Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/12A0fpzjx_aiEevWqI52nWAV8xI.roa
File: 12A0fpzjx_aiEevWqI52nWAV8xI.roa (raw, json)
Hash identifier: ERwZ3IzbA4DD9MAH+nNqDMJ3FyDDOYyHv6h8LRtzCa4=
Subject key identifier: D7:60:34:7E:9C:E3:C7:F6:A2:11:EB:D6:A8:8E:76:9D:60:15:F3:12
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01836B111B8020CA45CB36D306047A5B7AA1
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/12A0fpzjx_aiEevWqI52nWAV8xI.roa
Signing time: Fri 23 Sep 2022 15:57:06 +0000
ROA not before: Fri 23 Sep 2022 15:57:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 193.233.250.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.248.0/24 maxlen: 24
193.233.251.0/24 maxlen: 24
193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
193.233.197.0/24 maxlen: 24
193.233.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6b:11:1b:80:20:ca:45:cb:36:d3:06:04:7a:5b:7a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 23 15:57:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d760347e9ce3c7f6a211ebd6a88e769d6015f312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d2:27:30:34:76:b1:e1:ed:5f:d5:0d:8f:87:
7e:de:16:3e:4e:1d:ab:90:52:f4:a1:6d:0d:d6:9c:
68:db:b1:f6:fc:34:59:f7:97:9b:b1:32:a9:af:88:
ac:89:b3:65:cf:4e:e4:f7:c8:81:70:b4:f7:18:7c:
12:45:91:dc:cf:59:d4:c9:b3:a0:20:81:9c:90:ad:
d2:5b:af:c2:ae:4a:ac:38:83:ad:86:88:f8:d5:6f:
2e:3c:19:0f:17:b3:a3:f2:cd:66:0e:59:63:51:8f:
e0:d9:89:2f:a3:e0:f0:23:d3:96:c0:07:96:9f:5d:
28:f1:ad:33:c8:78:4f:b3:09:ca:e1:1b:07:4a:18:
86:92:a9:da:02:58:45:6c:c2:08:a4:46:ad:77:4b:
ed:1e:3e:96:3b:4c:7c:f7:a5:49:0b:e5:a7:f6:ad:
7e:7f:51:b6:0e:b1:dd:3a:8e:1c:17:d6:d9:72:66:
89:72:87:dc:54:4a:11:82:da:6c:5d:67:d2:e1:dd:
6b:9d:3c:8c:79:81:00:aa:d6:8b:39:06:1c:c8:94:
9a:83:f6:8a:6a:54:e6:98:9c:f7:ec:fc:8a:ce:f0:
ec:8b:e2:ea:2c:5d:9c:5b:15:43:64:6a:d3:4a:1a:
b9:b7:83:5d:61:e6:21:b4:84:55:b8:90:46:5f:11:
61:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:60:34:7E:9C:E3:C7:F6:A2:11:EB:D6:A8:8E:76:9D:60:15:F3:12
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/12A0fpzjx_aiEevWqI52nWAV8xI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.88.0/22
193.233.171.0/24
193.233.175.0/24
193.233.197.0/24
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
66:41:98:4b:95:04:e9:ad:be:b8:e1:bf:0e:a2:85:5b:75:f6:
be:e2:56:da:d4:bf:8d:44:64:5f:6a:db:0d:f1:66:f1:04:3b:
8e:8e:3b:41:ee:f8:a9:09:f4:05:e9:37:ea:4c:65:ef:fe:f5:
75:e6:b8:55:cd:ec:73:a4:be:6c:56:04:b3:26:a1:9d:a1:9e:
c0:43:85:e0:1f:ff:0d:58:82:06:9d:77:98:d0:78:fa:21:da:
8c:57:3a:1b:eb:09:3e:f1:aa:35:44:4d:4b:bd:3a:9b:76:36:
44:8c:85:eb:1d:15:f0:6a:74:52:b6:19:5b:c6:c5:20:3f:a8:
7e:9e:16:6a:24:4d:05:d9:4f:90:61:97:c5:d2:32:2a:7e:7f:
1b:c3:0f:37:fa:d4:fd:93:06:8b:25:18:64:c9:7e:fc:eb:38:
13:74:73:3c:e7:a0:34:67:78:b6:90:d1:d2:7e:6d:06:eb:27:
da:72:b1:88:b6:0e:d7:c7:ba:a1:84:7c:77:b4:47:97:f5:4f:
12:f8:94:06:c0:1c:23:77:aa:f7:76:fc:5b:6a:f1:59:49:b8:
39:c1:23:4d:34:d5:01:51:e1:e8:b0:e8:58:34:be:00:92:ed:
5a:f0:b5:7a:3d:bb:63:fd:24:f3:bb:6c:5a:95:49:bb:62:15:
2a:83:e8:55
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYNrERuAIMpFyzbTBgR6W3qhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwOTIzMTU1NzA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzYwMzQ3ZTljZTNjN2Y2YTIxMWViZDZhODhlNzY5ZDYwMTVmMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNInMDR2seHtX9UNj4d+3hY+Th2r
kFL0oW0N1pxo27H2/DRZ95ebsTKpr4isibNlz07k98iBcLT3GHwSRZHcz1nUybOg
IIGckK3SW6/CrkqsOIOthoj41W8uPBkPF7Oj8s1mDlljUY/g2Ykvo+DwI9OWwAeW
n10o8a0zyHhPswnK4RsHShiGkqnaAlhFbMIIpEatd0vtHj6WO0x896VJC+Wn9q1+
f1G2DrHdOo4cF9bZcmaJcofcVEoRgtpsXWfS4d1rnTyMeYEAqtaLOQYcyJSag/aK
alTmmJz37PyKzvDsi+LqLF2cWxVDZGrTShq5t4NdYeYhtIRVuJBGXxFhMQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNdgNH6c48f2ohHr1qiOdp1gFfMSMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMTJBMGZwemp4X2FpRWV2V3FJNTJuV0FWOHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCwelYAwQA
wemrAwQAwemvAwQAwenFAwQCwen4MA0GCSqGSIb3DQEBCwUAA4IBAQBmQZhLlQTp
rb644b8OooVbdfa+4lba1L+NRGRfatsN8WbxBDuOjjtB7vipCfQF6TfqTGXv/vV1
5rhVzexzpL5sVgSzJqGdoZ7AQ4XgH/8NWIIGnXeY0Hj6IdqMVzob6wk+8ao1RE1L
vTqbdjZEjIXrHRXwanRSthlbxsUgP6h+nhZqJE0F2U+QYZfF0jIqfn8bww83+tT9
kwaLJRhkyX786zgTdHM856A0Z3i2kNHSfm0G6yfacrGItg7Xx7qhhHx3tEeX9U8S
+JQGwBwjd6r3dvxbavFZSbg5wSNNNNUBUeHosOhYNL4Aku1a8LV6Pbtj/STzu2xa
lUm7YhUqg+hV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:30 2023 by rpki-client on console-ams.rpki-client.org