Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4X-2XK-CgzJzwXS27Y1ESobXtTI.roa
File: 4X-2XK-CgzJzwXS27Y1ESobXtTI.roa (raw, json)
Hash identifier: xSlRVIe+cJlaihBmjf5tqDGqrJzV/G4Gv+C146CEBO8=
Subject key identifier: E1:7F:B6:5C:AF:82:83:32:73:C1:74:B6:ED:8D:44:4A:86:D7:B5:32
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0182890F0FD33361FB8F0F0BE964FA947E11
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4X-2XK-CgzJzwXS27Y1ESobXtTI.roa
Signing time: Wed 10 Aug 2022 18:40:41 +0000
ROA not before: Wed 10 Aug 2022 18:40:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 193.233.84.0/24 maxlen: 24
193.233.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:89:0f:0f:d3:33:61:fb:8f:0f:0b:e9:64:fa:94:7e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Aug 10 18:40:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e17fb65caf82833273c174b6ed8d444a86d7b532
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:78:77:dd:3f:3d:a6:84:c6:1f:d4:4f:2f:fb:
ee:95:18:f5:6d:41:0f:26:0a:05:8b:21:63:e6:6c:
b1:cc:17:43:09:7c:fa:a3:9c:cd:3f:b6:49:51:89:
1e:b7:30:be:8c:b8:c1:56:7d:c2:c2:41:6e:8d:52:
4c:fe:c2:84:27:bf:9b:41:c3:9e:e0:37:ea:2d:e5:
bb:8c:3c:a8:c5:4d:ce:74:2c:d5:13:b6:77:35:13:
bc:56:f8:0d:80:dd:1f:73:7e:c1:10:6c:18:0c:4e:
44:e6:df:26:0a:e2:08:cb:f0:43:11:a5:a4:66:b3:
b5:bb:b8:41:16:4d:fe:85:ce:d5:be:c4:83:bf:24:
5b:2d:ad:b5:11:92:da:08:fb:3c:f0:b8:bb:39:3f:
06:f5:36:71:e7:59:52:d7:8d:e7:a5:b1:5c:99:24:
0c:b7:4c:f5:7f:4d:de:8b:fe:5f:6f:d8:cf:99:0a:
94:3a:88:aa:a9:6a:b4:27:b0:78:f3:06:e8:bd:c7:
ff:84:27:a4:71:ab:3a:53:01:6d:82:6e:be:da:54:
7e:c1:61:10:ab:72:9d:f1:bb:5f:41:b3:a2:e7:1d:
11:c8:91:78:85:94:32:67:cc:90:1f:72:78:eb:a4:
31:2a:55:56:48:a7:c9:dc:1e:c6:1c:78:a4:38:57:
89:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:7F:B6:5C:AF:82:83:32:73:C1:74:B6:ED:8D:44:4A:86:D7:B5:32
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4X-2XK-CgzJzwXS27Y1ESobXtTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.84.0/24
193.233.204.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:66:65:17:b5:5c:a6:56:9f:05:21:37:f1:7a:af:5b:3a:71:
d2:4f:21:25:87:c7:24:7c:66:a0:57:dc:57:b6:74:2e:d0:b5:
34:d1:e0:39:63:1a:7d:1c:8c:7b:de:bd:5d:bb:bf:5d:ad:bd:
13:a4:e6:25:db:34:7a:a8:c8:aa:4e:80:04:ec:a2:af:88:aa:
3f:cd:0d:2e:81:65:02:00:af:6e:11:7c:2b:bf:f6:84:89:ff:
1b:8b:ab:72:cb:19:5b:39:7a:9c:cb:b7:16:fb:cf:be:b8:2f:
bf:73:4b:e3:b2:92:bb:c3:ab:d7:c8:71:fc:81:f7:f2:b4:64:
33:e0:ba:26:9d:84:24:c3:dc:e2:6e:84:f2:6b:89:f4:50:a3:
ad:42:86:c7:f7:40:98:0a:94:e2:63:01:56:e2:12:0b:9d:a6:
45:be:a5:51:10:82:e8:b6:53:71:72:2a:0d:0c:08:f0:db:9b:
6a:1d:48:7f:6a:a4:74:46:41:55:2c:6a:02:97:9a:dc:18:02:
af:e6:ba:27:d3:7b:90:4f:22:4f:58:c2:8a:fc:01:35:e2:7e:
d2:4d:34:dd:e7:5e:72:23:a2:f4:9c:e0:0a:90:7d:2f:11:b5:
48:8a:47:4b:bf:81:a0:3b:72:f4:65:75:34:af:c0:a9:72:a6:
ee:71:e7:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKJDw/TM2H7jw8L6WT6lH4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwODEwMTg0MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTdmYjY1Y2FmODI4MzMyNzNjMTc0YjZlZDhkNDQ0YTg2ZDdiNTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHh33T89poTGH9RPL/vulRj1bUEP
JgoFiyFj5myxzBdDCXz6o5zNP7ZJUYketzC+jLjBVn3CwkFujVJM/sKEJ7+bQcOe
4DfqLeW7jDyoxU3OdCzVE7Z3NRO8VvgNgN0fc37BEGwYDE5E5t8mCuIIy/BDEaWk
ZrO1u7hBFk3+hc7VvsSDvyRbLa21EZLaCPs88Li7OT8G9TZx51lS143npbFcmSQM
t0z1f03ei/5fb9jPmQqUOoiqqWq0J7B48wbovcf/hCekcas6UwFtgm6+2lR+wWEQ
q3Kd8btfQbOi5x0RyJF4hZQyZ8yQH3J466QxKlVWSKfJ3B7GHHikOFeJ5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOF/tlyvgoMyc8F0tu2NREqG17UyMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvNFgtMlhLLUNnekp6d1hTMjdZMUVTb2JYdFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwelUAwQC
wenMMA0GCSqGSIb3DQEBCwUAA4IBAQBvZmUXtVymVp8FITfxeq9bOnHSTyElh8ck
fGagV9xXtnQu0LU00eA5Yxp9HIx73r1du79drb0TpOYl2zR6qMiqToAE7KKviKo/
zQ0ugWUCAK9uEXwrv/aEif8bi6tyyxlbOXqcy7cW+8++uC+/c0vjspK7w6vXyHH8
gffytGQz4LomnYQkw9ziboTya4n0UKOtQobH90CYCpTiYwFW4hILnaZFvqVREILo
tlNxcioNDAjw25tqHUh/aqR0RkFVLGoCl5rcGAKv5ron03uQTyJPWMKK/AE14n7S
TTTd515yI6L0nOAKkH0vEbVIikdLv4GgO3L0ZXU0r8CpcqbucedC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:37 2023 by rpki-client on console-fra.rpki-client.org