Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ma08FsDU6dS4M2NchBQdNGFOHOg.roa
File: ma08FsDU6dS4M2NchBQdNGFOHOg.roa (raw, json)
Hash identifier: kJ+Yj7l6fByaecfEGUImAYaH4fO5sKaKY7q8IDK0wGw=
Subject key identifier: 99:AD:3C:16:C0:D4:E9:D4:B8:33:63:5C:84:14:1D:34:61:4E:1C:E8
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 1ADC3B94
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ma08FsDU6dS4M2NchBQdNGFOHOg.roa
Signing time: Thu 28 Apr 2022 09:06:11 +0000
ROA not before: Thu 28 Apr 2022 09:06:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 217.156.14.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
193.231.227.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.187.0/24 maxlen: 24
193.231.188.0/24 maxlen: 24
193.231.189.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
80.96.47.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
81.181.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 450640788 (0x1adc3b94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Apr 28 09:06:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99ad3c16c0d4e9d4b833635c84141d34614e1ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3b:a4:53:a4:15:bb:21:8d:66:02:b7:d3:4a:
02:b1:35:06:63:b7:06:7e:8c:ff:06:73:0f:41:a3:
92:a9:92:69:50:26:5e:92:10:04:6f:f3:2c:27:7e:
da:fd:5f:3b:76:2b:72:95:ac:2a:74:51:5d:82:45:
36:71:ad:e3:41:02:92:78:f4:a4:a9:30:cd:b6:b6:
f7:99:2c:b0:59:b3:1d:01:94:d9:5c:12:32:32:a5:
33:89:18:74:cc:24:51:ef:f1:aa:4b:04:3e:74:0f:
44:cd:44:ce:a8:55:70:3d:f5:0e:a1:bd:18:0e:c1:
f9:be:75:30:c9:5c:a4:1d:75:43:dd:dc:ee:31:bc:
2b:24:19:60:4c:a1:b5:4f:e7:f4:46:ce:ff:da:70:
4a:02:4a:ca:8a:04:97:75:cb:52:91:af:f6:f2:37:
f1:87:58:8f:e7:08:53:c2:98:11:8b:fd:24:0b:12:
d6:75:ff:3d:5c:f2:73:17:30:e5:fe:ee:60:59:cb:
e8:db:b8:36:cd:dc:93:dc:f9:84:22:75:61:66:5e:
55:60:c1:3d:4f:64:95:ef:3b:5d:ab:a7:40:ef:41:
01:2a:ce:b2:7e:96:9f:d9:78:50:e9:fc:45:1d:f2:
ce:d8:d9:ae:88:94:32:01:5e:da:54:c0:f6:98:1b:
2f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:AD:3C:16:C0:D4:E9:D4:B8:33:63:5C:84:14:1D:34:61:4E:1C:E8
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ma08FsDU6dS4M2NchBQdNGFOHOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.47.0/24
80.96.67.0/24
80.96.79.0/24
80.97.147.0-80.97.149.255
81.181.128.0/24
81.181.167.0/24
193.226.116.0/24
193.231.184.0/24
193.231.187.0-193.231.189.255
193.231.227.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.134.0/24
194.102.229.0/24
217.156.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:36:58:28:b3:f3:8a:22:02:8f:7e:85:a2:fb:52:23:cb:fe:
83:f6:6a:7a:7a:e8:05:74:b0:77:46:0e:df:60:d3:05:ed:c6:
9e:0f:3a:d8:e9:93:fe:05:23:96:a4:41:2c:74:48:4e:ab:3b:
ea:25:85:47:a7:44:2c:ec:f6:f9:cb:2f:3d:ee:cb:2b:4d:63:
42:81:1d:cd:80:4f:d4:c5:b8:51:83:a0:e2:81:11:03:98:73:
a9:03:90:60:db:37:8e:95:39:13:f4:49:91:4b:16:a4:61:b9:
42:cf:13:ab:c0:74:71:07:4e:ac:8e:66:d2:fb:63:4f:e5:86:
26:69:ab:de:c9:7f:34:3a:93:6c:71:59:44:f3:05:4f:0e:33:
24:0b:9d:7b:c0:8f:d2:10:70:af:63:d1:55:d3:7b:bc:3e:7f:
87:31:55:a0:b9:e4:67:51:ef:97:25:cd:68:43:53:f5:d0:82:
eb:b2:16:fa:45:b3:b7:0c:83:cd:14:92:ef:37:80:a9:26:90:
1b:ca:85:78:ac:bb:a7:17:eb:51:02:fc:73:d5:5d:6b:03:ee:
cf:98:34:15:a8:d3:02:1c:92:17:36:0d:1e:4e:76:a6:a7:fd:
b3:20:da:ff:d8:22:c6:0b:9e:83:d9:98:b7:29:9f:5e:c6:0e:
37:f2:d0:f3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIEGtw7lDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDQy
ODA5MDYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTlhZDNjMTZjMGQ0
ZTlkNGI4MzM2MzVjODQxNDFkMzQ2MTRlMWNlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKE7pFOkFbshjWYCt9NKArE1BmO3Bn6M/wZzD0GjkqmSaVAm
XpIQBG/zLCd+2v1fO3YrcpWsKnRRXYJFNnGt40ECknj0pKkwzba295kssFmzHQGU
2VwSMjKlM4kYdMwkUe/xqksEPnQPRM1EzqhVcD31DqG9GA7B+b51MMlcpB11Q93c
7jG8KyQZYEyhtU/n9EbO/9pwSgJKyooEl3XLUpGv9vI38YdYj+cIU8KYEYv9JAsS
1nX/PVzycxcw5f7uYFnL6Nu4Ns3ck9z5hCJ1YWZeVWDBPU9kle87XaunQO9BASrO
sn6Wn9l4UOn8RR3yztjZroiUMgFe2lTA9pgbL78CAwEAAaOCAnswggJ3MB0GA1Ud
DgQWBBSZrTwWwNTp1LgzY1yEFB00YU4c6DAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L21hMDhGc0RVNmRTNE0yTmNoQlFkTkdGT0hPZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
kAYIKwYBBQUHAQcBAf8EgYAwfjB8BAIAATB2AwQAUGAvAwQAUGBDAwQAUGBPMAwD
BABQYZMDBAFQYZQDBABRtYADBABRtacDBADB4nQDBADB57gwDAMEAMHnuwMEAcHn
vAMEAMHn4wMEAMHn6QMEAMHn7AMEAMHn7gMEAMHn/AMEAMJmhgMEAMJm5QMEANmc
DjANBgkqhkiG9w0BAQsFAAOCAQEATjZYKLPziiICj36FovtSI8v+g/ZqenroBXSw
d0YO32DTBe3Gng862OmT/gUjlqRBLHRITqs76iWFR6dELOz2+csvPe7LK01jQoEd
zYBP1MW4UYOg4oERA5hzqQOQYNs3jpU5E/RJkUsWpGG5Qs8Tq8B0cQdOrI5m0vtj
T+WGJmmr3sl/NDqTbHFZRPMFTw4zJAude8CP0hBwr2PRVdN7vD5/hzFVoLnkZ1Hv
lyXNaENT9dCC67IW+kWztwyDzRSS7zeAqSaQG8qFeKy7pxfrUQL8c9VdawPuz5g0
FajTAhySFzYNHk52pqf9syDa/9gixgueg9mYtymfXsYON/LQ8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:05 2024 by rpki-client on console-ams.rpki-client.org