Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/NJDmy0ai2Sg6wn8JOvFfr3SlqVA.roa
File: NJDmy0ai2Sg6wn8JOvFfr3SlqVA.roa (raw, json)
Hash identifier: hZLjV9JuuRduz6Uru78CT0cJwCPXitO5/dfmiUWoxQg=
Subject key identifier: 34:90:E6:CB:46:A2:D9:28:3A:C2:7F:09:3A:F1:5F:AF:74:A5:A9:50
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0182894340CF1FACFA5A052A077CE8C8AC48
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/NJDmy0ai2Sg6wn8JOvFfr3SlqVA.roa
Signing time: Wed 10 Aug 2022 19:37:42 +0000
ROA not before: Wed 10 Aug 2022 19:37:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210352
IP address blocks: 193.233.234.0/24 maxlen: 24
193.233.49.0/24 maxlen: 24
193.233.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:89:43:40:cf:1f:ac:fa:5a:05:2a:07:7c:e8:c8:ac:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Aug 10 19:37:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3490e6cb46a2d9283ac27f093af15faf74a5a950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:94:0a:7c:b1:bd:99:a5:fd:99:6f:5d:fc:32:
30:a7:e5:fe:b9:66:65:39:ea:dd:2b:d2:af:fa:2e:
1d:65:c1:ed:cf:db:ea:9b:de:89:d4:dd:14:74:09:
66:a6:aa:0d:50:5e:11:f8:4a:47:24:34:a7:34:21:
a6:c9:55:0c:e2:0f:74:7f:75:ad:fe:8c:d6:3a:6b:
b2:fc:3b:ed:00:f1:9d:15:f2:4e:60:df:6f:2d:25:
9a:da:5a:01:7d:48:19:73:7b:58:76:d4:58:c7:a3:
cd:28:4b:98:5f:ee:c5:86:ea:56:c4:e8:79:32:d4:
64:f3:8f:ee:a7:ea:a7:19:41:28:e0:e5:6f:62:a3:
c3:fa:98:e1:fd:70:72:9d:1d:76:72:5a:bb:d2:25:
d5:87:3d:cb:dc:be:5d:c9:33:a3:25:0f:a1:21:65:
b4:84:e8:6e:4a:da:2c:ae:37:a4:e9:9e:37:64:3f:
3d:a6:3d:b2:70:65:09:41:c8:9e:46:4c:f6:93:ff:
7b:00:4f:2f:45:19:98:c5:c8:27:9b:c6:1d:f4:08:
82:88:6a:9b:88:9f:fe:85:60:94:9a:6c:45:4f:2e:
f9:8c:a5:61:b5:2f:cb:ac:b5:9e:3e:9e:37:f8:18:
fd:23:a1:3d:7a:85:75:8e:5f:cd:ea:e7:aa:b8:68:
38:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:90:E6:CB:46:A2:D9:28:3A:C2:7F:09:3A:F1:5F:AF:74:A5:A9:50
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/NJDmy0ai2Sg6wn8JOvFfr3SlqVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.48.0/23
193.233.234.0/24
Signature Algorithm: sha256WithRSAEncryption
77:ba:17:e4:65:40:03:f2:40:62:3f:e7:42:04:7e:10:f7:71:
82:23:ce:c1:8b:1d:cb:48:b3:98:2c:8f:2b:e1:4c:16:07:cc:
f2:30:5c:13:83:0a:f2:47:87:5f:56:db:9d:d5:b8:4f:bc:ed:
18:53:51:8c:d5:cd:e9:ba:3c:5f:48:5a:20:e4:83:48:05:e3:
9c:66:f8:ef:d6:23:41:7d:aa:b5:77:b7:1f:56:4f:4d:90:24:
ad:2d:dd:ff:4e:f7:7a:e5:c3:1a:b7:bf:fd:c5:b2:da:d0:3f:
ff:21:26:72:61:31:8d:b6:d1:ca:22:31:1e:6d:5a:4a:98:50:
0c:6c:c9:99:09:0e:89:b3:8a:4c:29:2c:96:dc:b1:c3:65:6f:
61:f7:18:de:d7:01:77:78:6c:d3:8c:5a:02:43:2d:ae:d9:a9:
8d:d4:c2:69:57:dd:25:d9:58:86:63:7b:6d:cd:73:d9:94:84:
c3:75:26:c7:87:50:a0:fe:ba:72:5e:01:77:7d:8f:d8:01:22:
78:5c:64:3f:b2:13:1c:5e:bf:d5:2b:1a:6f:fd:40:5d:f2:5b:
4a:72:56:9d:3d:7f:41:30:c7:18:1c:ae:5a:c1:00:ff:5b:a5:
0f:ee:ff:73:db:ff:0f:52:7f:77:33:f8:f2:4d:0a:43:90:d0:
7e:ef:26:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKJQ0DPH6z6WgUqB3zoyKxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwODEwMTkzNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDkwZTZjYjQ2YTJkOTI4M2FjMjdmMDkzYWYxNWZhZjc0YTVhOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5QKfLG9maX9mW9d/DIwp+X+uWZl
OerdK9Kv+i4dZcHtz9vqm96J1N0UdAlmpqoNUF4R+EpHJDSnNCGmyVUM4g90f3Wt
/ozWOmuy/DvtAPGdFfJOYN9vLSWa2loBfUgZc3tYdtRYx6PNKEuYX+7FhupWxOh5
MtRk84/up+qnGUEo4OVvYqPD+pjh/XBynR12clq70iXVhz3L3L5dyTOjJQ+hIWW0
hOhuStosrjek6Z43ZD89pj2ycGUJQcieRkz2k/97AE8vRRmYxcgnm8Yd9AiCiGqb
iJ/+hWCUmmxFTy75jKVhtS/LrLWePp43+Bj9I6E9eoV1jl/N6uequGg4YwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDSQ5stGotkoOsJ/CTrxX690palQMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvTkpEbXkwYWkyU2c2d244Sk92RmZyM1NscVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwekwAwQA
wenqMA0GCSqGSIb3DQEBCwUAA4IBAQB3uhfkZUAD8kBiP+dCBH4Q93GCI87Bix3L
SLOYLI8r4UwWB8zyMFwTgwryR4dfVtud1bhPvO0YU1GM1c3pujxfSFog5INIBeOc
Zvjv1iNBfaq1d7cfVk9NkCStLd3/Tvd65cMat7/9xbLa0D//ISZyYTGNttHKIjEe
bVpKmFAMbMmZCQ6Js4pMKSyW3LHDZW9h9xje1wF3eGzTjFoCQy2u2amN1MJpV90l
2ViGY3ttzXPZlITDdSbHh1Cg/rpyXgF3fY/YASJ4XGQ/shMcXr/VKxpv/UBd8ltK
cladPX9BMMcYHK5awQD/W6UP7v9z2/8PUn93M/jyTQpDkNB+7yaz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org