Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ytk7qy2BHTc7bv9ZQRLc-HEUl3w.roa
File: ytk7qy2BHTc7bv9ZQRLc-HEUl3w.roa (raw, json)
Hash identifier: uyxIegSe3QRps0uW4wCDdK32kShyDUhXJNv2x8dXZ4A=
Subject key identifier: CA:D9:3B:AB:2D:81:1D:37:3B:6E:FF:59:41:12:DC:F8:71:14:97:7C
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 1AD1EACF
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ytk7qy2BHTc7bv9ZQRLc-HEUl3w.roa
Signing time: Wed 27 Apr 2022 08:25:22 +0000
ROA not before: Wed 27 Apr 2022 08:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 217.156.14.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
193.231.227.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.187.0/24 maxlen: 24
193.231.188.0/24 maxlen: 24
193.231.189.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 449964751 (0x1ad1eacf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Apr 27 08:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cad93bab2d811d373b6eff594112dcf87114977c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fd:c7:7d:27:f8:c9:83:fc:82:a5:4f:85:1b:
f0:a3:aa:21:e5:f4:68:25:55:45:b0:74:b7:89:fb:
3e:97:1c:d3:b7:b3:f3:8f:ce:5e:3a:be:ca:b7:48:
ac:1b:6f:b0:dd:74:e3:66:75:04:13:ac:63:bd:23:
a7:e5:86:aa:48:ec:d6:02:8c:0a:a2:24:23:34:cc:
8d:da:f9:f8:fa:cc:c7:98:48:58:30:32:fe:77:eb:
a8:bb:e6:a4:a0:7a:86:c5:f7:eb:6c:8f:26:99:cc:
24:4d:d3:e6:96:2a:26:89:3a:01:b8:14:a1:92:0e:
36:86:62:ff:07:63:2f:f5:23:0c:23:dd:8c:e7:66:
ce:61:ae:7f:a0:ad:c4:66:f5:fc:0a:8b:38:bf:ce:
da:91:cf:ca:dc:be:f7:c0:60:76:a2:62:a2:56:6c:
bc:d8:5f:af:e2:dd:9d:b2:92:0d:f9:36:b1:e9:ea:
e1:b1:b1:b5:ff:b3:72:ff:e6:7e:47:52:71:aa:d4:
b9:65:ee:fa:34:97:8e:1a:53:7b:0f:1c:48:96:a2:
ff:c8:77:2c:2d:aa:4f:0c:9f:44:e9:2f:a8:6b:1e:
29:bd:d9:dc:46:00:05:0f:73:84:6c:54:13:bf:da:
42:37:fd:51:67:45:71:74:1a:48:92:e3:42:aa:6b:
e0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D9:3B:AB:2D:81:1D:37:3B:6E:FF:59:41:12:DC:F8:71:14:97:7C
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ytk7qy2BHTc7bv9ZQRLc-HEUl3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.67.0/24
80.96.79.0/24
80.97.147.0-80.97.149.255
81.181.128.0/24
193.226.116.0/24
193.231.184.0/24
193.231.187.0-193.231.189.255
193.231.227.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.134.0/24
194.102.229.0/24
217.156.14.0/24
Signature Algorithm: sha256WithRSAEncryption
51:99:28:f6:0b:41:8b:d5:41:6a:28:64:2a:67:e3:e3:c8:7e:
86:ea:cb:c1:5a:e7:b9:7f:18:6f:0d:31:2e:5e:cf:4f:89:31:
94:bd:1b:cc:c2:52:92:fe:c7:e1:cc:f6:6b:30:a0:4e:7d:52:
79:2c:55:34:e6:d4:89:08:b1:e7:43:16:74:bf:e6:4f:a6:19:
0c:0c:86:6d:ff:87:ac:e1:f2:68:49:0c:95:da:29:d4:6d:06:
a8:8e:9b:b7:c5:61:06:d3:06:da:4c:43:0a:3a:bd:86:a1:72:
63:04:51:d3:95:67:84:ad:02:eb:c7:d3:0d:de:a4:0a:bf:bb:
aa:cf:71:8a:de:62:a6:99:53:c2:e4:46:a5:01:1a:a9:f3:c5:
28:48:41:f7:52:1c:fb:7c:2f:be:24:b0:e4:67:b0:71:0f:93:
81:ca:38:47:bf:a8:48:c4:39:99:a2:39:34:88:e8:18:70:3c:
47:08:bc:6d:f1:80:64:a2:c3:74:a7:b9:d5:94:d0:07:3e:b3:
fa:9d:fc:f5:7b:ee:c4:f2:e2:26:b3:c4:45:a1:ff:63:97:49:
cc:fc:93:e2:e9:86:9d:7e:fc:ef:18:49:b2:02:0b:f4:c4:f5:
f3:77:1c:89:fb:03:2f:d9:c0:9b:09:a0:94:52:06:60:01:9f:
85:62:1a:1a
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIEGtHqzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDQy
NzA4MjUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FkOTNiYWIyZDgx
MWQzNzNiNmVmZjU5NDExMmRjZjg3MTE0OTc3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALX9x30n+MmD/IKlT4Ub8KOqIeX0aCVVRbB0t4n7Ppcc07ez
84/OXjq+yrdIrBtvsN1042Z1BBOsY70jp+WGqkjs1gKMCqIkIzTMjdr5+PrMx5hI
WDAy/nfrqLvmpKB6hsX362yPJpnMJE3T5pYqJok6AbgUoZIONoZi/wdjL/UjDCPd
jOdmzmGuf6CtxGb1/AqLOL/O2pHPyty+98BgdqJiolZsvNhfr+LdnbKSDfk2senq
4bGxtf+zcv/mfkdScarUuWXu+jSXjhpTew8cSJai/8h3LC2qTwyfROkvqGseKb3Z
3EYABQ9zhGxUE7/aQjf9UWdFcXQaSJLjQqpr4N0CAwEAAaOCAm4wggJqMB0GA1Ud
DgQWBBTK2TurLYEdNztu/1lBEtz4cRSXfDAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L3l0azdxeTJCSFRjN2J2OVpRUkxjLUhFVWwzdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gwYIKwYBBQUHAQcBAf8EdDByMHAEAgABMGoDBABQYEMDBABQYE8wDAMEAFBhkwME
AVBhlAMEAFG1gAMEAMHidAMEAMHnuDAMAwQAwee7AwQBwee8AwQAwefjAwQAwefp
AwQAwefsAwQAwefuAwQAwef8AwQAwmaGAwQAwmblAwQA2ZwOMA0GCSqGSIb3DQEB
CwUAA4IBAQBRmSj2C0GL1UFqKGQqZ+PjyH6G6svBWue5fxhvDTEuXs9PiTGUvRvM
wlKS/sfhzPZrMKBOfVJ5LFU05tSJCLHnQxZ0v+ZPphkMDIZt/4es4fJoSQyV2inU
bQaojpu3xWEG0wbaTEMKOr2GoXJjBFHTlWeErQLrx9MN3qQKv7uqz3GK3mKmmVPC
5EalARqp88UoSEH3Uhz7fC++JLDkZ7BxD5OByjhHv6hIxDmZojk0iOgYcDxHCLxt
8YBkosN0p7nVlNAHPrP6nfz1e+7E8uIms8RFof9jl0nM/JPi6YadfvzvGEmyAgv0
xPXzdxyJ+wMv2cCbCaCUUgZgAZ+FYhoa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:28 2023 by rpki-client on console-fra.rpki-client.org