Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ryduUi4onOrsFKlxjUkzvNQ-pWU.roa
File: ryduUi4onOrsFKlxjUkzvNQ-pWU.roa (raw, json)
Hash identifier: NkRaM8wwIu/2JW/vrhfI5ISW75GNTdvF3hVxsoS+bnc=
Subject key identifier: AF:27:6E:52:2E:28:9C:EA:EC:14:A9:71:8D:49:33:BC:D4:3E:A5:65
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01839CA5BD8CBC292A2345CA967EFF7788C7
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ryduUi4onOrsFKlxjUkzvNQ-pWU.roa
Signing time: Mon 03 Oct 2022 07:00:51 +0000
ROA not before: Mon 03 Oct 2022 07:00:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199140
IP address blocks: 80.12.240.0/23 maxlen: 24
80.12.243.0/24 maxlen: 24
80.12.250.0/24 maxlen: 24
80.12.253.0/24 maxlen: 25
80.12.249.0/24 maxlen: 24
80.12.254.0/24 maxlen: 24
195.101.150.160/28 maxlen: 28
80.12.212.0/24 maxlen: 24
80.12.213.0/24 maxlen: 24
195.101.150.152/29 maxlen: 29
81.252.94.184/29 maxlen: 29
83.206.119.208/28 maxlen: 28
2a01:cb22:4000::/36 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9c:a5:bd:8c:bc:29:2a:23:45:ca:96:7e:ff:77:88:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Oct 3 07:00:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af276e522e289ceaec14a9718d4933bcd43ea565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b9:29:7c:3e:fe:68:4f:49:9f:dc:90:a0:da:
d2:06:8f:94:25:2f:42:37:85:02:96:f8:18:99:86:
1c:1a:57:52:b3:8e:2b:de:6a:01:8f:ff:fa:38:46:
96:2d:d6:9e:17:ed:e7:ad:ec:19:70:19:c3:30:6a:
d5:34:c5:f3:dc:52:ed:ba:89:77:b4:26:9a:ef:c6:
47:60:e6:b2:de:b5:2f:f9:65:cd:28:bc:78:9f:c8:
a2:cc:4a:1b:15:68:ac:fd:8f:6b:45:30:36:6f:d3:
45:75:f4:fe:61:5b:70:28:70:ae:41:84:a2:26:01:
12:bd:fe:a5:30:b0:af:95:07:70:a0:76:72:85:f6:
6a:25:f9:0d:09:11:de:98:ad:c6:36:e2:9e:47:41:
58:c7:aa:55:4d:bf:df:ae:ee:a6:8b:48:8a:08:9a:
25:44:c3:e5:aa:24:e9:40:c7:7c:83:a0:10:2a:22:
7e:45:b5:0d:b8:f9:75:18:5a:81:f4:65:37:f3:70:
96:3a:56:db:f1:a2:4e:21:6f:ca:65:ca:57:c4:fb:
a5:cd:83:62:75:5d:45:33:f5:fc:41:cb:a6:41:fd:
af:3d:df:d3:1f:f3:9d:68:e7:2f:1e:03:a8:2f:47:
a9:7a:0a:c8:98:bd:f1:36:e8:2b:12:c4:ce:b2:d0:
69:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:27:6E:52:2E:28:9C:EA:EC:14:A9:71:8D:49:33:BC:D4:3E:A5:65
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ryduUi4onOrsFKlxjUkzvNQ-pWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.12.212.0/23
80.12.240.0/23
80.12.243.0/24
80.12.249.0-80.12.250.255
80.12.253.0-80.12.254.255
