Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nZrnPYOALH6NyTTSuRgZrtubt7k.roa
File: nZrnPYOALH6NyTTSuRgZrtubt7k.roa (raw, json)
Hash identifier: 7m2e7T6WJjta7HpuxbHm4pTGmjB+e1SKFcLTLKYxE80=
Subject key identifier: 9D:9A:E7:3D:83:80:2C:7E:8D:C9:34:D2:B9:18:19:AE:DB:9B:B7:B9
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 45C75AFF
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nZrnPYOALH6NyTTSuRgZrtubt7k.roa
Signing time: Wed 20 Apr 2022 05:07:04 +0000
ROA not before: Wed 20 Apr 2022 05:07:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5511
IP address blocks: 193.251.220.0/22 maxlen: 24
193.251.240.0/20 maxlen: 24
90.84.48.0/20 maxlen: 24
81.52.128.0/21 maxlen: 24
90.84.128.0/20 maxlen: 24
81.52.136.0/22 maxlen: 24
81.52.140.0/23 maxlen: 24
90.84.151.0/24 maxlen: 24
193.251.160.0/20 maxlen: 24
193.251.169.0/24 maxlen: 24
80.15.224.0/21 maxlen: 24
81.52.236.0/22 maxlen: 24
80.15.232.0/22 maxlen: 24
80.15.238.0/24 maxlen: 24
80.15.236.0/23 maxlen: 24
90.84.255.0/24 maxlen: 24
81.52.160.0/24 maxlen: 24
81.52.166.0/23 maxlen: 24
81.52.176.0/20 maxlen: 24
80.12.71.0/24 maxlen: 32
80.12.76.0/24 maxlen: 24
80.12.79.0/24 maxlen: 24
81.52.190.0/24 maxlen: 24
193.251.128.0/19 maxlen: 24
80.12.98.0/24 maxlen: 24
80.12.96.0/22 maxlen: 24
81.52.202.0/24 maxlen: 24
80.12.96.0/23 maxlen: 24
2a01:c000::/19 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1170692863 (0x45c75aff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Apr 20 05:07:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d9ae73d83802c7e8dc934d2b91819aedb9bb7b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:77:8a:47:db:5e:6d:79:52:46:19:ef:d2:19:
ec:c4:b6:26:69:cb:c2:1e:a5:39:9d:65:4f:69:2a:
11:7c:39:38:81:fa:8a:64:1e:20:67:41:0d:19:d8:
07:70:97:9a:6d:51:b9:c3:3f:50:0e:40:2d:ea:ee:
fa:75:58:a4:12:2b:70:7c:4e:a9:9c:27:d3:41:9c:
f8:54:10:a5:60:a8:5d:54:4c:84:b9:f3:c7:b1:74:
67:26:62:00:e6:c6:83:76:18:77:b5:51:f9:bc:c8:
88:6b:f6:19:7a:ac:74:3f:c1:89:4b:26:68:b6:18:
5c:36:16:ad:6f:04:96:3d:e4:04:0f:37:1b:fa:a3:
ec:1a:f8:b6:98:63:4e:07:20:f9:46:6c:7d:ac:8a:
62:46:a8:8f:22:16:d5:75:66:ff:2b:3f:ea:2c:63:
d4:41:3b:98:44:ae:80:c5:f8:9e:60:8d:03:8c:fd:
e9:0b:f3:1a:ae:8e:22:92:ec:60:0f:23:1d:b2:c0:
34:b9:47:9c:4d:f4:39:5a:bf:b8:f9:42:a3:6c:91:
06:ec:cf:4c:bc:47:63:f9:09:34:33:ff:75:1b:55:
69:51:01:36:6c:53:ea:6c:d6:b6:d8:53:4f:e0:95:
2e:43:70:64:70:10:51:15:51:00:f4:bc:19:c8:9b:
44:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9A:E7:3D:83:80:2C:7E:8D:C9:34:D2:B9:18:19:AE:DB:9B:B7:B9
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nZrnPYOALH6NyTTSuRgZrtubt7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.12.71.0/24
