Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/NlZoRC-aPueSh9axvJ8qtmJ2M5c.roa
File: NlZoRC-aPueSh9axvJ8qtmJ2M5c.roa (raw, json)
Hash identifier: HyJCgAgh6lL+wIJcNmACbOwA8I1wxGbypQ4kNjp5Gjc=
Subject key identifier: 36:56:68:44:2F:9A:3E:E7:92:87:D6:B1:BC:9F:2A:B6:62:76:33:97
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 04F556FE
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/NlZoRC-aPueSh9axvJ8qtmJ2M5c.roa
Signing time: Tue 08 Mar 2022 14:07:46 +0000
ROA not before: Tue 08 Mar 2022 14:07:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.120.0/22 maxlen: 22
193.233.124.0/23 maxlen: 23
193.233.126.0/23 maxlen: 23
193.233.96.0/22 maxlen: 22
193.233.104.0/22 maxlen: 22
193.233.112.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83187454 (0x4f556fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Mar 8 14:07:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=365668442f9a3ee79287d6b1bc9f2ab662763397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d4:f2:2d:4d:6b:6e:fb:34:b9:48:13:c7:10:
2a:88:42:e2:8b:27:8f:f2:4e:5f:89:12:b2:26:d2:
14:b1:eb:b5:45:76:c0:92:e0:5e:1b:6e:e4:39:8e:
cc:d9:77:48:03:0d:cf:2b:b1:4b:0f:20:8f:40:c3:
31:fc:a6:18:d3:96:e6:28:ae:97:c0:3e:c4:b3:90:
2f:f7:ba:05:66:6a:ef:8c:ef:d9:32:0e:6d:fb:ac:
6d:68:9d:d5:e4:5c:35:2e:fd:08:7e:7b:ca:51:cd:
80:fa:51:aa:da:b9:81:b2:1b:e6:26:ee:e5:3f:28:
17:73:03:fc:74:38:3b:8b:61:77:cb:77:12:06:e6:
e2:1b:c3:d9:05:09:8b:86:71:62:39:fa:45:c2:b9:
41:ed:d7:c7:ef:44:a8:8e:15:d7:ea:5c:56:46:12:
62:d6:4d:a7:9f:28:40:33:f7:01:e0:28:29:ce:c7:
80:5a:54:ea:16:28:af:8f:72:b4:9e:6b:d5:03:f5:
23:76:f2:ee:31:4a:a5:4a:07:4f:2e:b7:07:d7:c1:
1e:ad:48:b1:58:8c:97:24:c4:20:e8:04:8e:05:63:
a1:15:12:03:c6:a2:2f:14:e2:a7:85:a9:80:7e:c1:
72:b0:c0:9d:2d:00:ee:51:10:56:f8:b7:62:c8:f7:
92:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:56:68:44:2F:9A:3E:E7:92:87:D6:B1:BC:9F:2A:B6:62:76:33:97
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/NlZoRC-aPueSh9axvJ8qtmJ2M5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.96.0/22
193.233.104.0-193.233.127.255
Signature Algorithm: sha256WithRSAEncryption
16:d6:a7:3d:18:e9:bd:4e:df:1c:98:b9:62:f7:98:22:d9:16:
84:0f:97:03:b3:62:c3:ee:c0:23:1c:65:41:c7:39:9c:2f:47:
32:b5:6c:64:f3:be:d0:ac:03:e6:e4:7d:8e:83:62:3e:49:7d:
48:cb:84:c7:93:1d:11:2d:85:6a:35:86:30:3c:3c:ad:e1:5a:
61:d2:9f:a4:93:6c:f5:85:97:54:80:58:e1:aa:47:51:98:57:
76:32:f6:dd:21:6a:63:48:a9:a4:23:88:c9:5c:0d:55:17:02:
0d:68:a2:be:f3:00:fb:89:34:32:35:6b:34:f4:0d:35:cc:ea:
2c:43:a6:42:bc:b9:9d:25:55:79:03:e3:66:ce:88:71:8c:32:
d3:da:6b:c5:2c:e4:53:75:7c:49:c6:30:d0:a2:7d:97:64:13:
e1:40:fa:ae:ad:74:19:19:61:0b:ab:14:fb:ac:a4:99:bb:56:
d9:3f:a2:ad:5d:18:e7:b2:e5:b1:05:4b:5f:57:36:3d:26:7c:
6a:33:0d:2f:d4:89:bc:ec:f5:a8:c8:4e:fc:b2:d6:40:36:d8:
db:fb:4b:73:40:43:e6:bb:44:36:f1:10:35:e9:e7:39:b8:d4:
9a:8b:07:0e:68:4a:69:0a:dc:fc:be:7c:cc:61:9a:e7:cd:77:
4e:85:e1:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBPVW/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDMw
ODE0MDc0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY1NjY4NDQyZjlh
M2VlNzkyODdkNmIxYmM5ZjJhYjY2Mjc2MzM5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjU8i1Na277NLlIE8cQKohC4osnj/JOX4kSsibSFLHrtUV2
wJLgXhtu5DmOzNl3SAMNzyuxSw8gj0DDMfymGNOW5iiul8A+xLOQL/e6BWZq74zv
2TIObfusbWid1eRcNS79CH57ylHNgPpRqtq5gbIb5ibu5T8oF3MD/HQ4O4thd8t3
Egbm4hvD2QUJi4ZxYjn6RcK5Qe3Xx+9EqI4V1+pcVkYSYtZNp58oQDP3AeAoKc7H
gFpU6hYor49ytJ5r1QP1I3by7jFKpUoHTy63B9fBHq1IsViMlyTEIOgEjgVjoRUS
A8aiLxTip4WpgH7BcrDAnS0A7lEQVvi3Ysj3knECAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQ2VmhEL5o+55KH1rG8nyq2YnYzlzAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L05sWm9SQy1hUHVlU2g5YXh2SjhxdG1KMk01Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAsHpYDAMAwQDweloAwQHwekAMA0G
CSqGSIb3DQEBCwUAA4IBAQAW1qc9GOm9Tt8cmLli95gi2RaED5cDs2LD7sAjHGVB
xzmcL0cytWxk877QrAPm5H2Og2I+SX1Iy4THkx0RLYVqNYYwPDyt4Vph0p+kk2z1
hZdUgFjhqkdRmFd2MvbdIWpjSKmkI4jJXA1VFwINaKK+8wD7iTQyNWs09A01zOos
Q6ZCvLmdJVV5A+NmzohxjDLT2mvFLORTdXxJxjDQon2XZBPhQPqurXQZGWELqxT7
rKSZu1bZP6KtXRjnsuWxBUtfVzY9JnxqMw0v1Im87PWoyE78stZANtjb+0tzQEPm
u0Q28RA16ec5uNSaiwcOaEppCtz8vnzMYZrnzXdOheHY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org