81.252.94.184/29
83.206.119.208/28
195.101.150.152-195.101.150.175
IPv6:
2a01:cb22:4000::/36
Signature Algorithm: sha256WithRSAEncryption
7d:23:4d:5e:be:8a:23:b0:25:92:89:25:1e:ed:57:cf:41:2a:
3f:0b:76:ff:11:74:f5:82:05:ba:2d:1c:20:dd:dd:c6:b9:69:
9b:4b:7a:24:79:fb:ba:b6:c8:8d:38:f9:1c:2f:e7:1c:4b:ef:
f9:89:d9:b6:1b:93:d6:56:10:bd:8c:41:a1:fe:5b:97:c5:7c:
13:0d:8b:64:c7:5a:29:ff:d0:3e:e5:7b:56:85:58:38:73:94:
46:8a:0c:68:b7:1d:ff:5f:e5:52:28:41:f5:fa:a3:e8:07:1a:
7b:74:39:1a:30:21:08:57:f7:61:5b:25:af:ac:fc:aa:82:9f:
6a:06:68:d1:48:8e:51:23:0d:28:26:51:f9:d6:bc:06:b6:7c:
8f:03:46:b5:8b:ab:ca:7a:5c:7d:a3:47:58:d8:28:87:31:f3:
97:42:04:d0:64:f7:cd:53:d2:ab:65:db:da:48:87:d9:83:84:
5a:b7:1c:96:5d:eb:c8:76:76:a0:5b:62:53:f4:ff:98:4f:d4:
d3:9f:11:92:ce:e8:3d:93:54:07:24:75:08:1a:93:6d:ac:c8:
44:8c:42:4f:c6:45:8e:60:0b:db:14:a3:6f:49:5c:3f:b1:bb:
a6:b0:5f:6b:73:42:ee:91:5e:9a:b2:cf:39:4b:cb:73:7e:2a:
fa:37:55:15
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYOcpb2MvCkqI0XKln7/d4jHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjIxMDAzMDcwMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjI3NmU1MjJlMjg5Y2VhZWMxNGE5NzE4ZDQ5MzNiY2Q0M2VhNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLkpfD7+aE9Jn9yQoNrSBo+UJS9C
N4UClvgYmYYcGldSs44r3moBj//6OEaWLdaeF+3nrewZcBnDMGrVNMXz3FLtuol3
tCaa78ZHYOay3rUv+WXNKLx4n8iizEobFWis/Y9rRTA2b9NFdfT+YVtwKHCuQYSi
JgESvf6lMLCvlQdwoHZyhfZqJfkNCRHemK3GNuKeR0FYx6pVTb/fru6mi0iKCJol
RMPlqiTpQMd8g6AQKiJ+RbUNuPl1GFqB9GU383CWOlbb8aJOIW/KZcpXxPulzYNi
dV1FM/X8QcumQf2vPd/TH/OdaOcvHgOoL0epegrImL3xNugrEsTOstBpTwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFK8nblIuKJzq7BSpcY1JM7zUPqVlMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvcnlkdVVpNG9uT3JzRktseGpVa3p2TlEtcFdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBSBAIAATBMAwQBUAzUAwQB
UAzwAwQAUAzzMAwDBABQDPkDBABQDPowDAMEAFAM/QMEAFAM/gMFA1H8XrgDBQRT
znfQMA4DBQPDZZaYAwUEw2WWoDAOBAIAAjAIAwYEKgHLIkAwDQYJKoZIhvcNAQEL
BQADggEBAH0jTV6+iiOwJZKJJR7tV89BKj8Ldv8RdPWCBbotHCDd3ca5aZtLeiR5
+7q2yI04+Rwv5xxL7/mJ2bYbk9ZWEL2MQaH+W5fFfBMNi2THWin/0D7le1aFWDhz
lEaKDGi3Hf9f5VIoQfX6o+gHGnt0ORowIQhX92FbJa+s/KqCn2oGaNFIjlEjDSgm
UfnWvAa2fI8DRrWLq8p6XH2jR1jYKIcx85dCBNBk981T0qtl29pIh9mDhFq3HJZd
68h2dqBbYlP0/5hP1NOfEZLO6D2TVAckdQgak22syESMQk/GRY5gC9sUo29JXD+x
u6awX2tzQu6RXpqyzzlLy3N+Kvo3VRU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:20 2024 by rpki-client on console-ams.rpki-client.org