Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/K7yfV32O3hW3dhddBSQeTzJCzro.roa
File: K7yfV32O3hW3dhddBSQeTzJCzro.roa (raw, json)
Hash identifier: co1xRON9F6rB1LM9jmD8Q9YftSDQ8P/ZT5VV/ePloro=
Subject key identifier: 2B:BC:9F:57:7D:8E:DE:15:B7:76:17:5D:05:24:1E:4F:32:42:CE:BA
Certificate issuer: /CN=3d92bc045ab9cc9f017e8bf7ffe423da804a614f
Certificate serial: 01850D6DBB5DCF6AA74E39BE14FD547A2CD7
Authority key identifier: 3D:92:BC:04:5A:B9:CC:9F:01:7E:8B:F7:FF:E4:23:DA:80:4A:61:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/K7yfV32O3hW3dhddBSQeTzJCzro.roa
Signing time: Tue 13 Dec 2022 21:39:33 +0000
ROA not before: Tue 13 Dec 2022 21:39:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14445
IP address blocks: 80.73.247.0/24 maxlen: 24
164.152.216.0/24 maxlen: 24
2a11:1680:1::/48 maxlen: 48
2a11:1680:1c::/48 maxlen: 48
2a11:1680:17::/48 maxlen: 48
2a11:1680:1a::/48 maxlen: 48
2a11:1680:15::/48 maxlen: 48
2a11:1680:b::/48 maxlen: 48
2a11:1680:14::/48 maxlen: 48
2a11:1680:f::/48 maxlen: 48
2a11:1680:d::/48 maxlen: 48
2a11:1680:3::/48 maxlen: 48
2a11:1680:16::/48 maxlen: 48
2a11:1680:c::/48 maxlen: 48
2a11:1680:a::/48 maxlen: 48
2a11:1680:5::/48 maxlen: 48
2a11:1680::/48 maxlen: 48
2a11:1680:1b::/48 maxlen: 48
2a11:1680:e::/48 maxlen: 48
2a11:1680:4::/48 maxlen: 48
2a11:1680:1f::/48 maxlen: 48
2a11:1680:2::/48 maxlen: 48
2a11:1680:1d::/48 maxlen: 48
2a11:1680:18::/48 maxlen: 48
2a11:1680:13::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0d:6d:bb:5d:cf:6a:a7:4e:39:be:14:fd:54:7a:2c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d92bc045ab9cc9f017e8bf7ffe423da804a614f
Validity
Not Before: Dec 13 21:39:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bbc9f577d8ede15b776175d05241e4f3242ceba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4d:d2:6c:7c:64:a9:3d:ca:fc:cd:97:0b:c2:
2d:47:bf:e9:3c:d6:66:71:de:9b:cb:cd:02:e9:29:
db:2a:f6:99:e4:73:71:38:6a:d4:c9:32:29:0c:68:
6f:1a:00:19:3a:3e:50:df:96:78:a6:88:a3:a1:11:
9d:f1:f8:8f:8a:e0:a6:50:53:db:d5:58:2d:7d:d5:
e5:9d:1f:77:69:5e:7c:44:fe:5d:17:17:16:52:a9:
be:0c:cb:74:96:23:d6:cb:88:85:45:c1:c4:e6:6b:
e7:04:ae:d4:7b:35:86:49:5d:46:bd:d8:a8:14:8f:
d6:64:d6:db:61:2c:16:e6:11:7f:6e:75:e1:9f:6d:
05:4d:d5:a4:48:a8:1a:1d:53:fc:21:76:18:7c:7b:
f5:de:32:96:ef:20:9d:45:26:e0:c0:b9:e4:01:21:
8b:a7:67:d8:4c:29:a3:2c:fd:dd:d7:b9:e0:de:b3:
a0:43:71:28:80:97:2b:29:8c:d5:6c:07:c9:8f:9e:
c6:a5:a0:7d:a3:3d:1f:fd:91:d0:a1:06:8b:6a:8e:
7a:6f:32:dd:be:0a:0f:3f:88:a4:98:a2:4e:d1:44:
fb:bf:02:78:4b:ea:5b:6e:25:42:f6:38:53:d8:47:
63:6f:e0:af:8c:b8:33:fd:51:21:42:6c:b6:fd:3a:
42:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BC:9F:57:7D:8E:DE:15:B7:76:17:5D:05:24:1E:4F:32:42:CE:BA
X509v3 Authority Key Identifier:
keyid:3D:92:BC:04:5A:B9:CC:9F:01:7E:8B:F7:FF:E4:23:DA:80:4A:61:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/K7yfV32O3hW3dhddBSQeTzJCzro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.247.0/24
164.152.216.0/24
