Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/UYu9wqhVJiGd07hiCEmxeP94Ff8.roa
File: UYu9wqhVJiGd07hiCEmxeP94Ff8.roa (raw, json)
Hash identifier: K5vWZqrJXlTleqNJ5d539H+Btk74ASejXKnU4CPCwQc=
Subject key identifier: 51:8B:BD:C2:A8:55:26:21:9D:D3:B8:62:08:49:B1:78:FF:78:15:FF
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 0183B25B1620D1809FDF86B672E4A3788D79
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/UYu9wqhVJiGd07hiCEmxeP94Ff8.roa
Signing time: Fri 07 Oct 2022 12:10:57 +0000
ROA not before: Fri 07 Oct 2022 12:10:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 328126
IP address blocks: 90.84.148.0/24 maxlen: 24
80.15.251.0/24 maxlen: 24
80.15.252.0/24 maxlen: 24
80.15.253.0/24 maxlen: 24
90.84.153.0/24 maxlen: 28
80.15.250.0/24 maxlen: 24
80.15.255.0/24 maxlen: 24
80.15.254.0/24 maxlen: 24
2a01:c9c0:c002::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b2:5b:16:20:d1:80:9f:df:86:b6:72:e4:a3:78:8d:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Oct 7 12:10:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=518bbdc2a85526219dd3b8620849b178ff7815ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:42:cf:3e:84:db:14:22:4d:db:e2:bc:99:18:
c8:1e:1d:ae:3d:2e:07:c2:d1:6b:2d:53:06:8e:0e:
11:04:d0:50:53:42:13:c1:71:df:5f:08:e1:8e:6f:
50:5e:61:45:5b:13:72:d6:0d:a5:af:d4:58:83:24:
0c:33:d0:39:7b:0e:84:50:1e:26:9d:f9:94:a2:55:
35:df:c4:41:5a:4e:ce:ed:96:da:46:03:55:c9:7f:
ae:4e:63:79:29:9d:57:0e:c6:56:54:fd:36:20:83:
60:c2:89:05:ae:c9:13:b5:32:e0:d0:88:b9:c8:6f:
1d:eb:89:fb:fc:72:5c:ca:48:d5:bc:30:81:55:5a:
93:40:39:59:90:63:ee:cb:30:71:56:8e:e2:20:87:
8c:54:69:95:26:33:bb:74:6c:21:3b:12:6f:7e:da:
08:4e:99:69:ba:15:c1:9d:74:6a:2e:85:ae:a5:11:
64:55:af:b7:aa:98:47:78:d4:e1:cd:6e:f9:73:69:
b3:0e:77:cf:20:a7:2d:f8:bc:a2:ba:7e:9a:e6:8f:
58:b2:5a:5e:06:86:3f:cc:5f:28:3c:d6:75:94:eb:
58:d3:08:13:54:0c:f4:fe:cf:4b:5f:a9:c1:dd:8a:
9b:18:d9:3e:8a:36:b3:a5:b2:d5:63:8a:cf:1a:d0:
9d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:8B:BD:C2:A8:55:26:21:9D:D3:B8:62:08:49:B1:78:FF:78:15:FF
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/UYu9wqhVJiGd07hiCEmxeP94Ff8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.15.250.0-80.15.255.255
90.84.148.0/24
90.84.153.0/24
IPv6:
2a01:c9c0:c002::/48
Signature Algorithm: sha256WithRSAEncryption
15:5d:f8:64:15:f0:21:9c:c8:38:e9:83:35:fd:a9:5c:38:28:
36:07:ef:e4:92:17:07:0e:00:d4:09:dc:84:3e:4e:87:25:78:
0d:33:da:97:08:4d:50:e4:b7:ba:63:84:2b:3d:f8:f5:53:fe:
62:de:db:c8:6b:42:bb:b6:86:e5:18:22:aa:da:fe:e4:eb:e0:
3a:7b:90:d2:33:59:94:05:de:95:54:b2:28:6a:af:77:e2:66:
1b:de:93:6d:1e:08:30:c9:d1:a7:47:b5:d0:57:79:dc:b9:a2:
3c:bc:29:56:0f:02:37:ce:88:f8:df:86:e6:01:da:cb:b5:13:
77:03:80:88:f4:33:a4:aa:1b:2b:4d:a0:a0:2b:f3:0c:4b:6a:
89:d3:e7:97:86:00:8e:09:62:50:99:32:e4:c0:54:a3:a8:49:
29:c5:65:9d:7d:2d:97:de:39:cc:80:2c:cf:69:3d:a4:0f:4a:
ff:e2:d5:3c:08:fc:49:16:03:ef:ba:bc:3c:b7:3c:6c:74:de:
d3:af:0f:77:e2:9c:e6:35:71:25:ff:24:bc:cb:2d:0c:33:61:
1b:e0:96:0c:0c:d5:7c:84:8a:c4:0d:48:21:b7:47:13:57:81:
0e:06:aa:07:6c:c5:4d:d6:60:48:66:81:c7:42:0f:f5:c7:24:
46:5a:74:ec
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYOyWxYg0YCf34a2cuSjeI15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjIxMDA3MTIxMDU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MThiYmRjMmE4NTUyNjIxOWRkM2I4NjIwODQ5YjE3OGZmNzgxNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArULPPoTbFCJN2+K8mRjIHh2uPS4H
wtFrLVMGjg4RBNBQU0ITwXHfXwjhjm9QXmFFWxNy1g2lr9RYgyQMM9A5ew6EUB4m
nfmUolU138RBWk7O7ZbaRgNVyX+uTmN5KZ1XDsZWVP02IINgwokFrskTtTLg0Ii5
yG8d64n7/HJcykjVvDCBVVqTQDlZkGPuyzBxVo7iIIeMVGmVJjO7dGwhOxJvftoI
TplpuhXBnXRqLoWupRFkVa+3qphHeNThzW75c2mzDnfPIKct+Lyiun6a5o9Yslpe
BoY/zF8oPNZ1lOtY0wgTVAz0/s9LX6nB3YqbGNk+ijazpbLVY4rPGtCdxwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFGLvcKoVSYhndO4YghJsXj/eBX/MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvVVl1OXdxaFZKaUdkMDdoaUNFbXhlUDk0RmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAfBAIAATAZMAsDBAFQD/oD
AwRQAAMEAFpUlAMEAFpUmTAPBAIAAjAJAwcAKgHJwMACMA0GCSqGSIb3DQEBCwUA
A4IBAQAVXfhkFfAhnMg46YM1/alcOCg2B+/kkhcHDgDUCdyEPk6HJXgNM9qXCE1Q
5Le6Y4QrPfj1U/5i3tvIa0K7toblGCKq2v7k6+A6e5DSM1mUBd6VVLIoaq934mYb
3pNtHggwydGnR7XQV3ncuaI8vClWDwI3zoj434bmAdrLtRN3A4CI9DOkqhsrTaCg
K/MMS2qJ0+eXhgCOCWJQmTLkwFSjqEkpxWWdfS2X3jnMgCzPaT2kD0r/4tU8CPxJ
FgPvurw8tzxsdN7Trw934pzmNXEl/yS8yy0MM2Eb4JYMDNV8hIrEDUght0cTV4EO
BqoHbMVN1mBIZoHHQg/1xyRGWnTs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org