80.12.76.0/24
80.12.79.0/24
80.12.96.0/22
80.15.224.0-80.15.238.255
81.52.128.0-81.52.141.255
81.52.160.0/24
81.52.166.0/23
81.52.176.0/20
81.52.202.0/24
81.52.236.0/22
90.84.48.0/20
90.84.128.0/20
90.84.151.0/24
90.84.255.0/24
193.251.128.0-193.251.175.255
193.251.220.0/22
193.251.240.0/20
IPv6:
2a01:c000::/19
Signature Algorithm: sha256WithRSAEncryption
8c:27:25:c9:2c:d3:6a:4a:2d:9a:57:0b:96:62:44:23:fd:20:
f8:0b:27:d7:2b:d4:59:9f:bc:b5:29:63:8e:72:66:36:93:77:
18:59:0e:2b:c6:4a:9b:f4:a9:0f:89:aa:82:20:1c:33:ac:3c:
56:bf:ce:d2:66:de:73:f0:38:ab:3d:ed:f5:9f:44:67:e8:8a:
9c:28:ba:a6:02:e8:17:6b:e7:a1:34:4b:14:0f:8f:40:fd:15:
4d:10:7e:32:4c:e3:04:8f:58:5e:fd:db:34:30:20:8e:36:52:
e0:23:69:cc:ef:13:b1:c4:05:e2:8f:90:01:bb:50:8f:d1:7f:
72:a0:c4:78:b7:2b:ea:c9:b1:7a:be:d1:92:33:d5:50:52:e8:
ee:93:eb:14:20:a3:a2:9d:4b:3d:03:e6:5f:ce:da:e3:d6:e1:
23:47:8d:12:7d:d2:56:b9:aa:8e:de:60:d0:63:99:e6:6c:fe:
71:c1:92:45:b6:66:03:a7:ee:2b:5f:7a:d7:13:4f:00:63:4b:
f6:ca:44:7f:6f:4e:2c:0e:01:3d:22:a3:c7:da:9e:ae:ac:61:
e2:01:13:bb:34:27:c1:ae:56:f9:e5:a5:70:5d:2f:82:aa:3d:
73:e7:9a:dc:72:47:1a:d4:97:b5:74:0c:01:b2:09:24:ff:0d:
8f:c0:6c:10
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIERcda/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDQy
MDA1MDcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ5YWU3M2Q4Mzgw
MmM3ZThkYzkzNGQyYjkxODE5YWVkYjliYjdiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMh3ikfbXm15UkYZ79IZ7MS2JmnLwh6lOZ1lT2kqEXw5OIH6
imQeIGdBDRnYB3CXmm1RucM/UA5ALeru+nVYpBIrcHxOqZwn00Gc+FQQpWCoXVRM
hLnzx7F0ZyZiAObGg3YYd7VR+bzIiGv2GXqsdD/BiUsmaLYYXDYWrW8Elj3kBA83
G/qj7Br4tphjTgcg+UZsfayKYkaojyIW1XVm/ys/6ixj1EE7mESugMX4nmCNA4z9
6QvzGq6OIpLsYA8jHbLANLlHnE30OVq/uPlCo2yRBuzPTLxHY/kJNDP/dRtVaVEB
NmxT6mzWtthTT+CVLkNwZHAQURVRAPS8GcibRFcCAwEAAaOCApowggKWMB0GA1Ud
DgQWBBSdmuc9g4Asfo3JNNK5GBmu25u3uTAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
L25acm5QWU9BTEg2TnlUVFN1UmdacnR1YnQ3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rwYIKwYBBQUHAQcBAf8EgZ8wgZwwgYsEAgABMIGEAwQAUAxHAwQAUAxMAwQAUAxP
AwQCUAxgMAwDBAVQD+ADBABQD+4wDAMEB1E0gAMEAVE0jAMEAFE0oAMEAVE0pgME
BFE0sAMEAFE0ygMEAlE07AMEBFpUMAMEBFpUgAMEAFpUlwMEAFpU/zAMAwQHwfuA
AwQEwfugAwQCwfvcAwQEwfvwMAwEAgACMAYDBAUqAcAwDQYJKoZIhvcNAQELBQAD
ggEBAIwnJcks02pKLZpXC5ZiRCP9IPgLJ9cr1FmfvLUpY45yZjaTdxhZDivGSpv0
qQ+JqoIgHDOsPFa/ztJm3nPwOKs97fWfRGfoipwouqYC6Bdr56E0SxQPj0D9FU0Q
fjJM4wSPWF792zQwII42UuAjaczvE7HEBeKPkAG7UI/Rf3KgxHi3K+rJsXq+0ZIz
1VBS6O6T6xQgo6KdSz0D5l/O2uPW4SNHjRJ90la5qo7eYNBjmeZs/nHBkkW2ZgOn
7itfetcTTwBjS/bKRH9vTiwOAT0io8fanq6sYeIBE7s0J8GuVvnlpXBdL4KqPXPn
mtxyRxrUl7V0DAGyCST/DY/AbBA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org