Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/sF21aK1v-Ktxa1bODADqfT6y9wU.roa
File: sF21aK1v-Ktxa1bODADqfT6y9wU.roa (raw, json)
Hash identifier: KEDM708C8pGXMW3UD4H6ryzCDbVYLwaNr+aKWJ8id1g=
Subject key identifier: B0:5D:B5:68:AD:6F:F8:AB:71:6B:56:CE:0C:00:EA:7D:3E:B2:F7:05
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 1ACF6837
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/sF21aK1v-Ktxa1bODADqfT6y9wU.roa
Signing time: Tue 26 Apr 2022 14:28:58 +0000
ROA not before: Tue 26 Apr 2022 14:28:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 217.156.14.0/24 maxlen: 24
193.231.227.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.187.0/24 maxlen: 24
193.231.188.0/24 maxlen: 24
193.231.189.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 449800247 (0x1acf6837)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Apr 26 14:28:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b05db568ad6ff8ab716b56ce0c00ea7d3eb2f705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b4:7b:18:50:52:a1:3a:35:26:25:a5:c0:dc:
5d:67:e1:11:07:58:fa:da:8d:fb:b2:8a:14:69:f3:
61:25:f7:9f:2a:c0:7a:94:c7:8d:ae:de:98:a5:14:
45:5f:33:a0:ef:8e:f2:0d:41:72:c1:71:ea:db:07:
52:06:b5:fd:98:06:53:35:92:4b:d3:8c:8e:b0:32:
a4:a3:c3:2e:91:54:9f:81:b1:24:23:ec:00:31:e4:
74:33:19:ee:da:f8:35:04:28:b6:eb:4b:d7:34:79:
ed:38:98:a7:04:f0:2d:5d:1e:14:7e:e1:19:5a:b2:
25:69:19:c7:68:f4:df:f9:e8:a0:4f:9c:7b:dd:0d:
01:fc:12:e4:0f:da:78:07:ce:13:21:ca:b7:98:5b:
98:00:9b:80:6a:e5:4e:02:b1:7d:6c:79:1e:94:af:
eb:30:42:c5:01:d0:02:56:8e:54:d6:fd:f4:f6:74:
42:b9:95:32:2c:f9:19:f9:e7:ad:a8:bd:69:d1:84:
06:a7:55:ac:61:cc:61:9f:c3:f5:7b:18:09:07:4c:
9c:5c:05:ff:4d:a2:33:ae:cc:0d:78:56:0b:04:c6:
2a:71:5c:26:d0:a3:85:9d:b7:68:f2:c9:df:81:04:
e4:f8:39:6a:a5:6b:75:d6:b1:81:ea:ad:37:92:27:
16:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:5D:B5:68:AD:6F:F8:AB:71:6B:56:CE:0C:00:EA:7D:3E:B2:F7:05
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/sF21aK1v-Ktxa1bODADqfT6y9wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.79.0/24
80.97.147.0-80.97.149.255
81.181.128.0/24
193.226.116.0/24
193.231.184.0/24
193.231.187.0-193.231.189.255
193.231.227.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.134.0/24
194.102.229.0/24
217.156.14.0/24
Signature Algorithm: sha256WithRSAEncryption
02:81:d6:21:2d:b0:57:aa:f5:cf:3c:da:aa:f0:da:fe:be:e7:
07:7a:87:3a:de:a1:18:9a:90:cb:e6:87:4d:00:35:86:37:d6:
14:a3:2c:2b:03:5c:1f:29:4b:7d:c4:15:0e:89:c9:d1:45:d4:
34:18:27:f6:ea:8f:08:1b:f5:68:a4:34:a4:b1:6d:8e:79:a3:
5b:d0:f6:72:6d:4c:45:4e:c2:5d:e4:37:6a:b7:8f:0b:10:0f:
eb:90:71:3e:e4:53:60:cd:44:db:98:dc:f1:2f:19:60:dd:bc:
f1:e7:00:33:e7:5a:b9:1c:37:a4:57:39:a2:f2:1c:c1:e4:ca:
f8:84:27:96:68:fa:dc:25:d1:bc:f2:f3:4e:2b:4b:4d:c6:a2:
52:5e:86:3f:17:37:cc:6b:98:ea:c8:12:8b:c5:7d:4c:90:2f:
4d:09:28:a2:1e:45:f3:99:c9:5a:72:ba:08:3e:97:b7:94:40:
20:5d:8e:6f:cb:cd:4f:37:c6:a0:44:f9:5d:ad:5c:5d:ed:a3:
77:99:8d:26:1f:c1:d7:5f:cd:24:89:6b:0e:14:76:0b:f6:a8:
14:2b:c4:89:f2:5c:b9:5e:44:ea:22:60:2c:66:28:52:91:a8:
d2:ae:88:6e:5a:75:7d:25:8a:db:d2:5a:10:1d:bc:a4:37:48:
e3:6c:7e:60
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIEGs9oNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDQy
NjE0Mjg1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjA1ZGI1NjhhZDZm
ZjhhYjcxNmI1NmNlMGMwMGVhN2QzZWIyZjcwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMe0exhQUqE6NSYlpcDcXWfhEQdY+tqN+7KKFGnzYSX3nyrA
epTHja7emKUURV8zoO+O8g1BcsFx6tsHUga1/ZgGUzWSS9OMjrAypKPDLpFUn4Gx
JCPsADHkdDMZ7tr4NQQotutL1zR57TiYpwTwLV0eFH7hGVqyJWkZx2j03/nooE+c
e90NAfwS5A/aeAfOEyHKt5hbmACbgGrlTgKxfWx5HpSv6zBCxQHQAlaOVNb99PZ0
QrmVMiz5Gfnnrai9adGEBqdVrGHMYZ/D9XsYCQdMnFwF/02iM67MDXhWCwTGKnFc
JtCjhZ23aPLJ34EE5Pg5aqVrddaxgeqtN5InFncCAwEAAaOCAmcwggJjMB0GA1Ud
DgQWBBSwXbVorW/4q3FrVs4MAOp9PrL3BTAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L3NGMjFhSzF2LUt0eGExYk9EQURxZlQ2eTl3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB9
BggrBgEFBQcBBwEB/wRuMGwwagQCAAEwZAMEAFBgTzAMAwQAUGGTAwQBUGGUAwQA
UbWAAwQAweJ0AwQAwee4MAwDBADB57sDBAHB57wDBADB5+MDBADB5+kDBADB5+wD
BADB5+4DBADB5/wDBADCZoYDBADCZuUDBADZnA4wDQYJKoZIhvcNAQELBQADggEB
AAKB1iEtsFeq9c882qrw2v6+5wd6hzreoRiakMvmh00ANYY31hSjLCsDXB8pS33E
FQ6JydFF1DQYJ/bqjwgb9WikNKSxbY55o1vQ9nJtTEVOwl3kN2q3jwsQD+uQcT7k
U2DNRNuY3PEvGWDdvPHnADPnWrkcN6RXOaLyHMHkyviEJ5Zo+twl0bzy804rS03G
olJehj8XN8xrmOrIEovFfUyQL00JKKIeRfOZyVpyugg+l7eUQCBdjm/LzU83xqBE
+V2tXF3to3eZjSYfwddfzSSJaw4Udgv2qBQrxInyXLleROoiYCxmKFKRqNKuiG5a
dX0litvSWhAdvKQ3SONsfmA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-ams.rpki-client.org