Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/RCol_ZE9xIpI3URcoAWGMy40Pw0.roa
File: RCol_ZE9xIpI3URcoAWGMy40Pw0.roa (raw, json)
Hash identifier: qvwG9ebHLeKcwkCvFNQj9Ig6YmWztzfrP1lRqtp7M7M=
Subject key identifier: 44:2A:25:FD:91:3D:C4:8A:48:DD:44:5C:A0:05:86:33:2E:34:3F:0D
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0184E885E7818750EA0D92E7AF3E3C9D9793
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/RCol_ZE9xIpI3URcoAWGMy40Pw0.roa
Signing time: Tue 06 Dec 2022 17:40:00 +0000
ROA not before: Tue 06 Dec 2022 17:40:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.124.0/23 maxlen: 23
193.233.126.0/23 maxlen: 23
193.233.104.0/22 maxlen: 22
193.233.112.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e8:85:e7:81:87:50:ea:0d:92:e7:af:3e:3c:9d:97:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Dec 6 17:40:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=442a25fd913dc48a48dd445ca00586332e343f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:de:ba:ca:55:8b:f9:a0:35:22:fd:cd:77:fa:
1d:5f:48:1f:36:57:5a:c1:eb:53:3e:13:fe:59:f4:
89:21:fe:ae:9a:26:0f:15:31:dc:ea:38:c0:6b:81:
88:c8:0c:90:28:af:b2:ce:26:9d:b3:6c:89:10:88:
0e:50:cd:34:50:67:85:d8:be:40:04:8e:50:f4:4f:
c8:0b:c9:e1:f9:b3:2e:02:c5:e6:55:18:76:7b:55:
7e:af:9b:8c:46:ff:6a:0b:e3:bf:a6:de:bd:8d:51:
00:c6:7e:96:c5:49:69:7d:59:fd:e5:28:98:53:cc:
1c:89:52:90:b7:72:06:61:88:c1:42:02:e5:68:24:
5a:ad:8a:5f:9a:5b:d5:81:7a:f6:40:8f:21:37:4c:
3d:eb:d4:48:0c:ec:5b:a5:31:69:a9:49:a7:2b:13:
e7:e2:72:e4:12:2b:c5:e0:b7:94:c1:41:43:fa:72:
dc:88:18:99:27:68:66:15:20:f5:78:d1:7e:5b:f7:
a5:4b:89:cf:be:fd:7e:4b:4b:72:e0:d5:33:ec:86:
47:fe:56:2b:65:e2:82:69:4b:0a:e0:4e:15:00:7d:
3b:96:f2:71:6e:08:76:3e:22:4b:dd:c3:7b:13:91:
58:f4:77:a0:0b:29:02:86:a6:7b:e8:f2:f9:98:6f:
7e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:2A:25:FD:91:3D:C4:8A:48:DD:44:5C:A0:05:86:33:2E:34:3F:0D
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/RCol_ZE9xIpI3URcoAWGMy40Pw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.104.0-193.233.119.255
193.233.124.0/22
Signature Algorithm: sha256WithRSAEncryption
25:c9:e9:93:89:10:80:03:45:9d:09:f8:d9:87:49:d6:99:56:
c9:2d:a8:a3:3b:04:fa:22:40:cc:56:48:e4:3f:24:00:bf:d5:
7c:c0:70:24:e0:d1:b5:cf:a8:fa:c3:e9:e2:b1:a7:2b:72:3e:
fb:dd:0e:b6:27:99:ae:12:81:f4:d9:e8:f3:7d:8a:fc:1f:a2:
8e:4b:0d:e5:d7:c1:45:a4:96:b1:2b:40:7e:e0:d2:ab:bc:5f:
2d:2a:7e:24:a6:de:f6:9f:7e:7e:ac:91:14:37:64:89:1a:f4:
aa:83:54:44:0a:d1:d7:dc:2c:01:1d:1b:5c:7e:ba:a5:16:6b:
fc:ab:3b:00:76:02:59:76:c0:7d:17:72:a9:33:b9:74:86:33:
69:73:06:01:e6:09:61:e3:0c:0d:7b:9a:97:d7:e5:74:c0:22:
87:c4:73:01:37:2a:47:ab:93:8b:f1:ac:93:76:7c:4a:20:70:
e8:76:75:87:b0:cb:09:96:7d:cb:c1:e3:2a:91:5d:40:94:2c:
8c:08:f2:fb:f0:34:95:0b:49:e6:c1:75:34:19:11:d2:5c:bc:
8c:51:e7:4b:96:9b:de:24:b8:6d:2a:cb:c2:77:5b:c7:69:2c:
bd:65:9f:a0:f3:38:c4:07:16:9b:cb:b6:d4:e1:b5:af:43:4a:
54:b3:6b:bd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYToheeBh1DqDZLnrz48nZeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMjA2MTc0MDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDJhMjVmZDkxM2RjNDhhNDhkZDQ0NWNhMDA1ODYzMzJlMzQzZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvt66ylWL+aA1Iv3Nd/odX0gfNlda
wetTPhP+WfSJIf6umiYPFTHc6jjAa4GIyAyQKK+yziads2yJEIgOUM00UGeF2L5A
BI5Q9E/IC8nh+bMuAsXmVRh2e1V+r5uMRv9qC+O/pt69jVEAxn6WxUlpfVn95SiY
U8wciVKQt3IGYYjBQgLlaCRarYpfmlvVgXr2QI8hN0w969RIDOxbpTFpqUmnKxPn
4nLkEivF4LeUwUFD+nLciBiZJ2hmFSD1eNF+W/elS4nPvv1+S0ty4NUz7IZH/lYr
ZeKCaUsK4E4VAH07lvJxbgh2PiJL3cN7E5FY9HegCykChqZ76PL5mG9+IQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEQqJf2RPcSKSN1EXKAFhjMuND8NMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUkNvbF9aRTl4SXBJM1VSY29BV0dNeTQwUHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAPB6WgD
BAPB6XADBALB6XwwDQYJKoZIhvcNAQELBQADggEBACXJ6ZOJEIADRZ0J+NmHSdaZ
VsktqKM7BPoiQMxWSOQ/JAC/1XzAcCTg0bXPqPrD6eKxpytyPvvdDrYnma4SgfTZ
6PN9ivwfoo5LDeXXwUWklrErQH7g0qu8Xy0qfiSm3vaffn6skRQ3ZIka9KqDVEQK
0dfcLAEdG1x+uqUWa/yrOwB2All2wH0XcqkzuXSGM2lzBgHmCWHjDA17mpfX5XTA
IofEcwE3Kkerk4vxrJN2fEogcOh2dYewywmWfcvB4yqRXUCULIwI8vvwNJULSebB
dTQZEdJcvIxR50uWm94kuG0qy8J3W8dpLL1ln6DzOMQHFpvLttThta9DSlSza70=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:30 2023 by rpki-client on console-ams.rpki-client.org