Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/EbX-IxxJryGCSLZml6SyFyRr74o.roa
File: EbX-IxxJryGCSLZml6SyFyRr74o.roa (raw, json)
Hash identifier: qcTfCtPkhydT4Sz44D4aFtC5kADNQvFxSj3jWKwqpPY=
Subject key identifier: 11:B5:FE:23:1C:49:AF:21:82:48:B6:66:97:A4:B2:17:24:6B:EF:8A
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0184A56FBC078516D86AB02A2CB58166676D
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/EbX-IxxJryGCSLZml6SyFyRr74o.roa
Signing time: Wed 23 Nov 2022 17:01:13 +0000
ROA not before: Wed 23 Nov 2022 17:01:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.124.0/23 maxlen: 23
193.233.126.0/23 maxlen: 23
193.233.96.0/22 maxlen: 22
193.233.104.0/22 maxlen: 22
193.233.112.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a5:6f:bc:07:85:16:d8:6a:b0:2a:2c:b5:81:66:67:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Nov 23 17:01:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11b5fe231c49af218248b66697a4b217246bef8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0d:dd:be:4e:1e:c0:85:9a:4d:0d:40:b0:8e:
0d:a2:35:78:3d:2a:25:1f:6b:c7:0c:e6:5d:82:7e:
f6:ae:fb:20:30:35:f9:f3:6d:d9:08:46:77:33:2b:
52:c2:fe:4b:46:40:58:33:ee:ff:e1:15:a3:9e:04:
ea:d4:07:dc:af:da:ec:2a:90:2a:5b:ee:f7:53:23:
1e:62:56:e7:b0:25:ac:19:7e:ea:78:0c:2d:5c:71:
54:10:a5:c2:1a:f6:1c:03:1c:59:84:37:bd:26:f6:
1b:89:4e:2c:6b:74:40:7e:8d:fc:d9:62:dd:a6:de:
ae:f4:29:e9:eb:62:b5:1f:6d:fb:8a:37:e6:35:d7:
36:f3:6f:e1:13:8b:93:b6:83:ca:6d:a9:30:05:0d:
86:f7:b1:26:fc:59:07:2b:e3:d9:c2:e0:01:07:f4:
39:30:83:32:4a:d7:03:f9:48:66:5e:09:70:66:36:
2c:4c:4f:5d:66:10:34:64:3a:b0:f7:79:b9:39:ee:
30:c7:64:98:ef:6d:03:23:dd:c3:b2:7c:94:3c:67:
27:fb:b2:89:78:0f:0d:74:d0:74:47:70:fd:56:bd:
d5:e7:d5:25:13:16:6b:0e:32:2b:76:17:9a:04:86:
36:43:6b:d4:f8:ca:30:77:16:fe:5d:2e:36:ff:c6:
e0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B5:FE:23:1C:49:AF:21:82:48:B6:66:97:A4:B2:17:24:6B:EF:8A
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/EbX-IxxJryGCSLZml6SyFyRr74o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.96.0/22
193.233.104.0-193.233.119.255
193.233.124.0/22
Signature Algorithm: sha256WithRSAEncryption
95:4a:6c:57:a7:cb:0e:e1:02:9d:ae:3c:d2:79:7a:c8:3c:b3:
8b:33:b9:53:f5:d0:c6:45:89:61:c5:89:d6:43:f5:fe:8a:b1:
92:83:25:cc:64:9c:d1:1e:69:4d:de:2d:33:4b:ab:eb:08:27:
96:63:f5:9e:46:fd:6f:bb:2e:eb:80:46:a1:4c:f8:b1:cb:81:
cb:92:76:52:26:e4:7a:fb:8f:1c:64:12:63:4a:d8:9e:4a:68:
53:dc:ac:f4:f2:6f:a8:b9:c5:93:7e:d6:ea:d3:bf:ea:5a:3f:
32:07:31:cf:eb:11:e7:85:bb:52:3d:cb:0a:3a:8b:9f:24:54:
9f:63:be:97:22:f0:1e:1d:dd:99:a7:1b:ae:68:2c:2d:fa:be:
27:fe:bc:9e:21:8b:67:67:fa:d8:74:1a:b8:0f:9e:44:83:ab:
37:a9:9b:c7:13:d5:c7:ae:f5:18:5e:36:11:dc:26:a0:9a:6d:
9f:45:7a:d5:d7:77:8d:7a:05:3d:ad:bd:36:98:a1:47:28:15:
7c:86:36:68:b9:d0:11:6e:9d:0c:ce:30:75:1b:06:db:47:64:
19:d1:c9:80:f1:f7:44:81:d0:d8:c3:2f:eb:3a:79:2f:f5:a9:
39:fa:14:97:44:60:c7:82:87:db:56:be:35:b1:fd:de:6a:28:
43:1b:eb:88
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYSlb7wHhRbYarAqLLWBZmdtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMTIzMTcwMTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWI1ZmUyMzFjNDlhZjIxODI0OGI2NjY5N2E0YjIxNzI0NmJlZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhg3dvk4ewIWaTQ1AsI4NojV4PSol
H2vHDOZdgn72rvsgMDX5823ZCEZ3MytSwv5LRkBYM+7/4RWjngTq1Afcr9rsKpAq
W+73UyMeYlbnsCWsGX7qeAwtXHFUEKXCGvYcAxxZhDe9JvYbiU4sa3RAfo382WLd
pt6u9Cnp62K1H237ijfmNdc282/hE4uTtoPKbakwBQ2G97Em/FkHK+PZwuABB/Q5
MIMyStcD+UhmXglwZjYsTE9dZhA0ZDqw93m5Oe4wx2SY720DI93DsnyUPGcn+7KJ
eA8NdNB0R3D9Vr3V59UlExZrDjIrdheaBIY2Q2vU+Mowdxb+XS42/8bg0QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBG1/iMcSa8hgki2Zpekshcka++KMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvRWJYLUl4eEpyeUdDU0xabWw2U3lGeVJyNzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCwelgMAwD
BAPB6WgDBAPB6XADBALB6XwwDQYJKoZIhvcNAQELBQADggEBAJVKbFenyw7hAp2u
PNJ5esg8s4szuVP10MZFiWHFidZD9f6KsZKDJcxknNEeaU3eLTNLq+sIJ5Zj9Z5G
/W+7LuuARqFM+LHLgcuSdlIm5Hr7jxxkEmNK2J5KaFPcrPTyb6i5xZN+1urTv+pa
PzIHMc/rEeeFu1I9ywo6i58kVJ9jvpci8B4d3ZmnG65oLC36vif+vJ4hi2dn+th0
GrgPnkSDqzepm8cT1ceu9RheNhHcJqCabZ9FetXXd416BT2tvTaYoUcoFXyGNmi5
0BFunQzOMHUbBttHZBnRyYDx90SB0NjDL+s6eS/1qTn6FJdEYMeCh9tWvjWx/d5q
KEMb64g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org