Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/KHkzOPYI8Nzj6lcdEXOR108NbZs.roa
File: KHkzOPYI8Nzj6lcdEXOR108NbZs.roa (raw, json)
Hash identifier: oVw18IFjt2KwU4y8yKs1XMUayttLppiiMlvMECBiyxw=
Subject key identifier: 28:79:33:38:F6:08:F0:DC:E3:EA:57:1D:11:73:91:D7:4F:0D:6D:9B
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 1AEC6391
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/KHkzOPYI8Nzj6lcdEXOR108NbZs.roa
Signing time: Tue 03 May 2022 07:07:22 +0000
ROA not before: Tue 03 May 2022 07:07:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 217.156.14.0/24 maxlen: 24
193.231.227.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.187.0/24 maxlen: 24
193.231.188.0/24 maxlen: 24
193.231.189.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
81.180.27.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
81.181.167.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
80.96.12.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
80.96.47.0/24 maxlen: 24
193.231.108.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
193.226.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 451699601 (0x1aec6391)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: May 3 07:07:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28793338f608f0dce3ea571d117391d74f0d6d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:06:cf:9b:1f:f3:0c:3f:ea:e1:f0:14:d4:23:
d6:2c:8e:14:c8:10:2c:a9:f0:11:1b:d8:1a:fc:22:
90:58:0a:91:1a:fa:0d:b3:b8:07:44:55:51:7c:86:
b6:a9:5e:0d:ca:3b:5f:ee:9b:25:83:1f:1e:52:45:
7d:fb:ca:d2:21:60:81:8b:62:90:db:ce:73:53:7b:
89:91:15:7d:00:5b:26:7b:03:96:0c:a4:a8:e4:07:
8a:01:5c:04:0f:97:3d:77:84:cc:79:e1:2f:c1:2d:
db:82:3b:62:2c:d2:f0:26:59:de:28:86:ed:b5:47:
97:2e:0e:90:5b:54:e6:38:27:a5:62:23:81:9a:7a:
90:34:9f:18:d6:b5:38:6d:a7:3a:f3:64:fb:18:6a:
c8:ad:6b:28:cf:01:c7:68:13:f6:21:aa:86:3e:0a:
63:61:ad:37:5b:72:bf:12:94:ef:f7:e1:c5:59:5e:
84:e6:21:79:87:d8:80:6d:13:da:4d:02:49:3a:e7:
2d:ee:19:bb:34:38:0e:be:c0:2f:8f:4e:3f:af:c6:
71:58:ba:37:80:69:85:0b:4a:e1:40:33:60:05:54:
2b:bb:e8:4a:e7:13:58:7e:37:84:96:37:81:cd:89:
40:9f:32:16:02:01:0b:3d:e3:0a:88:db:92:17:0f:
ec:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:79:33:38:F6:08:F0:DC:E3:EA:57:1D:11:73:91:D7:4F:0D:6D:9B
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/KHkzOPYI8Nzj6lcdEXOR108NbZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.12.0/24
80.96.47.0/24
80.96.67.0/24
80.96.79.0/24
80.97.147.0-80.97.149.255
81.180.27.0/24
81.181.128.0/24
81.181.167.0/24
193.226.116.0/24
193.226.127.0/24
