Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BA3hayOUm6opFws_oIT6DemRAf8.roa
File: BA3hayOUm6opFws_oIT6DemRAf8.roa (raw, json)
Hash identifier: xqvcL7fTAS01n4BGhlm4eKpf+cnDfWZhFYrrIOWAu0k=
Subject key identifier: 04:0D:E1:6B:23:94:9B:AA:29:17:0B:3F:A0:84:FA:0D:E9:91:01:FF
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 1BACF35E
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BA3hayOUm6opFws_oIT6DemRAf8.roa
Signing time: Mon 27 Jun 2022 12:52:31 +0000
ROA not before: Mon 27 Jun 2022 12:52:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 81.181.68.0/23 maxlen: 23
81.181.72.0/23 maxlen: 23
194.102.36.0/22 maxlen: 22
217.156.16.0/23 maxlen: 23
80.97.40.0/21 maxlen: 21
81.181.104.0/21 maxlen: 21
85.122.124.0/22 maxlen: 22
85.122.120.0/22 maxlen: 22
217.156.48.0/22 maxlen: 22
81.181.14.0/23 maxlen: 23
81.181.26.0/23 maxlen: 23
194.102.148.0/23 maxlen: 23
194.102.160.0/23 maxlen: 23
85.121.48.0/21 maxlen: 24
194.102.174.0/23 maxlen: 23
194.102.180.0/22 maxlen: 22
85.120.224.0/21 maxlen: 24
80.97.96.0/23 maxlen: 23
217.156.94.0/23 maxlen: 23
80.96.54.0/23 maxlen: 23
85.121.168.0/22 maxlen: 22
80.96.102.0/23 maxlen: 23
194.102.224.0/22 maxlen: 22
80.96.44.0/23 maxlen: 23
81.180.98.0/23 maxlen: 23
194.105.12.0/22 maxlen: 22
85.121.232.0/21 maxlen: 21
194.153.230.0/23 maxlen: 23
194.153.244.0/23 maxlen: 23
81.180.228.0/23 maxlen: 23
85.120.84.0/23 maxlen: 23
81.180.254.0/23 maxlen: 23
81.180.174.0/23 maxlen: 23
85.121.208.0/21 maxlen: 24
80.96.156.0/22 maxlen: 22
193.226.76.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 464319326 (0x1bacf35e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jun 27 12:52:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=040de16b23949baa29170b3fa084fa0de99101ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:45:9c:53:b2:94:ff:1f:a5:7c:b8:28:e2:80:
8f:1c:91:0e:ca:c5:b1:08:cc:75:ee:57:fa:e7:1c:
29:b2:9c:55:58:8e:6d:52:22:c2:98:b2:47:19:87:
40:fe:a5:1b:35:fb:52:88:db:a9:58:fa:74:60:90:
89:91:ad:ed:77:14:c9:6b:84:03:d9:8d:c5:37:ae:
81:a6:55:f8:59:40:d0:be:ba:37:26:4a:77:b0:37:
9e:c3:aa:72:47:2a:b1:53:90:82:0f:4f:fa:04:dd:
2a:9a:b7:5a:83:b1:3f:1e:c2:29:a5:76:2e:1a:1a:
7b:fd:46:e8:db:e1:96:3d:10:36:4b:07:6a:de:2e:
ea:73:08:05:e8:2d:29:3e:3d:7d:2a:88:3f:1d:c8:
33:80:00:1e:01:98:69:56:e7:d3:59:e4:1b:63:4f:
5b:a5:ef:34:f2:4f:5a:75:c5:0f:7f:34:31:d7:31:
b2:a6:af:a0:05:85:1a:99:96:e0:58:b5:03:99:7d:
a1:96:35:47:c8:83:03:75:5e:4f:ec:dc:07:7b:84:
ad:33:ed:0b:ee:2c:f2:f7:00:ee:69:84:c1:e5:79:
0f:96:2f:7c:09:a3:3f:49:1b:42:2b:47:84:ee:8e:
af:a2:74:c6:88:00:a8:3a:d6:21:0a:32:9c:cc:95:
c5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:0D:E1:6B:23:94:9B:AA:29:17:0B:3F:A0:84:FA:0D:E9:91:01:FF
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BA3hayOUm6opFws_oIT6DemRAf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.44.0/23
80.96.54.0/23
80.96.102.0/23
80.96.156.0/22
80.97.40.0/21
80.97.96.0/23
81.180.98.0/23
