Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/3b65ab-a0e2-4684-b981-a86a7af368da/1/c0SOTQGvrJz8qJJt9ikfI-C5bco.roa
File: c0SOTQGvrJz8qJJt9ikfI-C5bco.roa (raw, json)
Hash identifier: jSzMbRFPH/uSfTTraXw9IrtBJGUanKa9P9e0GOkdWtc=
Subject key identifier: 73:44:8E:4D:01:AF:AC:9C:FC:A8:92:6D:F6:29:1F:23:E0:B9:6D:CA
Certificate issuer: /CN=f6451af11120d8fa898cb6212cea8ca61dc59b92
Certificate serial: 018533E9679A01BCB75CBB82EF9462A52431
Authority key identifier: F6:45:1A:F1:11:20:D8:FA:89:8C:B6:21:2C:EA:8C:A6:1D:C5:9B:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9kUa8REg2PqJjLYhLOqMph3Fm5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/3b65ab-a0e2-4684-b981-a86a7af368da/1/c0SOTQGvrJz8qJJt9ikfI-C5bco.roa
Signing time: Wed 21 Dec 2022 09:00:12 +0000
ROA not before: Wed 21 Dec 2022 09:00:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35503
IP address blocks: 193.192.57.0/24 maxlen: 24
193.192.56.0/24 maxlen: 24
193.192.56.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:33:e9:67:9a:01:bc:b7:5c:bb:82:ef:94:62:a5:24:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6451af11120d8fa898cb6212cea8ca61dc59b92
Validity
Not Before: Dec 21 09:00:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73448e4d01afac9cfca8926df6291f23e0b96dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:40:f3:5e:6c:ca:ac:41:2a:65:89:22:6f:ce:
ee:d2:ce:bf:f9:6e:ca:28:fc:e6:5e:f3:c7:f9:f7:
0b:a3:96:45:f3:68:a3:bb:7b:ac:39:4e:71:f3:05:
c0:cc:6d:af:01:11:92:9f:62:f4:56:ee:74:65:23:
a6:76:cd:62:f0:48:15:46:10:b6:6b:0c:58:d8:4a:
cf:55:72:3d:fc:03:2e:73:52:65:72:78:ab:f7:81:
12:fe:a4:e3:d0:93:b1:63:d3:e7:a4:df:31:bd:0d:
2e:9f:17:17:e7:f5:0f:bc:ab:93:34:12:0b:9b:08:
39:f1:84:6a:56:2d:5c:a6:eb:86:3f:77:e1:d4:6e:
fa:dd:ce:f1:f7:74:a7:1b:15:a7:a5:78:5d:64:65:
08:13:aa:09:99:2e:4f:ad:d1:38:73:eb:7a:bf:1a:
e1:03:57:6a:bc:b2:80:76:b3:b1:11:8c:d2:2a:74:
1d:54:96:95:a0:2d:1d:8b:3c:13:28:9b:f9:96:71:
24:58:7f:8f:75:14:f3:c6:34:36:da:49:2b:e1:d4:
63:19:97:f5:3d:d7:1a:ce:c8:cf:d6:b5:74:a7:dc:
5b:cc:4d:b7:91:13:f6:1f:14:9f:c0:3d:ce:d7:e3:
ad:88:90:7b:e7:0d:cd:28:75:45:bb:75:05:a5:95:
1a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:44:8E:4D:01:AF:AC:9C:FC:A8:92:6D:F6:29:1F:23:E0:B9:6D:CA
X509v3 Authority Key Identifier:
keyid:F6:45:1A:F1:11:20:D8:FA:89:8C:B6:21:2C:EA:8C:A6:1D:C5:9B:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9kUa8REg2PqJjLYhLOqMph3Fm5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/3b65ab-a0e2-4684-b981-a86a7af368da/1/c0SOTQGvrJz8qJJt9ikfI-C5bco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/3b65ab-a0e2-4684-b981-a86a7af368da/1/9kUa8REg2PqJjLYhLOqMph3Fm5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.192.56.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:75:10:5e:e2:00:b7:4d:fa:28:fb:28:c0:ee:4c:bc:db:32:
