Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ds-mdb_YHb_MiM3_fmRuOtA1jK4.roa
File: ds-mdb_YHb_MiM3_fmRuOtA1jK4.roa (raw, json)
Hash identifier: S+rsDN21T5HQ9Vd7JtJ8LR+FeCvCNrxw1sf2M8lrUok=
Subject key identifier: 76:CF:A6:75:BF:D8:1D:BF:CC:88:CD:FF:7E:64:6E:3A:D0:35:8C:AE
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 1AE2E9E4
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ds-mdb_YHb_MiM3_fmRuOtA1jK4.roa
Signing time: Fri 29 Apr 2022 18:08:40 +0000
ROA not before: Fri 29 Apr 2022 18:08:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 217.156.14.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
193.231.227.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
80.96.12.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.187.0/24 maxlen: 24
193.231.188.0/24 maxlen: 24
193.231.189.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
80.96.47.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
81.180.27.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
81.181.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 451078628 (0x1ae2e9e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Apr 29 18:08:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76cfa675bfd81dbfcc88cdff7e646e3ad0358cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:84:1f:ed:a6:09:3c:67:05:ae:f6:41:14:e2:
dd:f9:b0:f6:8e:b4:71:2e:bf:7c:b5:bd:76:1f:53:
e7:b6:65:4d:1f:80:f8:bd:6c:25:c7:ef:22:af:4a:
13:7d:74:d6:e7:52:67:8d:04:b2:4c:84:57:f9:2a:
0c:d4:89:6f:31:cf:57:d4:26:26:5a:a4:3d:bc:e9:
93:8b:d3:05:a8:79:e3:87:8a:2f:a8:28:a6:32:67:
76:07:42:b6:73:bc:2c:1c:b8:e1:ab:74:21:49:72:
fc:33:b7:b3:7f:04:ab:aa:88:28:c0:b6:32:02:2f:
12:27:75:ac:6c:ef:f8:5f:1b:a0:4c:83:0b:8b:d2:
4d:32:40:39:48:ed:67:0f:c5:5e:35:23:9a:5b:c9:
28:20:15:30:e9:49:84:17:32:8e:bd:b5:95:24:fd:
e7:1d:3e:b7:56:07:d1:fc:74:0b:fa:83:6a:48:0c:
19:fd:a8:0b:89:1d:cd:b4:75:fc:8e:3f:73:7a:fe:
02:84:c1:04:55:ed:04:5d:42:db:ad:3d:b1:d2:62:
b9:b8:4f:c5:54:5d:3c:b2:58:ec:29:c5:32:80:d9:
8c:60:9e:21:74:c5:01:48:c3:15:1a:a5:b2:d7:98:
06:01:95:c5:1a:2b:7f:60:f0:60:f2:f0:ef:1b:77:
8f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CF:A6:75:BF:D8:1D:BF:CC:88:CD:FF:7E:64:6E:3A:D0:35:8C:AE
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ds-mdb_YHb_MiM3_fmRuOtA1jK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.12.0/24
80.96.47.0/24
80.96.67.0/24
80.96.79.0/24
80.97.147.0-80.97.149.255
81.180.27.0/24
81.181.128.0/24
81.181.167.0/24
193.226.116.0/24
193.231.184.0/24
