Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/R5r5b6f61SngDWYqh7EhoAh0v7Q.roa
File: R5r5b6f61SngDWYqh7EhoAh0v7Q.roa (raw, json)
Hash identifier: PlMszKD016dJmPZjndEoJjLPLqOWOH8PXJvMl52O9GU=
Subject key identifier: 47:9A:F9:6F:A7:FA:D5:29:E0:0D:66:2A:87:B1:21:A0:08:74:BF:B4
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 45CA94C3
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/R5r5b6f61SngDWYqh7EhoAh0v7Q.roa
Signing time: Wed 20 Apr 2022 06:50:24 +0000
ROA not before: Wed 20 Apr 2022 06:50:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5511
IP address blocks: 193.251.220.0/22 maxlen: 24
193.251.240.0/20 maxlen: 24
90.84.48.0/20 maxlen: 24
81.52.128.0/21 maxlen: 24
90.84.128.0/20 maxlen: 24
81.52.136.0/22 maxlen: 24
81.52.140.0/23 maxlen: 24
90.84.151.0/24 maxlen: 24
193.251.160.0/20 maxlen: 24
193.251.169.0/24 maxlen: 24
80.15.224.0/21 maxlen: 24
81.52.236.0/22 maxlen: 24
80.15.232.0/22 maxlen: 24
80.15.238.0/24 maxlen: 24
80.15.236.0/23 maxlen: 24
90.84.255.0/24 maxlen: 24
81.52.160.0/24 maxlen: 24
81.52.168.0/23 maxlen: 24
81.52.166.0/23 maxlen: 24
81.52.176.0/20 maxlen: 24
80.12.71.0/24 maxlen: 32
80.12.76.0/24 maxlen: 24
80.12.79.0/24 maxlen: 24
81.52.190.0/24 maxlen: 24
193.251.128.0/19 maxlen: 24
80.12.98.0/24 maxlen: 24
80.12.96.0/22 maxlen: 24
81.52.202.0/24 maxlen: 24
80.12.96.0/23 maxlen: 24
2a01:c000::/19 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1170904259 (0x45ca94c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Apr 20 06:50:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=479af96fa7fad529e00d662a87b121a00874bfb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:10:ca:4b:31:ed:7b:c2:33:d2:a1:09:89:8a:
cd:f6:a7:0e:71:ea:4a:60:8d:d3:28:72:cd:70:17:
27:24:eb:64:de:b0:a6:2b:c2:55:81:38:54:e4:b4:
a6:f7:02:8e:03:75:c6:63:fb:79:d7:91:71:cc:60:
84:c0:e2:58:ba:9d:46:6f:16:34:20:6f:f7:fe:ab:
3e:1b:4f:aa:5f:26:9f:cc:ad:06:8f:8f:ec:18:31:
55:3a:57:61:bc:08:8b:5a:83:a2:e2:95:8f:4c:a9:
0b:54:56:50:7a:e4:fe:8b:6e:8d:cc:5b:df:69:cb:
0f:08:33:d3:97:f9:e0:b1:cd:ef:27:47:4c:f3:e2:
a4:82:0a:bc:cb:3a:5c:66:c9:23:f7:45:0d:82:51:
05:02:14:e7:99:59:71:a3:9d:9c:79:5d:e5:63:71:
f5:83:66:6f:8b:f2:03:a2:07:a0:43:bc:54:ba:1f:
99:fa:1c:31:fa:f5:74:d0:f4:e8:73:03:1c:18:ff:
e8:66:a2:4e:7c:cf:66:f6:32:ca:89:a7:cc:35:bf:
bd:ca:6c:3f:a1:76:5f:b1:c6:00:55:7e:04:20:96:
86:39:0a:a9:2d:54:a3:cd:02:65:41:8b:d9:0f:db:
cd:d1:b4:8f:aa:76:94:34:74:d7:2a:be:be:14:9c:
a3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9A:F9:6F:A7:FA:D5:29:E0:0D:66:2A:87:B1:21:A0:08:74:BF:B4
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/R5r5b6f61SngDWYqh7EhoAh0v7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.12.71.0/24