193.231.108.0/24
193.231.184.0/24
193.231.187.0-193.231.189.255
193.231.227.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.134.0/24
194.102.229.0/24
217.156.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:11:8e:36:ae:0f:a1:3d:31:4a:13:da:28:07:15:1c:cd:37:
9c:a7:86:2f:32:a7:f1:47:32:13:d4:b5:77:56:99:39:f8:90:
7f:7a:bc:18:ea:19:bd:26:67:eb:73:dc:e3:d4:37:79:1e:0b:
85:93:d2:c6:87:ac:79:88:49:bc:13:5c:1d:1d:b7:e2:77:88:
02:1b:f9:41:dc:3a:71:e3:5f:fe:aa:8d:50:47:b7:a8:90:b4:
fe:5c:2f:56:b4:5a:50:da:84:dc:4f:27:e3:dc:bf:7d:37:0a:
7f:37:ee:0f:41:64:21:e7:8b:72:3b:28:e2:2e:2e:7a:2a:fa:
4d:65:40:26:f4:ec:5b:52:55:91:8a:8b:c4:83:ea:22:2e:15:
d6:d8:60:95:38:4c:4e:52:75:6b:d2:ad:fd:9a:f4:c4:c3:6e:
4b:37:c3:e4:5b:4b:6e:31:20:32:87:d8:3d:fa:59:52:15:17:
d7:8d:17:5a:c1:68:8d:0c:7f:85:27:32:b0:66:d3:1d:0a:e0:
a6:34:22:5e:dc:26:de:6d:1b:f0:78:a0:3e:18:dc:93:ed:d4:
05:4a:ce:b9:36:a9:b5:04:4f:ea:25:ee:d1:eb:04:15:7d:b3:
e8:ee:e5:11:ce:21:5c:5e:c5:68:b1:64:59:47:d6:9a:b3:ed:
db:fc:69:92
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIEGuxjkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDUw
MzA3MDcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg3OTMzMzhmNjA4
ZjBkY2UzZWE1NzFkMTE3MzkxZDc0ZjBkNmQ5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0Gz5sf8ww/6uHwFNQj1iyOFMgQLKnwERvYGvwikFgKkRr6
DbO4B0RVUXyGtqleDco7X+6bJYMfHlJFffvK0iFggYtikNvOc1N7iZEVfQBbJnsD
lgykqOQHigFcBA+XPXeEzHnhL8Et24I7YizS8CZZ3iiG7bVHly4OkFtU5jgnpWIj
gZp6kDSfGNa1OG2nOvNk+xhqyK1rKM8Bx2gT9iGqhj4KY2GtN1tyvxKU7/fhxVle
hOYheYfYgG0T2k0CSTrnLe4ZuzQ4Dr7AL49OP6/GcVi6N4BphQtK4UAzYAVUK7vo
SucTWH43hJY3gc2JQJ8yFgIBCz3jCojbkhcP7IECAwEAAaOCApYwggKSMB0GA1Ud
DgQWBBQoeTM49gjw3OPqVx0Rc5HXTw1tmzAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L0tIa3pPUFlJOE56ajZsY2RFWE9SMTA4TmJacy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
qwYIKwYBBQUHAQcBAf8EgZswgZgwgZUEAgABMIGOAwQAUGAMAwQAUGAvAwQAUGBD
AwQAUGBPMAwDBABQYZMDBAFQYZQDBABRtBsDBABRtYADBABRtacDBADB4nQDBADB
4n8DBADB52wDBADB57gwDAMEAMHnuwMEAcHnvAMEAMHn4wMEAMHn6QMEAMHn7AME
AMHn7gMEAMHn/AMEAMJmhgMEAMJm5QMEANmcDjANBgkqhkiG9w0BAQsFAAOCAQEA
SxGONq4PoT0xShPaKAcVHM03nKeGLzKn8UcyE9S1d1aZOfiQf3q8GOoZvSZn63Pc
49Q3eR4LhZPSxoeseYhJvBNcHR234neIAhv5Qdw6ceNf/qqNUEe3qJC0/lwvVrRa
UNqE3E8n49y/fTcKfzfuD0FkIeeLcjso4i4ueir6TWVAJvTsW1JVkYqLxIPqIi4V
1thglThMTlJ1a9Kt/Zr0xMNuSzfD5FtLbjEgMofYPfpZUhUX140XWsFojQx/hScy
sGbTHQrgpjQiXtwm3m0b8HigPhjck+3UBUrOuTaptQRP6iXu0esEFX2z6O7lEc4h
XF7FaLFkWUfWmrPt2/xpkg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:28 2023 by rpki-client on console-fra.rpki-client.org