D:82:26:A4:1E:3B:4C:3B:09:C7:BD:CC:64:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7n5GBbdTYImpB47TDsJx73MZKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/oDzHQblwYdB_x4CMzyG-baWp3pE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/M7n5GBbdTYImpB47TDsJx73MZKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.200.0/22
87.238.184.0/21
91.212.106.0/24
91.214.127.0/24
185.26.200.0/22
IPv6:
2a02:8c0::/32
Signature Algorithm: sha256WithRSAEncryption
2b:03:44:db:bd:8b:e3:b2:69:b2:bf:15:8e:81:ee:33:47:0a:
3b:d3:4d:dc:2f:a8:03:3a:f3:b3:7f:f2:37:c3:a4:24:e3:9c:
0a:f3:91:40:e8:e3:84:74:df:56:85:b7:e4:db:6e:91:72:a6:
a6:0e:70:23:9f:2c:03:0a:91:f0:12:f5:90:61:26:26:19:33:
6c:59:b8:6b:ac:9f:7c:db:f3:0b:8a:ef:73:67:d1:3c:b3:f4:
8b:4c:ec:8f:1c:38:22:29:11:cf:13:0d:1c:39:44:09:df:21:
e0:bb:19:77:2e:22:e7:e9:0f:39:6e:c8:9f:bf:f8:4e:ef:a9:
d4:c2:32:bc:e8:cd:79:0a:d8:1f:0b:71:ff:e4:cc:a6:4b:1a:
e0:ae:90:66:69:e8:87:e1:96:6c:9c:ce:ca:b1:e4:fe:f6:f1:
4c:ae:a0:de:8d:7e:0b:89:fd:c6:2c:10:99:cc:05:a6:99:3e:
ca:0c:9a:6c:85:5a:28:49:1b:ba:f8:90:52:79:03:1d:03:a5:
26:bb:92:9a:60:90:c4:a7:33:be:52:10:ee:06:37:c9:67:c4:
16:eb:da:1c:d8:8e:bf:31:62:04:3c:b0:1c:29:02:e2:6a:0f:
76:1a:b2:e2:33:84:a9:a8:0b:67:4a:a8:b9:58:af:35:53:09:
80:fa:19:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECdvkhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2I5ZjkxODE2ZGQ0ZDgyMjZhNDFlM2I0YzNiMDljN2JkY2M2NGE5MB4XDTIyMDEy
OTA4MzIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTAzY2M3NDFiOTcw
NjFkMDdmYzc4MDhjY2YyMWJlNmRhNWE5ZGU5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqEXuy57O5xMORRuk1VJAf7UA8xODcHCrSLV5CPQMkpOcAf
nTOhw/tN9VMef6PZL3iJpaGqC99aK/Cb2REXJgcE0UExceGnKBIHYgV9jEbzYmfU
rGd4jj3Qk8jlYLvidYgM/FCxprRiGxyMKfGYJywWBcYTBo+XV/hBsQbs26eHCvKt
iU1aeg/h3lQKTPTPGXnwRa0cDdWK+MRYJAXT9HEhXuRr6ui4k2gZp3AfaKc2pdsK
VuKLmTv6RBdTQMAsqOJFtgct1cXuV+MdRonlO4fG4UhrcO2X5+tMctcUe8S9Nuez
uW5JOSrYhj+k2bzCF8NruIC1Bw+Ju+dzNGotrCECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSgPMdBuXBh0H/HgIzPIb5tpanekTAfBgNVHSMEGDAWgBQzufkYFt1Ngiak
HjtMOwnHvcxkqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L003bjVHQmJkVFlJbXBCNDdURHNKeDczTVpLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvODEzMmYwLTcwMmUtNDA0NC1iNmQ2LWNhOGNmNmFjZmFlYi8x
L29EekhRYmx3WWRCX3g0Q016eUctYmFXcDNwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
ODEzMmYwLTcwMmUtNDA0NC1iNmQ2LWNhOGNmNmFjZmFlYi8xL003bjVHQmJkVFlJ
bXBCNDdURHNKeDczTVpLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAk4fyAMEA1fuuAMEAFvUagMEAFvW
fwMEArkayDANBAIAAjAHAwUAKgIIwDANBgkqhkiG9w0BAQsFAAOCAQEAKwNE272L
47Jpsr8VjoHuM0cKO9NN3C+oAzrzs3/yN8OkJOOcCvORQOjjhHTfVoW35NtukXKm
pg5wI58sAwqR8BL1kGEmJhkzbFm4a6yffNvzC4rvc2fRPLP0i0zsjxw4IikRzxMN
HDlECd8h4LsZdy4i5+kPOW7In7/4Tu+p1MIyvOjNeQrYHwtx/+TMpksa4K6QZmno
h+GWbJzOyrHk/vbxTK6g3o1+C4n9xiwQmcwFppk+ygyabIVaKEkbuviQUnkDHQOl
JruSmmCQxKczvlIQ7gY3yWfEFuvaHNiOvzFiBDywHCkC4moPdhqy4jOEqagLZ0qo
uVivNVMJgPoZXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:38 2024 by rpki-client on console-fra.rpki-client.org