80.12.76.0/24
80.12.79.0/24
80.12.96.0/22
80.15.224.0-80.15.238.255
81.52.128.0-81.52.141.255
81.52.160.0/24
81.52.166.0-81.52.169.255
81.52.176.0/20
81.52.202.0/24
81.52.236.0/22
90.84.48.0/20
90.84.128.0/20
90.84.151.0/24
90.84.255.0/24
193.251.128.0-193.251.175.255
193.251.220.0/22
193.251.240.0/20
IPv6:
2a01:c000::/19
Signature Algorithm: sha256WithRSAEncryption
1d:b0:fd:60:89:fa:8b:4a:b9:e5:d4:9c:64:04:d8:ef:ce:8e:
61:aa:39:e6:53:e8:e5:f1:e5:26:44:78:84:eb:3b:b7:d4:b4:
fc:7f:46:b6:8f:01:58:99:84:23:54:ed:de:c9:54:40:5e:27:
2e:4e:8e:b7:dc:55:8e:6e:e0:f5:a0:6a:50:aa:86:86:36:69:
90:77:68:79:c8:ac:34:1d:e8:15:d3:02:3e:80:bf:13:f4:2d:
fd:f3:12:66:01:f4:8d:7f:13:6a:2c:3d:5b:26:6f:6f:db:57:
93:d8:40:02:21:94:81:9d:db:3f:62:5e:c2:e2:b2:bf:da:6b:
42:ec:0d:bb:1e:02:32:d5:4f:5f:fa:0a:2c:b8:cf:41:b0:62:
88:cb:9c:da:08:a6:a4:0a:bb:4b:31:b3:a5:d5:92:84:f5:23:
7e:b5:1f:68:71:35:20:e8:51:0b:53:77:01:0c:8a:0d:82:66:
f5:61:c8:6f:43:a2:ba:07:10:95:b3:1c:e2:d0:f6:ae:43:69:
40:69:01:67:21:3a:d9:db:9e:b1:72:57:23:e5:05:02:50:87:
1a:3d:78:e6:16:2a:82:31:a7:ac:d3:76:56:1c:d7:fd:4d:c9:
69:e9:9c:fd:9e:44:3c:bf:39:17:34:30:2d:07:6c:27:f8:6b:
7d:d3:51:1e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIERcqUwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDQy
MDA2NTAyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc5YWY5NmZhN2Zh
ZDUyOWUwMGQ2NjJhODdiMTIxYTAwODc0YmZiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANkQyksx7XvCM9KhCYmKzfanDnHqSmCN0yhyzXAXJyTrZN6w
pivCVYE4VOS0pvcCjgN1xmP7edeRccxghMDiWLqdRm8WNCBv9/6rPhtPql8mn8yt
Bo+P7BgxVTpXYbwIi1qDouKVj0ypC1RWUHrk/otujcxb32nLDwgz05f54LHN7ydH
TPPipIIKvMs6XGbJI/dFDYJRBQIU55lZcaOdnHld5WNx9YNmb4vyA6IHoEO8VLof
mfocMfr1dND06HMDHBj/6GaiTnzPZvYyyomnzDW/vcpsP6F2X7HGAFV+BCCWhjkK
qS1Uo80CZUGL2Q/bzdG0j6p2lDR01yq+vhSco4MCAwEAAaOCAqIwggKeMB0GA1Ud
DgQWBBRHmvlvp/rVKeANZiqHsSGgCHS/tDAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
L1I1cjViNmY2MVNuZ0RXWXFoN0Vob0FoMHY3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
twYIKwYBBQUHAQcBAf8EgacwgaQwgZMEAgABMIGMAwQAUAxHAwQAUAxMAwQAUAxP
AwQCUAxgMAwDBAVQD+ADBABQD+4wDAMEB1E0gAMEAVE0jAMEAFE0oDAMAwQBUTSm
AwQBUTSoAwQEUTSwAwQAUTTKAwQCUTTsAwQEWlQwAwQEWlSAAwQAWlSXAwQAWlT/
MAwDBAfB+4ADBATB+6ADBALB+9wDBATB+/AwDAQCAAIwBgMEBSoBwDANBgkqhkiG
9w0BAQsFAAOCAQEAHbD9YIn6i0q55dScZATY786OYao55lPo5fHlJkR4hOs7t9S0
/H9Gto8BWJmEI1Tt3slUQF4nLk6Ot9xVjm7g9aBqUKqGhjZpkHdoecisNB3oFdMC
PoC/E/Qt/fMSZgH0jX8Taiw9WyZvb9tXk9hAAiGUgZ3bP2JewuKyv9prQuwNux4C
MtVPX/oKLLjPQbBiiMuc2gimpAq7SzGzpdWShPUjfrUfaHE1IOhRC1N3AQyKDYJm
9WHIb0OiugcQlbMc4tD2rkNpQGkBZyE62duesXJXI+UFAlCHGj145hYqgjGnrNN2
VhzX/U3Jaemc/Z5EPL85FzQwLQdsJ/hrfdNRHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org