Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/n3GhNQ3YGyannfr2jFa-3q2-ikA.roa
File: n3GhNQ3YGyannfr2jFa-3q2-ikA.roa (raw, json)
Hash identifier: WZxy8R4LUvSJ6Pi21b4QcIMyvVse83sP4zbFoug/BzM=
Subject key identifier: 9F:71:A1:35:0D:D8:1B:26:A7:9D:FA:F6:8C:56:BE:DE:AD:BE:8A:40
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 1AAC3015
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/n3GhNQ3YGyannfr2jFa-3q2-ikA.roa
Signing time: Thu 21 Apr 2022 08:56:24 +0000
ROA not before: Thu 21 Apr 2022 08:56:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 193.231.227.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.187.0/24 maxlen: 24
193.231.188.0/24 maxlen: 24
193.231.189.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447492117 (0x1aac3015)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Apr 21 08:56:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f71a1350dd81b26a79dfaf68c56bedeadbe8a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:88:f0:d0:f9:be:0e:6c:9c:98:f5:01:1b:17:
47:12:ce:13:73:72:eb:ae:a7:7e:4f:c2:5a:1a:f5:
db:04:e0:d2:25:62:fe:bf:50:2d:7d:ca:45:7d:16:
8c:d2:e6:62:07:9f:15:a0:19:2e:dc:8c:30:cd:ee:
0c:30:8e:5f:e4:4a:23:f4:1b:60:41:b8:2c:2f:9e:
b7:9f:99:d6:2b:31:07:9e:f3:4c:7e:e6:29:1f:f5:
e5:33:a2:8d:49:62:c8:44:93:b9:7f:7c:25:2c:e6:
dd:ed:c2:a4:03:27:9a:50:78:60:30:c5:19:29:1f:
2b:b5:73:6d:19:76:bb:7a:d6:d9:b2:59:1a:76:95:
d2:2e:70:af:c0:b8:33:69:0f:68:0d:0e:97:20:3a:
d3:02:93:a3:de:8d:d5:39:12:bf:8b:ad:70:b1:ba:
4d:9a:22:87:b4:a0:2e:1e:7a:76:58:58:75:0d:30:
a6:57:cd:fb:41:f0:a2:18:87:5f:5e:46:eb:8f:36:
05:4e:21:28:83:d8:81:40:54:6d:70:e0:33:f6:73:
36:ea:04:09:c2:24:e8:63:6c:02:48:c7:97:4c:05:
4b:8f:e5:a8:9e:23:a3:ee:ac:ee:9e:cc:1d:11:ca:
95:30:df:e5:36:a8:5d:ff:dd:14:cb:ab:14:cd:6f:
d8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:71:A1:35:0D:D8:1B:26:A7:9D:FA:F6:8C:56:BE:DE:AD:BE:8A:40
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/n3GhNQ3YGyannfr2jFa-3q2-ikA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.79.0/24
80.97.147.0-80.97.149.255
81.181.128.0/24
193.226.116.0/24
193.231.184.0/24
193.231.187.0-193.231.189.255
193.231.227.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.134.0/24
Signature Algorithm: sha256WithRSAEncryption
91:4d:ac:31:23:86:87:d1:66:37:1a:86:9d:ad:66:78:5d:fd:
69:4f:72:15:c7:34:83:7b:80:f3:45:e8:f5:de:f8:7a:f5:2c:
31:ce:eb:e0:ca:61:e1:37:54:7b:7b:fd:b7:b9:fd:c8:91:d1:
9a:1f:69:f0:2d:69:5d:f5:0c:9c:ad:9c:b2:f5:4f:2d:1a:04:
44:5b:c0:a0:3b:91:9e:4a:2c:d3:61:3e:5f:e6:57:3f:7a:1d:
59:ef:78:64:59:7c:e4:8c:5b:5f:b2:72:3a:5f:29:5d:37:60:
ad:57:00:2f:15:00:17:a9:31:cb:c8:b7:0a:88:63:c7:0b:35:
5d:ff:27:a2:7e:e1:bd:d5:65:4c:57:97:43:df:19:f2:3a:f6:
88:ee:5c:74:7c:9a:1d:ed:57:ce:ec:41:36:e4:d5:94:40:90:
e3:98:0d:2f:34:e7:3f:05:84:f7:3c:cb:04:c8:d1:8c:26:02:
96:74:97:ee:9e:81:e0:ef:58:42:cc:06:6f:79:03:17:48:61:
45:c9:7c:75:48:11:96:71:0b:8c:21:75:22:4c:10:31:9f:dd:
5e:65:4f:32:ed:41:bb:2f:fe:7f:f3:2b:54:d1:07:6d:88:9d:
59:b3:f1:05:86:02:45:b5:f3:69:72:db:dc:11:df:f9:c6:66:
7c:6f:6e:ad
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIEGqwwFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDQy
MTA4NTYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWY3MWExMzUwZGQ4
MWIyNmE3OWRmYWY2OGM1NmJlZGVhZGJlOGE0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmI8ND5vg5snJj1ARsXRxLOE3Ny666nfk/CWhr12wTg0iVi
/r9QLX3KRX0WjNLmYgefFaAZLtyMMM3uDDCOX+RKI/QbYEG4LC+et5+Z1isxB57z
TH7mKR/15TOijUliyESTuX98JSzm3e3CpAMnmlB4YDDFGSkfK7VzbRl2u3rW2bJZ
GnaV0i5wr8C4M2kPaA0OlyA60wKTo96N1TkSv4utcLG6TZoih7SgLh56dlhYdQ0w
plfN+0HwohiHX15G6482BU4hKIPYgUBUbXDgM/ZzNuoECcIk6GNsAkjHl0wFS4/l
qJ4jo+6s7p7MHRHKlTDf5TaoXf/dFMurFM1v2PUCAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBSfcaE1DdgbJqed+vaMVr7erb6KQDAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L24zR2hOUTNZR3lhbm5mcjJqRmEtM3EyLWlrQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwXgQCAAEwWAMEAFBgTzAMAwQAUGGTAwQBUGGUAwQA
UbWAAwQAweJ0AwQAwee4MAwDBADB57sDBAHB57wDBADB5+MDBADB5+kDBADB5+wD
BADB5+4DBADB5/wDBADCZoYwDQYJKoZIhvcNAQELBQADggEBAJFNrDEjhofRZjca
hp2tZnhd/WlPchXHNIN7gPNF6PXe+Hr1LDHO6+DKYeE3VHt7/be5/ciR0ZofafAt
aV31DJytnLL1Ty0aBERbwKA7kZ5KLNNhPl/mVz96HVnveGRZfOSMW1+ycjpfKV03
YK1XAC8VABepMcvItwqIY8cLNV3/J6J+4b3VZUxXl0PfGfI69ojuXHR8mh3tV87s
QTbk1ZRAkOOYDS805z8FhPc8ywTI0YwmApZ0l+6egeDvWELMBm95AxdIYUXJfHVI
EZZxC4whdSJMEDGf3V5lTzLtQbsv/n/zK1TRB22InVmz8QWGAkW182ly29wR3/nG
Znxvbq0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:28 2023 by rpki-client on console-fra.rpki-client.org