8c:33:21:22:60:bf:a1:b4:7f:24:59:00:58:92:44:8c:d9:66:
8c:9d:6b:d9:43:1a:d7:7d:66:57:06:68:cc:eb:62:70:c7:90:
7f:b9:44:01:f7:c4:a2:81:34:57:d6:de:a2:c2:72:3b:dc:80:
3d:83:3d:b3:72:2f:13:f5:2a:76:f4:27:54:df:11:e2:45:3d:
aa:e6:40:76:61:d5:dc:f8:24:bd:81:9c:a6:b9:83:7c:8c:c3:
4e:3e:a2:b7:bf:3f:34:22:db:d4:3c:10:17:3f:24:ca:af:42:
d8:01:bf:71:7b:fd:10:80:dc:24:ac:25:7c:11:de:f2:87:76:
bb:ea:a4:c6:88:b6:2b:d9:29:fd:7e:c9:e4:43:5e:b8:6f:d3:
84:b6:54:4b:ed:02:e0:12:52:2b:5f:44:31:65:ca:be:b2:77:
7b:80:69:ef:75:b0:ac:f8:33:f4:ad:ab:ec:8f:5e:3c:1f:7f:
c5:fa:c0:9d:d7:28:0f:9b:21:01:70:6e:27:0e:60:c1:e3:2a:
4c:fa:10:7a:d3:60:1f:13:d8:b0:7f:3c:90:4b:eb:ff:50:04:
09:fc:05:25:43:b3:9b:c1:fc:14:aa:c1:6d:10:75:bf:b7:37:
86:8f:97:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUz6WeaAby3XLuC75RipSQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NDUxYWYxMTEyMGQ4ZmE4OThjYjYyMTJjZWE4Y2E2MWRj
NTliOTIwHhcNMjIxMjIxMDkwMDEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzQ0OGU0ZDAxYWZhYzljZmNhODkyNmRmNjI5MWYyM2UwYjk2ZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0DzXmzKrEEqZYkib87u0s6/+W7K
KPzmXvPH+fcLo5ZF82iju3usOU5x8wXAzG2vARGSn2L0Vu50ZSOmds1i8EgVRhC2
awxY2ErPVXI9/AMuc1Jlcnir94ES/qTj0JOxY9PnpN8xvQ0unxcX5/UPvKuTNBIL
mwg58YRqVi1cpuuGP3fh1G763c7x93SnGxWnpXhdZGUIE6oJmS5PrdE4c+t6vxrh
A1dqvLKAdrOxEYzSKnQdVJaVoC0dizwTKJv5lnEkWH+PdRTzxjQ22kkr4dRjGZf1
PdcazsjP1rV0p9xbzE23kRP2HxSfwD3O1+OtiJB75w3NKHVFu3UFpZUaZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHNEjk0Br6yc/KiSbfYpHyPguW3KMB8GA1UdIwQY
MBaAFPZFGvERINj6iYy2ISzqjKYdxZuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWtVYThSRWcyUHFKakxZaExPcU1waDNGbTVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8zYjY1YWItYTBlMi00Njg0LWI5ODEt
YTg2YTdhZjM2OGRhLzEvYzBTT1RRR3ZySno4cUpKdDlpa2ZJLUM1YmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8zYjY1YWItYTBlMi00Njg0LWI5ODEtYTg2YTdhZjM2OGRh
LzEvOWtVYThSRWcyUHFKakxZaExPcU1waDNGbTVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwcA4MA0G
CSqGSIb3DQEBCwUAA4IBAQChdRBe4gC3Tfoo+yjA7ky82zKMMyEiYL+htH8kWQBY
kkSM2WaMnWvZQxrXfWZXBmjM62Jwx5B/uUQB98SigTRX1t6iwnI73IA9gz2zci8T
9Sp29CdU3xHiRT2q5kB2YdXc+CS9gZymuYN8jMNOPqK3vz80ItvUPBAXPyTKr0LY
Ab9xe/0QgNwkrCV8Ed7yh3a76qTGiLYr2Sn9fsnkQ164b9OEtlRL7QLgElIrX0Qx
Zcq+snd7gGnvdbCs+DP0ravsj148H3/F+sCd1ygPmyEBcG4nDmDB4ypM+hB602Af
E9iwfzyQS+v/UAQJ/AUlQ7ObwfwUqsFtEHW/tzeGj5dP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:50 2023 by rpki-client on console-fra.rpki-client.org