Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/s_EAWytWKaH5RscmqZmsO-qksuU.roa
File: s_EAWytWKaH5RscmqZmsO-qksuU.roa (raw, json)
Hash identifier: 9oSia/GOJQZaB2wt+57h07jK6SJQWkG96US1+TcHd6E=
Subject key identifier: B3:F1:00:5B:2B:56:29:A1:F9:46:C7:26:A9:99:AC:3B:EA:A4:B2:E5
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 0184EB8435CDF20A25CF274B2543E70034FE
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/s_EAWytWKaH5RscmqZmsO-qksuU.roa
Signing time: Wed 07 Dec 2022 07:37:00 +0000
ROA not before: Wed 07 Dec 2022 07:37:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 328126
IP address blocks: 90.84.148.0/24 maxlen: 24
90.84.153.0/24 maxlen: 32
80.15.255.0/24 maxlen: 32
80.15.254.0/24 maxlen: 32
80.15.251.0/24 maxlen: 32
80.15.252.0/24 maxlen: 32
80.15.253.0/24 maxlen: 32
80.15.250.0/24 maxlen: 32
2a01:c9c0:c008::/48 maxlen: 128
2a01:c9c0:c00c::/48 maxlen: 128
2a01:c9c0:c002::/48 maxlen: 128
2a01:c9c0:c000::/48 maxlen: 128
2a01:c9c0:c006::/48 maxlen: 128
2a01:c9c0:c004::/48 maxlen: 128
2a01:c9c0:c00a::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:84:35:cd:f2:0a:25:cf:27:4b:25:43:e7:00:34:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Dec 7 07:37:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3f1005b2b5629a1f946c726a999ac3beaa4b2e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e6:f3:b6:cc:10:a4:4e:47:39:e4:13:89:c3:
2b:72:fb:ec:f7:3d:51:bd:59:28:ba:9c:d1:78:37:
f8:87:f6:5a:aa:fb:95:83:11:f0:a6:a9:57:52:04:
8b:fc:42:b4:a3:01:f5:7a:be:27:f5:10:ac:d3:d3:
d9:8c:cd:bf:ef:41:6f:98:9e:cd:35:5c:75:d3:5a:
ef:f1:84:a9:d4:83:50:34:d5:44:7b:c3:cc:83:b6:
18:1f:6a:c6:62:3e:ac:7b:d4:c3:8f:72:29:ee:c6:
50:42:1f:54:69:24:07:0a:6a:cb:63:34:08:12:39:
7c:fc:65:5c:59:55:1c:03:43:fd:9b:49:72:26:eb:
99:bd:0f:b3:93:aa:b5:d5:a7:1e:f7:91:4b:65:ea:
11:83:58:5a:ec:00:2b:d9:39:f7:53:56:99:91:89:
47:e2:cb:d9:ba:6c:0a:9b:b0:5b:ce:9a:47:aa:47:
b0:63:6f:d0:6d:23:dc:3e:94:a8:c1:dc:52:8e:0e:
6d:6e:ac:0d:2a:75:93:2b:29:fd:1e:a1:c4:7c:c6:
22:99:06:cf:13:aa:ca:ca:a0:9b:b8:fe:4d:4a:4c:
da:5f:9b:20:c7:78:2a:3e:d4:a5:59:52:3e:f9:e3:
12:69:ba:a4:2c:e3:ac:6b:ef:79:8b:3a:08:cf:31:
c6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F1:00:5B:2B:56:29:A1:F9:46:C7:26:A9:99:AC:3B:EA:A4:B2:E5
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/s_EAWytWKaH5RscmqZmsO-qksuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.15.250.0-80.15.255.255
90.84.148.0/24
90.84.153.0/24
IPv6:
2a01:c9c0:c000::/48
