Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0T_tl0rdaFtYU1Gqg2gvHp0caCo.roa
File: 0T_tl0rdaFtYU1Gqg2gvHp0caCo.roa (raw, json)
Hash identifier: jZRa/rP3Gc24yxeVbZq3NOD9HUtsLMPiCT0FZxfUQk4=
Subject key identifier: D1:3F:ED:97:4A:DD:68:5B:58:53:51:AA:83:68:2F:1E:9D:1C:68:2A
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01833BF10C19C477F20BFD81CCD626FB2DC6
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0T_tl0rdaFtYU1Gqg2gvHp0caCo.roa
Signing time: Wed 14 Sep 2022 12:19:56 +0000
ROA not before: Wed 14 Sep 2022 12:19:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26548
IP address blocks: 193.233.228.0/22 maxlen: 22
193.233.136.0/22 maxlen: 22
193.233.140.0/22 maxlen: 22
193.233.82.0/23 maxlen: 23
193.233.208.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3b:f1:0c:19:c4:77:f2:0b:fd:81:cc:d6:26:fb:2d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 14 12:19:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d13fed974add685b585351aa83682f1e9d1c682a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:02:e2:d9:e4:de:c9:04:c6:3e:4b:db:9e:57:
f2:96:7a:11:4f:9e:70:8a:13:f1:ae:cc:83:7b:4b:
2a:fd:a6:1f:dd:65:f8:5b:7e:e1:56:df:6c:6c:95:
d7:08:47:f1:d7:d5:1a:37:e3:72:d6:47:79:ab:f1:
3d:cc:53:c8:14:d2:88:4e:ee:7d:ab:75:e9:54:eb:
d0:c4:02:b7:7b:0a:1c:a9:e9:0b:74:dd:0b:18:72:
dd:3c:a2:d8:86:9c:0e:6f:20:95:3d:c5:87:fb:82:
76:62:b5:63:0f:23:45:47:4d:01:c9:3d:11:0b:3a:
74:2e:09:65:cb:0c:84:35:7c:c1:ef:fb:56:9c:0a:
44:91:13:08:6c:1c:ef:6b:7a:77:6e:04:c9:03:fb:
28:fa:04:0f:41:d3:33:30:38:9e:cc:af:73:9f:f0:
92:ac:7f:2d:aa:e0:cb:4d:12:2c:61:87:18:78:f1:
2d:cd:55:06:9a:60:5d:77:d2:10:8b:ca:44:91:8a:
00:06:8e:9f:2e:2e:99:98:26:ef:1b:c1:0c:7b:e5:
1c:bb:a7:bb:ca:1f:96:e5:f4:fa:03:29:50:a1:35:
d6:31:f1:5d:c7:a3:30:cd:24:14:37:ac:dd:6b:0a:
a2:ad:e8:25:b7:72:7a:7b:25:3a:b2:6b:37:d8:4f:
1b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:3F:ED:97:4A:DD:68:5B:58:53:51:AA:83:68:2F:1E:9D:1C:68:2A
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0T_tl0rdaFtYU1Gqg2gvHp0caCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.82.0/23
193.233.136.0/21
193.233.208.0/23
193.233.228.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:29:e6:e9:27:33:e6:bf:5a:7e:98:d5:dd:c4:db:8b:22:59:
55:28:23:6f:49:90:0e:39:08:dc:8a:57:bc:c8:2c:29:2c:93:
0b:e8:32:21:80:08:15:9c:4f:65:3e:56:4d:cc:bc:b8:05:f9:
df:33:33:c4:c0:9a:81:fb:fd:75:54:a6:c1:22:9a:30:f0:e6:
ec:0f:13:65:74:90:dd:02:48:7f:59:4f:bb:c1:10:59:ea:3c:
ed:a5:d0:cf:74:70:48:33:79:3d:9c:b8:f2:e1:05:b4:27:f4:
52:09:a3:7b:b7:22:47:72:c2:00:9e:c3:02:bf:f7:d3:31:0e:
4b:6c:b7:7c:2e:d6:11:0a:84:27:8d:42:b2:ef:f9:31:e3:4b:
90:0b:da:b4:e1:33:11:a6:9d:36:7b:54:0c:6f:be:34:09:9c:
9d:3b:4b:8a:4d:d0:df:7e:0d:a3:5c:91:bb:bf:bc:33:28:4d:
26:df:a2:92:23:1e:41:9d:ea:3a:fa:24:db:28:41:c2:1d:33:
e9:b9:11:98:af:cc:c0:9f:d5:66:f1:b9:f4:cb:89:a2:fd:62:
ec:1b:19:da:fd:a7:a9:b3:f1:d1:15:d9:b3:8a:a6:77:a3:9a:
1c:44:e9:ff:d9:07:aa:9d:1c:97:d4:2f:1a:70:b1:8f:a6:37:
ae:38:76:9f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYM78QwZxHfyC/2BzNYm+y3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwOTE0MTIxOTU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTNmZWQ5NzRhZGQ2ODViNTg1MzUxYWE4MzY4MmYxZTlkMWM2ODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgLi2eTeyQTGPkvbnlfylnoRT55w
ihPxrsyDe0sq/aYf3WX4W37hVt9sbJXXCEfx19UaN+Ny1kd5q/E9zFPIFNKITu59
q3XpVOvQxAK3ewocqekLdN0LGHLdPKLYhpwObyCVPcWH+4J2YrVjDyNFR00ByT0R
Czp0LgllywyENXzB7/tWnApEkRMIbBzva3p3bgTJA/so+gQPQdMzMDiezK9zn/CS
rH8tquDLTRIsYYcYePEtzVUGmmBdd9IQi8pEkYoABo6fLi6ZmCbvG8EMe+Ucu6e7
yh+W5fT6AylQoTXWMfFdx6MwzSQUN6zdawqireglt3J6eyU6sms32E8b+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNE/7ZdK3WhbWFNRqoNoLx6dHGgqMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMFRfdGwwcmRhRnRZVTFHcWcyZ3ZIcDBjYUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwelSAwQD
wemIAwQBwenQAwQCwenkMA0GCSqGSIb3DQEBCwUAA4IBAQBOKebpJzPmv1p+mNXd
xNuLIllVKCNvSZAOOQjcile8yCwpLJML6DIhgAgVnE9lPlZNzLy4BfnfMzPEwJqB
+/11VKbBIpow8ObsDxNldJDdAkh/WU+7wRBZ6jztpdDPdHBIM3k9nLjy4QW0J/RS
CaN7tyJHcsIAnsMCv/fTMQ5LbLd8LtYRCoQnjUKy7/kx40uQC9q04TMRpp02e1QM
b740CZydO0uKTdDffg2jXJG7v7wzKE0m36KSIx5Bneo6+iTbKEHCHTPpuRGYr8zA
n9Vm8bn0y4mi/WLsGxna/aeps/HRFdmziqZ3o5ocROn/2QeqnRyX1C8acLGPpjeu
OHaf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:30 2023 by rpki-client on console-ams.rpki-client.org