Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1XgZJvG9Rd3zJh7yPXYdvT0rV3Y.roa
File: 1XgZJvG9Rd3zJh7yPXYdvT0rV3Y.roa (raw, json)
Hash identifier: ZCAHt8ZTwSlNVt0jVycXR2nGZQDu8RdVyPqGg7z0vnU=
Subject key identifier: D5:78:19:26:F1:BD:45:DD:F3:26:1E:F2:3D:76:1D:BD:3D:2B:57:76
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01821B70F319168C9940C2486BDD5C85E95E
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1XgZJvG9Rd3zJh7yPXYdvT0rV3Y.roa
Signing time: Wed 20 Jul 2022 11:49:23 +0000
ROA not before: Wed 20 Jul 2022 11:49:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 193.233.216.0/22 maxlen: 24
193.233.108.0/23 maxlen: 24
193.233.110.0/23 maxlen: 24
193.233.118.0/23 maxlen: 24
193.233.116.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1b:70:f3:19:16:8c:99:40:c2:48:6b:dd:5c:85:e9:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jul 20 11:49:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5781926f1bd45ddf3261ef23d761dbd3d2b5776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:db:f4:52:da:2a:16:72:78:e8:88:c1:6b:a9:
94:8f:e3:d6:27:34:89:5b:d9:46:ba:d2:99:38:cb:
92:ec:aa:f6:dd:98:c2:d5:fd:f2:58:5d:0b:a8:c2:
32:66:8a:81:a7:f2:72:ad:19:2e:b2:3f:a6:db:83:
52:55:2c:1b:a6:f9:3a:0c:61:65:f1:56:d6:fe:5d:
a4:45:c6:0e:d3:fc:34:3f:4b:44:29:c3:f1:a2:de:
c3:7d:8b:01:d9:10:77:00:81:81:b7:b0:9d:cb:f5:
d6:c0:6a:2b:b9:fd:96:bb:2b:45:fa:4d:82:58:ec:
14:f0:61:20:9a:ec:df:01:e1:38:aa:8c:b3:90:ea:
86:49:61:ca:7b:fa:5a:a7:df:07:e5:bd:26:8c:ef:
6e:ef:61:5b:c6:9f:b7:10:ab:58:a5:ed:ed:b4:a5:
47:8a:0c:3a:ff:94:2f:22:ff:ed:82:c6:65:15:d6:
ac:99:dc:5d:fe:b9:44:f4:fb:f7:e0:98:d6:3e:98:
94:ee:93:62:72:99:b3:b6:0c:23:af:f4:f4:cd:c2:
eb:30:5e:97:b2:96:f9:24:71:3a:cd:21:03:50:ef:
f1:93:49:4a:46:bf:16:7e:b6:1f:00:a9:43:da:ea:
e5:50:71:ee:59:f1:f1:7b:ab:45:3a:eb:40:dd:c7:
29:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:78:19:26:F1:BD:45:DD:F3:26:1E:F2:3D:76:1D:BD:3D:2B:57:76
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1XgZJvG9Rd3zJh7yPXYdvT0rV3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.108.0/22
193.233.116.0/22
193.233.216.0/22
Signature Algorithm: sha256WithRSAEncryption
21:2f:f8:4e:37:7c:15:eb:17:e7:8f:f8:b0:53:bd:a0:06:31:
2e:e2:87:26:5a:d1:22:74:b4:48:ab:1a:23:04:3b:3f:08:15:
df:01:a3:c2:a1:a4:cc:1b:63:d1:da:5f:cd:45:c9:50:f3:e5:
d1:79:04:c5:7a:b1:d3:6d:6b:32:39:67:f2:3f:3e:71:53:d0:
fb:7c:f3:86:de:36:30:7c:ff:29:a5:0d:d1:4a:7c:5b:d2:0c:
bd:e5:72:b2:3f:7a:ee:2b:14:a4:ec:b8:75:3d:ce:d9:3f:8d:
8d:cd:a7:5a:63:1c:81:f5:f4:3a:88:cd:89:26:bc:05:6a:5e:
1d:48:d7:3d:3a:f4:71:dd:31:32:14:46:e3:a7:3c:2a:ea:29:
26:88:e0:75:99:36:6a:33:d4:8e:5b:0e:0e:05:6f:12:1b:99:
d7:a4:3d:f5:9e:f5:60:0a:6e:b2:53:01:1f:5e:eb:f5:35:1e:
53:8e:f9:35:e6:12:99:50:77:01:73:b0:e3:c6:58:03:49:39:
2c:84:19:f6:10:06:0d:0b:57:10:ed:7d:df:b5:81:8a:ed:6c:
fb:32:23:74:da:f1:60:f0:75:51:8b:24:49:c2:3e:85:94:41:
62:3b:81:f5:35:4d:14:87:f3:ca:bd:94:57:18:43:1a:34:90:
14:6d:8b:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYIbcPMZFoyZQMJIa91cheleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwNzIwMTE0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTc4MTkyNmYxYmQ0NWRkZjMyNjFlZjIzZDc2MWRiZDNkMmI1Nzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdv0UtoqFnJ46IjBa6mUj+PWJzSJ
W9lGutKZOMuS7Kr23ZjC1f3yWF0LqMIyZoqBp/JyrRkusj+m24NSVSwbpvk6DGFl
8VbW/l2kRcYO0/w0P0tEKcPxot7DfYsB2RB3AIGBt7Cdy/XWwGoruf2WuytF+k2C
WOwU8GEgmuzfAeE4qoyzkOqGSWHKe/pap98H5b0mjO9u72Fbxp+3EKtYpe3ttKVH
igw6/5QvIv/tgsZlFdasmdxd/rlE9Pv34JjWPpiU7pNicpmztgwjr/T0zcLrMF6X
spb5JHE6zSEDUO/xk0lKRr8WfrYfAKlD2urlUHHuWfHxe6tFOutA3ccp8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNV4GSbxvUXd8yYe8j12Hb09K1d2MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMVhnWkp2RzlSZDN6Smg3eVBYWWR2VDByVjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCwelsAwQC
wel0AwQCwenYMA0GCSqGSIb3DQEBCwUAA4IBAQAhL/hON3wV6xfnj/iwU72gBjEu
4ocmWtEidLRIqxojBDs/CBXfAaPCoaTMG2PR2l/NRclQ8+XReQTFerHTbWsyOWfy
Pz5xU9D7fPOG3jYwfP8ppQ3RSnxb0gy95XKyP3ruKxSk7Lh1Pc7ZP42NzadaYxyB
9fQ6iM2JJrwFal4dSNc9OvRx3TEyFEbjpzwq6ikmiOB1mTZqM9SOWw4OBW8SG5nX
pD31nvVgCm6yUwEfXuv1NR5Tjvk15hKZUHcBc7DjxlgDSTkshBn2EAYNC1cQ7X3f
tYGK7Wz7MiN02vFg8HVRiyRJwj6FlEFiO4H1NU0Uh/PKvZRXGEMaNJAUbYv/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:37 2023 by rpki-client on console-fra.rpki-client.org