2a01:c9c0:c002::/48
2a01:c9c0:c004::/48
2a01:c9c0:c006::/48
2a01:c9c0:c008::/48
2a01:c9c0:c00a::/48
2a01:c9c0:c00c::/48
Signature Algorithm: sha256WithRSAEncryption
70:53:13:d8:16:72:49:8f:8a:01:c0:1b:85:4b:1c:ee:d2:f6:
d8:d5:4a:34:a4:ab:d1:0e:08:63:e6:a2:c8:d5:d2:31:ab:e1:
11:e9:1c:0e:30:c2:ad:11:df:62:e5:73:81:b0:78:82:58:2e:
b5:e3:f5:1b:aa:56:16:86:a4:10:4a:0c:f4:68:8a:9f:65:b5:
29:db:28:95:9a:d1:b2:44:5a:33:8a:44:f1:20:42:d2:75:47:
b5:d1:23:d3:04:9b:f4:d3:99:39:7a:45:c9:c5:b8:e7:e4:79:
ec:28:06:1f:3c:10:5b:c0:c0:22:4b:d8:c4:fb:4a:5e:2e:1e:
5c:38:71:88:6d:d3:c7:ec:7d:69:60:63:95:5c:2c:34:0b:6c:
cd:2e:ae:3c:0f:14:4c:0e:4b:f8:5d:2d:58:ec:56:37:13:03:
40:e3:85:ee:9c:a4:d8:cd:17:86:4e:2d:59:81:9d:33:fe:5c:
eb:cf:95:5f:c3:f4:6d:f6:5c:e6:08:f6:5e:69:19:99:a2:fb:
6e:c0:c8:d3:2c:9c:e0:58:24:37:97:ee:10:67:be:24:9d:15:
56:51:77:2f:c5:33:8d:d0:75:13:c7:89:1e:d7:2a:b2:c9:ab:
d6:60:55:27:3f:83:06:8f:64:01:14:f8:3c:19:14:8f:f2:a4:
ad:d2:33:f8
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYTrhDXN8golzydLJUPnADT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjIxMjA3MDczNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2YxMDA1YjJiNTYyOWExZjk0NmM3MjZhOTk5YWMzYmVhYTRiMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmebztswQpE5HOeQTicMrcvvs9z1R
vVkoupzReDf4h/ZaqvuVgxHwpqlXUgSL/EK0owH1er4n9RCs09PZjM2/70FvmJ7N
NVx101rv8YSp1INQNNVEe8PMg7YYH2rGYj6se9TDj3Ip7sZQQh9UaSQHCmrLYzQI
Ejl8/GVcWVUcA0P9m0lyJuuZvQ+zk6q11ace95FLZeoRg1ha7AAr2Tn3U1aZkYlH
4svZumwKm7BbzppHqkewY2/QbSPcPpSowdxSjg5tbqwNKnWTKyn9HqHEfMYimQbP
E6rKyqCbuP5NSkzaX5sgx3gqPtSlWVI++eMSabqkLOOsa+95izoIzzHGDwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFLPxAFsrVimh+UbHJqmZrDvqpLLlMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvc19FQVd5dFdLYUg1UnNjbXFabXNPLXFrc3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDAfBAIAATAZMAsDBAFQD/oD
AwRQAAMEAFpUlAMEAFpUmTBFBAIAAjA/AwcAKgHJwMAAAwcAKgHJwMACAwcAKgHJ
wMAEAwcAKgHJwMAGAwcAKgHJwMAIAwcAKgHJwMAKAwcAKgHJwMAMMA0GCSqGSIb3
DQEBCwUAA4IBAQBwUxPYFnJJj4oBwBuFSxzu0vbY1Uo0pKvRDghj5qLI1dIxq+ER
6RwOMMKtEd9i5XOBsHiCWC614/UbqlYWhqQQSgz0aIqfZbUp2yiVmtGyRFozikTx
IELSdUe10SPTBJv005k5ekXJxbjn5HnsKAYfPBBbwMAiS9jE+0peLh5cOHGIbdPH
7H1pYGOVXCw0C2zNLq48DxRMDkv4XS1Y7FY3EwNA44XunKTYzReGTi1ZgZ0z/lzr
z5Vfw/Rt9lzmCPZeaRmZovtuwMjTLJzgWCQ3l+4QZ74knRVWUXcvxTON0HUTx4ke
1yqyyavWYFUnP4MGj2QBFPg8GRSP8qSt0jP4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:52 2024 by rpki-client on console-fra.rpki-client.org