IPv6:
2a11:1680::-2a11:1680:5:ffff:ffff:ffff:ffff:ffff
2a11:1680:a::-2a11:1680:f:ffff:ffff:ffff:ffff:ffff
2a11:1680:13::-2a11:1680:18:ffff:ffff:ffff:ffff:ffff
2a11:1680:1a::-2a11:1680:1d:ffff:ffff:ffff:ffff:ffff
2a11:1680:1f::/48
Signature Algorithm: sha256WithRSAEncryption
2c:22:94:1d:42:7a:c9:48:f0:12:54:d9:7f:c9:9b:3e:7c:00:
ad:87:d1:f5:fc:fb:90:12:21:76:f7:41:1e:ce:c2:c0:f2:07:
2f:6c:35:10:7e:05:3a:87:74:e3:a4:48:e7:2a:7d:61:89:4b:
42:d6:dc:8a:61:7e:66:c9:a8:5c:98:c6:17:b5:a0:c7:32:82:
3d:f0:3b:3c:93:41:22:fb:d8:a4:15:59:04:b8:8e:67:db:14:
3a:9a:07:95:a2:f5:99:90:c8:0c:7d:48:80:02:ad:0d:8d:71:
91:1e:f5:cc:8f:a1:ed:80:60:d4:3e:59:8b:a0:a5:5c:70:8c:
02:c5:a1:99:79:32:48:1b:99:92:40:27:e1:27:d5:21:bc:b3:
1a:ef:5a:9f:48:f0:27:08:e3:b6:c5:d2:8b:37:55:a0:26:8d:
b5:70:eb:94:81:33:ce:b4:51:19:17:2b:f2:ce:f4:3d:81:21:
96:43:65:0f:5f:41:ee:a8:60:bf:41:f2:b2:6c:5f:77:1b:2e:
ba:a2:42:34:e4:a4:04:2c:cc:2f:b0:79:d9:e5:fd:f9:4c:72:
92:2d:c2:57:92:4b:8c:36:c7:37:4c:c8:be:68:95:ce:31:e4:
27:a9:82:b8:47:af:be:5b:30:78:34:66:5a:9e:d2:6b:1c:f3:
b1:54:78:8f
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYUNbbtdz2qnTjm+FP1UeizXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOTJiYzA0NWFiOWNjOWYwMTdlOGJmN2ZmZTQyM2RhODA0
YTYxNGYwHhcNMjIxMjEzMjEzOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmJjOWY1NzdkOGVkZTE1Yjc3NjE3NWQwNTI0MWU0ZjMyNDJjZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhk3SbHxkqT3K/M2XC8ItR7/pPNZm
cd6by80C6SnbKvaZ5HNxOGrUyTIpDGhvGgAZOj5Q35Z4poijoRGd8fiPiuCmUFPb
1VgtfdXlnR93aV58RP5dFxcWUqm+DMt0liPWy4iFRcHE5mvnBK7UezWGSV1Gvdio
FI/WZNbbYSwW5hF/bnXhn20FTdWkSKgaHVP8IXYYfHv13jKW7yCdRSbgwLnkASGL
p2fYTCmjLP3d17ng3rOgQ3EogJcrKYzVbAfJj57GpaB9oz0f/ZHQoQaLao56bzLd
vgoPP4ikmKJO0UT7vwJ4S+pbbiVC9jhT2Edjb+CvjLgz/VEhQmy2/TpCOwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFCu8n1d9jt4Vt3YXXQUkHk8yQs66MB8GA1UdIwQY
MBaAFD2SvARaucyfAX6L9//kI9qASmFPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFpLOEJGcTV6SjhCZm92M18tUWoyb0JLWVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zNjI2ZGMtMjIxZi00YjlhLWJiNjgt
M2UzODEyZmZhMTQ3LzEvSzd5ZlYzMk8zaFczZGhkZEJTUWVUekpDenJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zNjI2ZGMtMjIxZi00YjlhLWJiNjgtM2UzODEyZmZhMTQ3
LzEvUFpLOEJGcTV6SjhCZm92M18tUWoyb0JLWVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwEgQCAAEwDAMEAFBJ9wME
AKSY2DBdBAIAAjBXMBADBQcqERaAAwcBKhEWgAAEMBIDBwEqERaAAAoDBwQqERaA
AAAwEgMHACoRFoAAEwMHACoRFoAAGDASAwcBKhEWgAAaAwcBKhEWgAAcAwcAKhEW
gAAfMA0GCSqGSIb3DQEBCwUAA4IBAQAsIpQdQnrJSPASVNl/yZs+fACth9H1/PuQ
EiF290EezsLA8gcvbDUQfgU6h3TjpEjnKn1hiUtC1tyKYX5myahcmMYXtaDHMoI9
8Ds8k0Ei+9ikFVkEuI5n2xQ6mgeVovWZkMgMfUiAAq0NjXGRHvXMj6HtgGDUPlmL
oKVccIwCxaGZeTJIG5mSQCfhJ9UhvLMa71qfSPAnCOO2xdKLN1WgJo21cOuUgTPO
tFEZFyvyzvQ9gSGWQ2UPX0HuqGC/QfKybF93Gy66okI05KQELMwvsHnZ5f35THKS
LcJXkkuMNsc3TMi+aJXOMeQnqYK4R6++WzB4NGZantJrHPOxVHiP
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:21 2023 by rpki-client on console-ams.rpki-client.org