Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7dOsm-4OQyPXyu-uRb6SGX49ZOU.roa
File: 7dOsm-4OQyPXyu-uRb6SGX49ZOU.roa (raw, json)
Hash identifier: 3S4dOpAnuiV4w597fgkEM2R1iK0NZOvdnjAdH4Nl9PQ=
Subject key identifier: ED:D3:AC:9B:EE:0E:43:23:D7:CA:EF:AE:45:BE:92:19:7E:3D:64:E5
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01830A2ECD059D580EE0AFFF65A63146A4CE
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7dOsm-4OQyPXyu-uRb6SGX49ZOU.roa
Signing time: Sun 04 Sep 2022 20:26:22 +0000
ROA not before: Sun 04 Sep 2022 20:26:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51659
IP address blocks: 193.233.84.0/22 maxlen: 22
193.233.94.0/23 maxlen: 24
193.233.93.0/24 maxlen: 24
193.233.16.0/24 maxlen: 24
193.233.22.0/24 maxlen: 24
193.233.23.0/24 maxlen: 24
193.233.21.0/24 maxlen: 24
193.233.19.0/24 maxlen: 24
193.233.20.0/24 maxlen: 24
193.233.18.0/24 maxlen: 24
193.233.252.0/22 maxlen: 22
193.233.61.0/24 maxlen: 24
193.233.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0a:2e:cd:05:9d:58:0e:e0:af:ff:65:a6:31:46:a4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 4 20:26:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=edd3ac9bee0e4323d7caefae45be92197e3d64e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:33:b0:15:7d:24:64:82:66:c7:86:1c:b9:ba:
a3:21:ee:18:0a:05:c3:da:ed:43:f3:1b:e5:ad:21:
d8:33:7f:95:66:bc:7f:8c:38:6c:a7:7e:22:da:0c:
03:c5:a1:f1:47:62:cd:5c:96:fe:99:a6:74:b3:0c:
11:98:0d:26:65:cf:c1:57:32:3c:81:0b:04:fb:26:
98:8c:54:73:5f:dc:22:b6:76:89:00:8e:d1:51:9e:
14:ed:25:1d:02:9d:88:c7:a5:59:f8:10:b9:91:ea:
6d:bc:99:44:65:88:f6:45:d5:fc:03:38:16:85:3b:
69:b5:55:c8:d3:80:8f:3d:ba:48:35:49:74:72:95:
fe:13:b3:6d:39:a7:c5:fb:48:43:25:b8:0c:70:3e:
ba:4c:64:79:22:8b:5f:49:41:8b:9f:11:1c:f6:fd:
39:a5:33:9c:2d:fa:45:47:7a:8a:b8:ac:16:5e:25:
74:e4:8f:e7:38:a6:4d:9b:e0:c1:02:27:76:8c:dd:
b6:85:c8:86:60:20:72:db:9e:60:39:7d:42:57:39:
fd:ce:5b:26:60:72:d0:35:46:2f:d6:11:7a:73:82:
5a:fd:85:e7:fe:40:00:55:67:5b:8c:cc:c2:70:85:
c0:49:36:75:b6:da:ae:5f:b8:a1:b5:d9:d8:09:ca:
0d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D3:AC:9B:EE:0E:43:23:D7:CA:EF:AE:45:BE:92:19:7E:3D:64:E5
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7dOsm-4OQyPXyu-uRb6SGX49ZOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.16.0/24
193.233.18.0-193.233.23.255
193.233.61.0/24
193.233.84.0/22
193.233.93.0-193.233.95.255
193.233.192.0/22
193.233.252.0/22
Signature Algorithm: sha256WithRSAEncryption
05:e4:5a:0a:5d:f3:35:85:3e:0e:89:d8:cc:b1:cf:a1:8d:f7:
19:2b:73:00:eb:82:e5:16:9d:3b:1c:0d:ec:ae:b7:2b:db:81:
a1:e4:9a:83:0b:56:54:08:f5:84:e7:82:86:9c:52:2e:12:3e:
63:db:1c:ee:db:2a:fe:87:ef:a7:e6:3b:4f:86:46:3e:f6:55:
1e:b6:63:3a:1c:63:07:2d:70:43:5c:cb:47:3a:f6:93:0f:9f:
de:c6:b2:c2:c8:bd:3f:1c:ed:5b:2f:20:8a:52:75:c3:df:1f:
45:ba:9d:4a:d1:3f:c2:21:e7:eb:05:d3:98:15:c4:7f:8e:0d:
45:08:20:99:6d:b2:6b:4b:f2:38:32:3e:9e:ed:7c:e5:98:aa:
f1:1f:d3:35:ff:76:7d:66:69:a1:22:01:b1:0a:fa:d8:c6:41:
eb:ad:76:31:59:d5:10:6e:2f:c5:7f:00:64:31:9e:22:e0:eb:
5d:76:c7:09:77:53:ab:fd:9f:85:f2:9a:ef:ce:e0:57:e3:e4:
6a:44:04:9a:12:2f:ad:23:0e:eb:95:e3:b2:01:48:46:7c:a4:
ae:f9:46:78:13:71:3f:63:0d:9b:bf:47:c8:6d:6e:da:d3:e4:
f5:3d:56:df:95:16:a4:6b:e1:55:4b:6e:c4:4d:ab:c4:ab:42:
b7:f8:85:3c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYMKLs0FnVgO4K//ZaYxRqTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwOTA0MjAyNjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGQzYWM5YmVlMGU0MzIzZDdjYWVmYWU0NWJlOTIxOTdlM2Q2NGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjOwFX0kZIJmx4YcubqjIe4YCgXD
2u1D8xvlrSHYM3+VZrx/jDhsp34i2gwDxaHxR2LNXJb+maZ0swwRmA0mZc/BVzI8
gQsE+yaYjFRzX9witnaJAI7RUZ4U7SUdAp2Ix6VZ+BC5keptvJlEZYj2RdX8AzgW
hTtptVXI04CPPbpINUl0cpX+E7NtOafF+0hDJbgMcD66TGR5IotfSUGLnxEc9v05
pTOcLfpFR3qKuKwWXiV05I/nOKZNm+DBAid2jN22hciGYCBy255gOX1CVzn9zlsm
YHLQNUYv1hF6c4Ja/YXn/kAAVWdbjMzCcIXASTZ1ttquX7ihtdnYCcoNzwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFO3TrJvuDkMj18rvrkW+khl+PWTlMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvN2RPc20tNE9ReVBYeXUtdVJiNlNHWDQ5Wk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAwekQMAwD
BAHB6RIDBAPB6RADBADB6T0DBALB6VQwDAMEAMHpXQMEBcHpQAMEAsHpwAMEAsHp
/DANBgkqhkiG9w0BAQsFAAOCAQEABeRaCl3zNYU+DonYzLHPoY33GStzAOuC5Rad
OxwN7K63K9uBoeSagwtWVAj1hOeChpxSLhI+Y9sc7tsq/ofvp+Y7T4ZGPvZVHrZj
OhxjBy1wQ1zLRzr2kw+f3saywsi9PxztWy8gilJ1w98fRbqdStE/wiHn6wXTmBXE
f44NRQggmW2ya0vyODI+nu185Ziq8R/TNf92fWZpoSIBsQr62MZB6612MVnVEG4v
xX8AZDGeIuDrXXbHCXdTq/2fhfKa787gV+PkakQEmhIvrSMO65XjsgFIRnykrvlG
eBNxP2MNm79HyG1u2tPk9T1W35UWpGvhVUtuxE2rxKtCt/iFPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org