Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Og2vU967Ht1HT1j2OBhnKlgUSAQ.roa
File: Og2vU967Ht1HT1j2OBhnKlgUSAQ.roa (raw, json)
Hash identifier: 1puVoyVk7dmONT+3t/7JH9dr3Z7dEKv+FUDliQoI5LQ=
Subject key identifier: 3A:0D:AF:53:DE:BB:1E:DD:47:4F:58:F6:38:18:67:2A:58:14:48:04
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 08B8FA87
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Og2vU967Ht1HT1j2OBhnKlgUSAQ.roa
Signing time: Wed 05 Jan 2022 01:15:03 +0000
ROA not before: Wed 05 Jan 2022 01:15:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46562
IP address blocks: 92.249.29.0/24 maxlen: 24
92.249.31.0/24 maxlen: 24
185.205.205.0/24 maxlen: 24
185.253.122.0/24 maxlen: 24
31.132.52.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
94.154.182.0/24 maxlen: 24
217.197.169.0/24 maxlen: 24
2a0c:3ac0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146340487 (0x8b8fa87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 5 01:15:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a0daf53debb1edd474f58f63818672a58144804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:84:e8:35:ea:dc:b4:e2:1d:50:93:0e:b4:f3:
04:b0:1c:04:87:be:78:bc:c9:fb:43:20:03:24:20:
e9:b6:b6:f8:f8:a3:e9:3f:cc:b7:8c:c3:95:26:41:
a5:71:23:57:d2:89:f4:9e:95:19:c5:bf:6e:68:9f:
2f:bd:4c:86:9f:76:7e:cb:f4:22:e2:4c:c6:b1:f5:
03:93:d4:ce:d7:9d:ef:0d:27:a2:3f:9e:64:ae:36:
c9:66:42:ed:bb:ce:6d:63:23:3a:9e:9d:6c:96:53:
37:8d:78:c7:06:a0:1b:06:57:dc:03:00:55:85:5c:
28:96:08:54:84:f0:d7:1c:38:32:b4:ac:52:9b:e7:
19:a6:cb:b4:da:62:92:0f:ec:31:5a:ce:b5:3a:53:
5c:a2:e4:68:72:69:dd:1f:90:ff:69:f6:f8:79:16:
c1:91:72:4b:33:ca:b7:ed:43:64:a9:d0:98:7f:d9:
7c:7f:20:19:74:0a:11:6c:7e:94:59:65:bc:f7:5c:
c0:ea:f6:bf:e5:fc:ff:7b:cb:58:21:ed:ab:d5:24:
d2:46:72:9e:cc:28:c8:a9:8e:65:72:60:ee:03:34:
a8:0d:9e:20:aa:05:9b:42:15:f6:1c:ea:24:f8:00:
35:94:67:01:0b:ad:80:7b:c8:c3:0b:8d:a9:c5:dc:
d3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0D:AF:53:DE:BB:1E:DD:47:4F:58:F6:38:18:67:2A:58:14:48:04
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Og2vU967Ht1HT1j2OBhnKlgUSAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.52.0/24
92.249.29.0/24
92.249.31.0/24
94.154.182.0/24
104.232.36.0/24
185.205.205.0/24
185.253.122.0/24
217.197.169.0/24
IPv6:
2a0c:3ac0::/48
Signature Algorithm: sha256WithRSAEncryption
25:11:a9:e8:87:57:32:2b:37:27:00:44:b5:d7:b2:de:cd:cb:
9a:a7:8d:ce:20:cf:b6:2b:70:3b:da:1f:f2:8a:bb:5d:d2:d9:
c0:27:c5:1a:e4:ca:f0:8a:63:f1:4e:ed:a5:64:67:e2:d4:c7:
b8:36:06:68:9b:74:57:ff:d1:86:f1:7c:e9:73:db:45:83:17:
43:46:a5:19:56:6e:d2:3e:b5:d2:7b:6e:c9:dc:1b:a2:29:9f:
6a:b5:9f:54:26:91:71:9d:2e:b5:7c:53:ea:88:33:5b:9d:c5:
a1:69:4b:6a:cf:5e:b5:71:5d:d0:10:c2:e2:a2:34:f9:84:7d:
f9:40:59:71:f2:14:d5:f6:bf:ee:37:9b:1c:8d:38:03:b6:f3:
2d:41:94:7a:de:1e:68:5e:98:b1:60:50:4c:3f:24:18:ad:aa:
53:c5:be:c2:4a:50:61:fb:d8:3f:e8:a5:f8:64:a8:f3:c0:93:
bc:dd:c3:11:df:8d:74:42:ab:7c:55:ee:0d:ae:71:cf:cf:aa:
df:7a:dd:7a:b4:3d:b0:70:58:0c:f4:02:9b:a1:84:6b:52:72:
d8:cb:38:95:f7:0c:5c:90:0e:3a:5b:cf:9f:51:5e:85:2d:e2:
55:29:52:b8:e5:5a:ab:f4:fe:d9:4d:2d:0e:a9:6f:bd:dd:d3:
33:17:ff:ff
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIECLj6hzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDEw
NTAxMTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2EwZGFmNTNkZWJi
MWVkZDQ3NGY1OGY2MzgxODY3MmE1ODE0NDgwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2E6DXq3LTiHVCTDrTzBLAcBIe+eLzJ+0MgAyQg6ba2+Pij
6T/Mt4zDlSZBpXEjV9KJ9J6VGcW/bmifL71Mhp92fsv0IuJMxrH1A5PUzted7w0n
oj+eZK42yWZC7bvObWMjOp6dbJZTN414xwagGwZX3AMAVYVcKJYIVITw1xw4MrSs
UpvnGabLtNpikg/sMVrOtTpTXKLkaHJp3R+Q/2n2+HkWwZFySzPKt+1DZKnQmH/Z
fH8gGXQKEWx+lFllvPdcwOr2v+X8/3vLWCHtq9Uk0kZynswoyKmOZXJg7gM0qA2e
IKoFm0IV9hzqJPgANZRnAQutgHvIwwuNqcXc068CAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBQ6Da9T3rse3UdPWPY4GGcqWBRIBDAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
L09nMnZVOTY3SHQxSFQxajJPQmhuS2xnVVNBUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
M2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8xL2NyZVBab0w4T2NW
YlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwNgQCAAEwMAMEAB+ENAMEAFz5HQMEAFz5HwMEAF6a
tgMEAGjoJAMEALnNzQMEALn9egMEANnFqTAPBAIAAjAJAwcAKgw6wAAAMA0GCSqG
SIb3DQEBCwUAA4IBAQAlEanoh1cyKzcnAES117Lezcuap43OIM+2K3A72h/yirtd
0tnAJ8Ua5MrwimPxTu2lZGfi1Me4NgZom3RX/9GG8Xzpc9tFgxdDRqUZVm7SPrXS
e27J3BuiKZ9qtZ9UJpFxnS61fFPqiDNbncWhaUtqz161cV3QEMLiojT5hH35QFlx
8hTV9r/uN5scjTgDtvMtQZR63h5oXpixYFBMPyQYrapTxb7CSlBh+9g/6KX4ZKjz
wJO83cMR3410Qqt8Ve4NrnHPz6rfet16tD2wcFgM9AKboYRrUnLYyziV9wxckA46
W8+fUV6FLeJVKVK45Vqr9P7ZTS0OqW+93dMzF///
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:58 2023 by rpki-client on console-fra.rpki-client.org