193.231.187.0-193.231.189.255
193.231.227.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.134.0/24
194.102.229.0/24
217.156.14.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:8f:e9:f9:03:a3:36:e0:54:c4:f4:96:93:a9:33:41:fd:d7:
67:c7:33:f4:99:fa:76:b0:23:3c:e2:f9:8c:43:6b:d8:20:59:
c4:6d:2b:85:36:fe:8a:a4:39:43:25:b2:37:6e:f6:23:32:d8:
a9:a3:3b:3f:45:cf:87:12:0d:32:e3:59:c5:43:0d:ce:74:65:
b5:3c:1d:40:9e:1c:37:c7:48:23:c1:8b:15:c1:53:e0:8a:39:
f2:ec:41:c3:f9:59:01:d9:b5:35:f5:eb:38:6b:87:7b:06:82:
0c:8c:2a:74:9f:bf:2e:e8:25:2f:68:7c:a5:4e:f3:11:bd:7a:
39:53:02:06:21:19:90:c9:8b:67:80:73:da:f4:c7:d8:91:6c:
67:b8:cb:5e:80:0d:00:34:d1:86:a4:59:b9:c3:1c:71:22:d2:
e7:75:d5:0e:f9:ac:08:f0:a7:32:32:5a:9a:48:9c:71:b7:9c:
c0:3d:d6:1a:80:89:7f:47:04:47:5e:98:03:31:a8:54:a9:2b:
a7:a5:08:c5:cc:7f:13:cb:0d:c2:2d:f8:0a:6d:e5:ea:72:71:
03:ce:b0:dd:1b:56:b0:17:cc:79:65:a5:4a:e3:18:dc:29:fc:
41:d1:b9:88:e0:87:4d:86:f6:ca:f9:47:a8:c5:d5:fd:a8:3a:
ed:13:09:ba
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIEGuLp5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDQy
OTE4MDg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZjZmE2NzViZmQ4
MWRiZmNjODhjZGZmN2U2NDZlM2FkMDM1OGNhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+EH+2mCTxnBa72QRTi3fmw9o60cS6/fLW9dh9T57ZlTR+A
+L1sJcfvIq9KE3101udSZ40EskyEV/kqDNSJbzHPV9QmJlqkPbzpk4vTBah544eK
L6gopjJndgdCtnO8LBy44at0IUly/DO3s38Eq6qIKMC2MgIvEid1rGzv+F8boEyD
C4vSTTJAOUjtZw/FXjUjmlvJKCAVMOlJhBcyjr21lST95x0+t1YH0fx0C/qDakgM
Gf2oC4kdzbR1/I4/c3r+AoTBBFXtBF1C2609sdJiubhPxVRdPLJY7CnFMoDZjGCe
IXTFAUjDFRqlsteYBgGVxRorf2DwYPLw7xt3j/MCAwEAAaOCAoowggKGMB0GA1Ud
DgQWBBR2z6Z1v9gdv8yIzf9+ZG460DWMrjAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L2RzLW1kYl9ZSGJfTWlNM19mbVJ1T3RBMWpLNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nwYIKwYBBQUHAQcBAf8EgY8wgYwwgYkEAgABMIGCAwQAUGAMAwQAUGAvAwQAUGBD
AwQAUGBPMAwDBABQYZMDBAFQYZQDBABRtBsDBABRtYADBABRtacDBADB4nQDBADB
57gwDAMEAMHnuwMEAcHnvAMEAMHn4wMEAMHn6QMEAMHn7AMEAMHn7gMEAMHn/AME
AMJmhgMEAMJm5QMEANmcDjANBgkqhkiG9w0BAQsFAAOCAQEAHo/p+QOjNuBUxPSW
k6kzQf3XZ8cz9Jn6drAjPOL5jENr2CBZxG0rhTb+iqQ5QyWyN272IzLYqaM7P0XP
hxINMuNZxUMNznRltTwdQJ4cN8dII8GLFcFT4Io58uxBw/lZAdm1NfXrOGuHewaC
DIwqdJ+/LuglL2h8pU7zEb16OVMCBiEZkMmLZ4Bz2vTH2JFsZ7jLXoANADTRhqRZ
ucMccSLS53XVDvmsCPCnMjJamkiccbecwD3WGoCJf0cER16YAzGoVKkrp6UIxcx/
E8sNwi34Cm3l6nJxA86w3RtWsBfMeWWlSuMY3Cn8QdG5iOCHTYb2yvlHqMXV/ag6
7RMJug==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-ams.rpki-client.org