81.180.174.0/23
81.180.228.0/23
81.180.254.0/23
81.181.14.0/23
81.181.26.0/23
81.181.68.0/23
81.181.72.0/23
81.181.104.0/21
85.120.84.0/23
85.120.224.0/21
85.121.48.0/21
85.121.168.0/22
85.121.208.0/21
85.121.232.0/21
85.122.120.0/21
193.226.76.0/22
194.102.36.0/22
194.102.148.0/23
194.102.160.0/23
194.102.174.0/23
194.102.180.0/22
194.102.224.0/22
194.105.12.0/22
194.153.230.0/23
194.153.244.0/23
217.156.16.0/23
217.156.48.0/22
217.156.94.0/23
Signature Algorithm: sha256WithRSAEncryption
68:20:87:c0:69:ff:a7:b5:f4:d3:cf:3c:6a:74:ca:21:20:85:
8f:c2:86:f3:5d:44:29:0d:26:fa:80:2a:49:6d:fc:ea:02:98:
78:3e:1b:15:0b:9c:1f:6d:eb:1e:7d:19:d2:a5:91:e5:8d:5e:
54:12:26:a2:01:b3:50:06:17:f3:17:fd:ff:fd:f9:cd:e9:66:
d8:66:33:27:0d:5b:e4:c9:6f:4d:35:fa:fd:a1:65:e2:85:73:
4b:67:62:bf:39:03:bd:9e:f2:7f:1d:78:bf:01:ce:82:98:69:
a1:78:20:7c:46:fb:b5:53:b2:9f:12:0d:83:b5:76:e2:ff:09:
e6:2c:94:31:a0:fe:9c:6d:0c:42:58:29:85:94:be:16:3e:bb:
34:de:b8:9e:0d:dd:9f:2b:a2:c7:de:66:92:8d:73:0e:b0:fb:
e9:d0:02:10:11:26:26:f1:8e:54:0c:ef:54:37:f6:0f:44:62:
08:7e:be:76:18:b4:c4:98:d9:f1:2e:67:42:bd:e4:9c:af:f3:
a4:1c:bc:b6:a9:ff:2a:7d:4b:e2:42:f0:e4:e9:89:0b:4e:15:
55:19:1c:3a:0e:c4:1c:8e:cd:5b:f9:b7:cf:84:c9:a8:23:7b:
37:e0:5f:93:59:fa:cf:21:2a:ec:4e:1c:87:64:51:64:89:dc:
37:ba:b8:58
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIEG6zzXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDYy
NzEyNTIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQwZGUxNmIyMzk0
OWJhYTI5MTcwYjNmYTA4NGZhMGRlOTkxMDFmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZFnFOylP8fpXy4KOKAjxyRDsrFsQjMde5X+uccKbKcVViO
bVIiwpiyRxmHQP6lGzX7UojbqVj6dGCQiZGt7XcUyWuEA9mNxTeugaZV+FlA0L66
NyZKd7A3nsOqckcqsVOQgg9P+gTdKpq3WoOxPx7CKaV2Lhoae/1G6Nvhlj0QNksH
at4u6nMIBegtKT49fSqIPx3IM4AAHgGYaVbn01nkG2NPW6XvNPJPWnXFD380Mdcx
sqavoAWFGpmW4Fi1A5l9oZY1R8iDA3VeT+zcB3uErTPtC+4s8vcA7mmEweV5D5Yv
fAmjP0kbQitHhO6Or6J0xogAqDrWIQoynMyVxbkCAwEAAaOCAtowggLWMB0GA1Ud
DgQWBBQEDeFrI5SbqikXCz+ghPoN6ZEB/zAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L0JBM2hheU9VbTZvcEZ3c19vSVQ2RGVtUkFmOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
7wYIKwYBBQUHAQcBAf8Egd8wgdwwgdkEAgABMIHSAwQBUGAsAwQBUGA2AwQBUGBm
AwQCUGCcAwQDUGEoAwQBUGFgAwQBUbRiAwQBUbSuAwQBUbTkAwQBUbT+AwQBUbUO
AwQBUbUaAwQBUbVEAwQBUbVIAwQDUbVoAwQBVXhUAwQDVXjgAwQDVXkwAwQCVXmo
AwQDVXnQAwQDVXnoAwQDVXp4AwQCweJMAwQCwmYkAwQBwmaUAwQBwmagAwQBwmau
AwQCwma0AwQCwmbgAwQCwmkMAwQBwpnmAwQBwpn0AwQB2ZwQAwQC2ZwwAwQB2Zxe
MA0GCSqGSIb3DQEBCwUAA4IBAQBoIIfAaf+ntfTTzzxqdMohIIWPwobzXUQpDSb6
gCpJbfzqAph4PhsVC5wfbesefRnSpZHljV5UEiaiAbNQBhfzF/3//fnN6WbYZjMn
DVvkyW9NNfr9oWXihXNLZ2K/OQO9nvJ/HXi/Ac6CmGmheCB8Rvu1U7KfEg2DtXbi
/wnmLJQxoP6cbQxCWCmFlL4WPrs03rieDd2fK6LH3maSjXMOsPvp0AIQESYm8Y5U
DO9UN/YPRGIIfr52GLTEmNnxLmdCveScr/OkHLy2qf8qfUviQvDk6YkLThVVGRw6
DsQcjs1b+bfPhMmoI3s34F+TWfrPISrsThyHZFFkidw3urhY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:04 2024 by rpki-client on console-ams.rpki-client.org