Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/rxHEODbpuaAgP3J68_cnj-vmJSo.roa
File: rxHEODbpuaAgP3J68_cnj-vmJSo.roa (raw, json)
Hash identifier: BFiVYV3cHKmXRLrM/kZ4SFKyaqCLURretBgJyged3/I=
Subject key identifier: AF:11:C4:38:36:E9:B9:A0:20:3F:72:7A:F3:F7:27:8F:EB:E6:25:2A
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 0183B193CC953F37E2BCCA8827C1A9DAA53D
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/rxHEODbpuaAgP3J68_cnj-vmJSo.roa
Signing time: Fri 07 Oct 2022 08:33:16 +0000
ROA not before: Fri 07 Oct 2022 08:33:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 328126
IP address blocks: 90.84.148.0/24 maxlen: 24
80.15.251.0/24 maxlen: 24
80.15.252.0/24 maxlen: 24
80.15.253.0/24 maxlen: 24
90.84.153.0/24 maxlen: 24
80.15.250.0/24 maxlen: 24
80.15.255.0/24 maxlen: 24
80.15.254.0/24 maxlen: 24
2a01:c9c0:c002::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:93:cc:95:3f:37:e2:bc:ca:88:27:c1:a9:da:a5:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Oct 7 08:33:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af11c43836e9b9a0203f727af3f7278febe6252a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:95:9f:10:31:02:eb:17:c9:97:1f:ae:d3:78:
7d:c9:83:7a:cd:df:23:61:bf:0d:2b:54:ef:e1:93:
30:22:30:8b:a8:d5:ef:6a:e3:79:29:61:0c:fe:52:
9e:c1:14:e5:52:1f:7a:20:19:84:2c:25:65:e8:3d:
48:eb:da:d5:e9:df:b4:53:c3:63:3d:d9:0c:28:6f:
fa:40:c1:be:b7:17:3b:a1:0a:1c:84:ac:32:e2:2a:
89:df:ef:b0:da:57:a4:0d:9d:42:f0:09:96:51:00:
15:f6:67:4f:4b:99:45:6c:87:42:07:6b:dc:a4:94:
4a:42:bd:f3:f3:c6:da:e1:db:e4:bb:0a:d3:2c:f8:
d8:af:27:79:32:fe:fa:42:8a:d7:a3:42:34:44:5c:
9d:99:3b:aa:f7:cb:d1:4d:ea:9d:31:a9:16:4e:b8:
49:6e:cf:68:47:f4:38:8b:fd:43:fd:f9:d9:7b:37:
9e:1a:67:be:c8:36:01:23:4e:90:5e:05:5b:a8:05:
17:ad:7d:eb:5d:10:66:3d:93:c5:31:94:dd:f3:33:
ff:94:46:b0:02:82:37:9d:8e:5a:80:21:d0:dd:a6:
d2:a1:5a:0c:e6:2d:b0:1f:12:89:b8:cc:e9:fa:ae:
68:00:cb:03:46:52:9c:ae:52:6d:8a:1d:d8:ac:5b:
b3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:11:C4:38:36:E9:B9:A0:20:3F:72:7A:F3:F7:27:8F:EB:E6:25:2A
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/rxHEODbpuaAgP3J68_cnj-vmJSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.15.250.0-80.15.255.255
90.84.148.0/24
90.84.153.0/24
IPv6:
2a01:c9c0:c002::/48
Signature Algorithm: sha256WithRSAEncryption
69:6f:43:7a:61:0f:5b:d2:65:47:8d:fb:22:5e:13:a0:bd:9c:
76:7b:db:e8:0b:e7:99:7c:ff:40:cc:ea:68:93:b6:92:56:1d:
a5:a4:9a:e1:65:f1:25:f2:bc:0d:4a:51:c9:0f:bc:27:d5:46:
12:9d:35:52:48:84:83:90:ef:9b:11:92:a7:62:b8:a5:be:d7:
9c:46:ca:02:90:1a:3f:80:53:d7:cc:f0:f7:ad:d7:51:2d:48:
6a:20:bb:40:3a:84:45:79:4f:c6:b8:f6:13:12:cc:ce:d0:8c:
2f:07:87:5a:cf:06:05:d2:fc:e3:7f:df:a4:a4:d8:20:d8:15:
23:bb:98:db:a8:20:ca:02:d8:f8:a7:5a:c1:65:79:0d:8a:ec:
70:52:89:2b:58:fe:14:3d:b8:30:4e:b5:c8:4e:0d:f6:33:6a:
b0:8d:85:69:ce:06:9f:c9:06:77:0a:14:97:06:4b:3f:74:bd:
cb:ee:b8:1f:a0:57:52:ea:4b:4e:95:df:22:aa:c0:5c:db:e4:
5f:55:d7:98:03:62:01:1d:07:8a:84:a1:80:46:db:8c:10:74:
d6:83:9f:f4:60:40:fb:a7:1c:09:28:f5:47:78:8c:92:fd:b5:
79:5c:05:28:bd:0a:ef:13:26:fd:1c:d2:72:c0:56:9e:77:1e:
90:d3:e3:f2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYOxk8yVPzfivMqIJ8Gp2qU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjIxMDA3MDgzMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjExYzQzODM2ZTliOWEwMjAzZjcyN2FmM2Y3Mjc4ZmViZTYyNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5WfEDEC6xfJlx+u03h9yYN6zd8j
Yb8NK1Tv4ZMwIjCLqNXvauN5KWEM/lKewRTlUh96IBmELCVl6D1I69rV6d+0U8Nj
PdkMKG/6QMG+txc7oQochKwy4iqJ3++w2lekDZ1C8AmWUQAV9mdPS5lFbIdCB2vc
pJRKQr3z88ba4dvkuwrTLPjYryd5Mv76QorXo0I0RFydmTuq98vRTeqdMakWTrhJ
bs9oR/Q4i/1D/fnZezeeGme+yDYBI06QXgVbqAUXrX3rXRBmPZPFMZTd8zP/lEaw
AoI3nY5agCHQ3abSoVoM5i2wHxKJuMzp+q5oAMsDRlKcrlJtih3YrFuz2wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFK8RxDg26bmgID9yevP3J4/r5iUqMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvcnhIRU9EYnB1YUFnUDNKNjhfY25qLXZtSlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAfBAIAATAZMAsDBAFQD/oD
AwRQAAMEAFpUlAMEAFpUmTAPBAIAAjAJAwcAKgHJwMACMA0GCSqGSIb3DQEBCwUA
A4IBAQBpb0N6YQ9b0mVHjfsiXhOgvZx2e9voC+eZfP9AzOpok7aSVh2lpJrhZfEl
8rwNSlHJD7wn1UYSnTVSSISDkO+bEZKnYrilvtecRsoCkBo/gFPXzPD3rddRLUhq
ILtAOoRFeU/GuPYTEszO0IwvB4dazwYF0vzjf9+kpNgg2BUju5jbqCDKAtj4p1rB
ZXkNiuxwUokrWP4UPbgwTrXITg32M2qwjYVpzgafyQZ3ChSXBks/dL3L7rgfoFdS
6ktOld8iqsBc2+RfVdeYA2IBHQeKhKGARtuMEHTWg5/0YED7pxwJKPVHeIyS/bV5
XAUovQrvEyb9HNJywFaedx6Q0+Py
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:20 2024 by rpki-client on console-ams.rpki-client.org