Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/IsXYaUQjnoAXKRROq-BfdU-4F5U.roa
File: IsXYaUQjnoAXKRROq-BfdU-4F5U.roa (raw, json)
Hash identifier: 4WR1lipTbhtwiOjo8vJRQl+vEk0djFMNZZT3tDyy4mQ=
Subject key identifier: 22:C5:D8:69:44:23:9E:80:17:29:14:4E:AB:E0:5F:75:4F:B8:17:95
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 1943DAFB
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/IsXYaUQjnoAXKRROq-BfdU-4F5U.roa
Signing time: Tue 04 Jan 2022 12:20:09 +0000
ROA not before: Tue 04 Jan 2022 12:20:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31017
IP address blocks: 80.97.125.0/24 maxlen: 24
193.231.242.0/24 maxlen: 24
217.156.76.0/24 maxlen: 24
193.226.63.0/24 maxlen: 24
193.226.60.0/24 maxlen: 24
85.120.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 423877371 (0x1943dafb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 4 12:20:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22c5d86944239e801729144eabe05f754fb81795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:99:0f:83:3f:28:b7:bb:f0:6a:37:d6:d0:9b:
a0:1d:34:42:cc:1a:af:80:d8:c0:73:38:42:c5:6f:
0d:16:db:c8:86:b6:4c:80:87:d5:6f:4d:77:07:b7:
5a:8b:58:99:17:e9:07:4f:c5:fb:99:f0:76:a0:42:
da:82:82:80:71:ef:14:4f:5d:9e:10:e8:0d:7b:93:
8b:69:20:2e:b5:09:c0:15:29:92:29:b8:14:25:e1:
3d:93:4a:76:84:13:04:64:92:0c:e4:91:fa:fa:ba:
22:7d:16:81:6b:47:37:9f:77:86:99:e8:0f:73:bc:
24:cf:ca:31:e5:98:ad:9f:31:78:f3:27:01:67:2d:
cb:80:f4:b5:d4:95:30:ec:cc:43:7e:55:4a:4f:7f:
fa:c3:8f:86:e5:55:1b:29:f4:98:84:1d:12:f3:e7:
e3:f9:05:da:f6:9a:d8:51:8f:89:71:9a:63:d9:4b:
0c:fe:86:e5:05:9a:e9:7b:06:0e:1c:cc:1d:96:71:
55:c4:a1:46:53:d8:c3:87:a7:cc:cf:b0:11:32:4b:
9e:a7:7a:a2:2a:e5:ac:31:e0:42:3d:0c:21:53:c7:
c3:c3:77:fc:10:5a:87:e0:fb:c7:32:e0:d4:4e:a2:
d3:fa:17:9e:8b:55:fd:c4:ef:4f:f8:15:e4:91:5d:
c9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C5:D8:69:44:23:9E:80:17:29:14:4E:AB:E0:5F:75:4F:B8:17:95
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/IsXYaUQjnoAXKRROq-BfdU-4F5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.97.125.0/24
85.120.34.0/24
193.226.60.0/24
193.226.63.0/24
193.231.242.0/24
217.156.76.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:85:3c:51:e5:13:bf:74:02:d0:af:bf:e8:a9:9a:81:d0:94:
d0:a5:be:5e:83:33:cb:94:c7:a2:81:c6:f2:40:e7:80:a8:84:
94:30:b5:be:cf:c1:18:f2:28:98:6d:3c:8a:03:b5:c7:23:65:
de:15:b1:af:ae:08:dc:77:0b:1a:72:13:5c:b5:09:fa:fc:94:
95:04:ce:60:db:0a:42:5a:a1:01:81:41:e4:7b:0d:7b:58:84:
d1:46:49:c8:ed:0d:dc:b7:2c:5a:31:29:ac:a2:96:e7:33:f1:
f0:b3:fd:be:0f:4f:43:e3:2f:d2:07:a0:7b:45:31:da:85:97:
8e:30:b4:0c:ee:75:77:df:6d:f2:dc:b2:e5:7e:a6:cd:37:f6:
b9:63:ee:4c:70:a9:fc:a2:7a:cc:62:1e:4b:aa:f4:8d:96:7c:
62:58:06:0c:28:cb:34:79:f1:3e:bb:e9:14:08:d7:b1:ee:a9:
85:38:01:d4:de:89:d2:50:45:8e:56:7a:6b:77:f0:e2:52:ab:
90:c1:88:9a:ed:54:fb:28:19:c2:45:de:4c:97:5c:fa:cf:bf:
c6:b2:fd:2d:92:f1:95:2b:dd:3f:64:bf:96:9e:a1:03:9f:88:
97:88:7d:3b:e9:f5:6a:bd:ae:62:7c:2b:09:14:46:4b:2d:c5:
69:9d:e7:ab
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEGUPa+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDEw
NDEyMjAwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJjNWQ4Njk0NDIz
OWU4MDE3MjkxNDRlYWJlMDVmNzU0ZmI4MTc5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPyZD4M/KLe78Go31tCboB00Qswar4DYwHM4QsVvDRbbyIa2
TICH1W9Ndwe3WotYmRfpB0/F+5nwdqBC2oKCgHHvFE9dnhDoDXuTi2kgLrUJwBUp
kim4FCXhPZNKdoQTBGSSDOSR+vq6In0WgWtHN593hpnoD3O8JM/KMeWYrZ8xePMn
AWcty4D0tdSVMOzMQ35VSk9/+sOPhuVVGyn0mIQdEvPn4/kF2vaa2FGPiXGaY9lL
DP6G5QWa6XsGDhzMHZZxVcShRlPYw4enzM+wETJLnqd6oirlrDHgQj0MIVPHw8N3
/BBah+D7xzLg1E6i0/oXnotV/cTvT/gV5JFdyRsCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQixdhpRCOegBcpFE6r4F91T7gXlTAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L0lzWFlhVVFqbm9BWEtSUk9xLUJmZFUtNEY1VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFBhfQMEAFV4IgMEAMHiPAMEAMHi
PwMEAMHn8gMEANmcTDANBgkqhkiG9w0BAQsFAAOCAQEAK4U8UeUTv3QC0K+/6Kma
gdCU0KW+XoMzy5THooHG8kDngKiElDC1vs/BGPIomG08igO1xyNl3hWxr64I3HcL
GnITXLUJ+vyUlQTOYNsKQlqhAYFB5HsNe1iE0UZJyO0N3LcsWjEprKKW5zPx8LP9
vg9PQ+Mv0gege0Ux2oWXjjC0DO51d99t8tyy5X6mzTf2uWPuTHCp/KJ6zGIeS6r0
jZZ8YlgGDCjLNHnxPrvpFAjXse6phTgB1N6J0lBFjlZ6a3fw4lKrkMGImu1U+ygZ
wkXeTJdc+s+/xrL9LZLxlSvdP2S/lp6hA5+Il4h9O+n1ar2uYnwrCRRGSy3FaZ3n
qw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org