Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MuvOg6z1wefMMD2pho9l5piG_yI.roa
File: MuvOg6z1wefMMD2pho9l5piG_yI.roa (raw, json)
Hash identifier: 2z18g6HNi6njvKCcw1SXnViCnF39jKQ7HEmxA7BTLPA=
Subject key identifier: 32:EB:CE:83:AC:F5:C1:E7:CC:30:3D:A9:86:8F:65:E6:98:86:FF:22
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 05437EB3
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MuvOg6z1wefMMD2pho9l5piG_yI.roa
Signing time: Tue 12 Apr 2022 11:08:35 +0000
ROA not before: Tue 12 Apr 2022 11:08:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51659
IP address blocks: 193.233.84.0/22 maxlen: 22
193.233.92.0/22 maxlen: 22
193.233.17.0/24 maxlen: 24
193.233.16.0/24 maxlen: 24
193.233.22.0/24 maxlen: 24
193.233.23.0/24 maxlen: 24
193.233.21.0/24 maxlen: 24
193.233.19.0/24 maxlen: 24
193.233.20.0/24 maxlen: 24
193.233.240.0/22 maxlen: 22
193.233.18.0/24 maxlen: 24
193.233.252.0/22 maxlen: 22
193.233.61.0/24 maxlen: 24
193.233.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88309427 (0x5437eb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 12 11:08:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32ebce83acf5c1e7cc303da9868f65e69886ff22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c5:44:11:e9:ca:29:9f:0d:bd:00:da:60:91:
45:7a:2f:42:9b:6f:38:9d:b1:89:02:25:f8:1d:79:
e2:63:56:e8:c4:a2:a5:ee:90:5f:e4:bc:81:f5:13:
fc:a5:e3:3c:98:d4:17:43:4b:67:1e:67:0f:5e:6a:
3c:38:53:ac:db:ba:6a:c8:1a:2a:43:13:18:d7:a3:
49:06:50:bc:07:f8:69:e5:dc:27:4c:e6:1c:ab:1e:
07:92:0c:63:e3:b4:b3:cd:22:c0:6a:1d:94:d9:d3:
fb:9e:8a:ed:ba:00:26:a7:e7:11:d7:e6:dc:f8:d2:
8c:9b:5f:d1:a4:01:77:1b:37:36:3d:cf:4e:6f:34:
8f:e5:41:25:29:41:84:9c:00:07:b2:3e:51:2d:eb:
a5:20:2a:69:67:48:af:ff:5f:93:81:d8:14:14:be:
27:10:ce:95:51:31:49:a2:14:b5:96:a9:c8:7e:34:
98:69:c2:fa:77:fe:d2:fe:4a:9f:eb:e2:f2:49:99:
69:1d:4d:96:94:87:f0:89:68:fc:90:01:49:78:f4:
7d:e6:c2:b3:90:74:c5:45:cb:1b:6e:45:33:f5:b1:
72:4b:05:f3:ea:50:96:7b:dd:3f:42:a7:cc:b0:de:
47:e2:d0:c8:8f:57:d4:55:4f:e5:5d:75:a9:71:6b:
51:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:EB:CE:83:AC:F5:C1:E7:CC:30:3D:A9:86:8F:65:E6:98:86:FF:22
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MuvOg6z1wefMMD2pho9l5piG_yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.16.0/21
193.233.61.0/24
193.233.84.0/22
193.233.92.0/22
193.233.192.0/22
193.233.240.0/22
193.233.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:16:96:51:c8:df:11:81:b2:36:63:cb:a5:f6:ea:9e:f8:6c:
9a:c8:30:e5:ec:39:ec:1e:6a:92:dc:95:91:b1:86:ec:41:6a:
c3:db:68:79:b2:ac:25:f1:3a:9d:31:8b:fa:ef:93:7c:27:2d:
bd:86:19:be:25:c0:73:41:ff:55:6c:9b:b4:00:ee:ed:2b:c5:
c0:a7:53:85:43:40:20:95:f9:61:8b:e4:8f:01:ec:77:8e:e6:
e6:e3:d6:b0:d1:09:20:8b:4f:1b:52:8a:10:9e:71:fe:1a:fe:
76:98:30:64:82:94:2b:77:ec:dc:59:a6:77:7e:f0:c2:95:33:
f5:ec:f9:75:3b:a4:b3:4f:15:f9:28:0e:21:6e:2b:d9:ce:74:
07:fb:f1:ac:bd:48:04:1e:43:65:ef:5c:0b:ad:73:a3:3c:c0:
b6:bd:e7:ea:99:11:d8:1e:d1:4d:d8:20:e7:9f:ce:3d:5c:65:
ce:36:fa:9b:84:2b:b4:e6:0a:1a:af:f2:64:af:20:ea:94:46:
a2:f0:73:2c:9c:52:10:16:da:4a:46:8b:42:12:2f:72:8c:91:
e7:79:97:28:04:cd:8f:0b:ec:38:ab:d2:ee:23:ab:53:d9:45:
3f:a8:aa:b0:35:dd:73:40:40:14:98:df:43:d0:99:20:d5:ac:
b6:39:f0:fd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEBUN+szANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDQx
MjExMDgzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJlYmNlODNhY2Y1
YzFlN2NjMzAzZGE5ODY4ZjY1ZTY5ODg2ZmYyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/FRBHpyimfDb0A2mCRRXovQptvOJ2xiQIl+B154mNW6MSi
pe6QX+S8gfUT/KXjPJjUF0NLZx5nD15qPDhTrNu6asgaKkMTGNejSQZQvAf4aeXc
J0zmHKseB5IMY+O0s80iwGodlNnT+56K7boAJqfnEdfm3PjSjJtf0aQBdxs3Nj3P
Tm80j+VBJSlBhJwAB7I+US3rpSAqaWdIr/9fk4HYFBS+JxDOlVExSaIUtZapyH40
mGnC+nf+0v5Kn+vi8kmZaR1NlpSH8Ilo/JABSXj0febCs5B0xUXLG25FM/WxcksF
8+pQlnvdP0KnzLDeR+LQyI9X1FVP5V11qXFrUa0CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQy686DrPXB58wwPamGj2XmmIb/IjAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L011dk9nNnoxd2VmTU1EMnBobzlsNXBpR195SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEA8HpEAMEAMHpPQMEAsHpVAMEAsHp
XAMEAsHpwAMEAsHp8AMEAsHp/DANBgkqhkiG9w0BAQsFAAOCAQEAXRaWUcjfEYGy
NmPLpfbqnvhsmsgw5ew57B5qktyVkbGG7EFqw9toebKsJfE6nTGL+u+TfCctvYYZ
viXAc0H/VWybtADu7SvFwKdThUNAIJX5YYvkjwHsd47m5uPWsNEJIItPG1KKEJ5x
/hr+dpgwZIKUK3fs3Fmmd37wwpUz9ez5dTuks08V+SgOIW4r2c50B/vxrL1IBB5D
Ze9cC61zozzAtr3n6pkR2B7RTdgg55/OPVxlzjb6m4QrtOYKGq/yZK8g6pRGovBz
LJxSEBbaSkaLQhIvcoyR53mXKATNjwvsOKvS7iOrU9lFP6iqsDXdc0BAFJjfQ9CZ
INWstjnw/Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:30 2023 by rpki-client on console-ams.rpki-client.org