Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TPSbJXre57B_mlrsyu2rJrNfKak.roa
File: TPSbJXre57B_mlrsyu2rJrNfKak.roa (raw, json)
Hash identifier: 8hH3eKk78hHROXYhGpyZ+bFFNsweGmJmriCUmDGCiCU=
Subject key identifier: 4C:F4:9B:25:7A:DE:E7:B0:7F:9A:5A:EC:CA:ED:AB:26:B3:5F:29:A9
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0491821E
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TPSbJXre57B_mlrsyu2rJrNfKak.roa
Signing time: Mon 31 Jan 2022 14:34:26 +0000
ROA not before: Mon 31 Jan 2022 14:34:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.120.0/22 maxlen: 22
193.233.124.0/23 maxlen: 23
193.233.126.0/23 maxlen: 23
193.233.96.0/22 maxlen: 22
193.233.104.0/22 maxlen: 22
193.233.112.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76644894 (0x491821e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 31 14:34:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cf49b257adee7b07f9a5aeccaedab26b35f29a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d3:67:6f:84:ea:ef:aa:e5:1a:f8:10:42:99:
5f:ac:77:51:b9:43:c7:3c:bf:ec:8b:6c:1f:89:8b:
7f:0b:2b:6e:4b:7a:05:67:3c:d0:2d:85:d5:6a:42:
1f:ef:22:40:c0:fa:db:82:f9:8e:f4:62:e8:56:8b:
fe:ad:3c:e2:5d:0a:5f:0b:1f:2a:0f:79:e2:ee:37:
8f:da:4d:4f:d9:28:a9:6c:bd:5f:93:cb:f4:2d:e0:
a9:55:6a:1b:60:ea:8d:0b:be:c8:af:05:bd:6b:82:
0f:82:a4:63:bd:71:66:e2:d9:ae:f9:0b:4b:36:eb:
b2:23:13:81:de:a6:50:77:63:7f:ce:89:6e:5d:55:
81:c7:b0:d8:e4:37:4f:3d:f2:0a:4a:97:b0:4d:b5:
c5:18:bd:07:b6:00:df:1a:67:97:3a:98:7d:10:45:
cd:b6:a9:5e:85:db:bf:7b:76:34:58:36:20:c2:bd:
9d:04:f1:cf:5b:f9:05:d4:ed:49:5b:e7:76:0b:58:
e9:88:c9:39:e4:84:a1:f1:78:a2:09:57:a6:41:3a:
9f:36:54:b6:67:a2:e1:9b:e4:df:69:b7:dc:25:87:
31:f2:19:f6:4c:7d:3e:01:1a:11:37:bd:f5:45:60:
fd:a1:78:21:1e:f8:e7:45:44:c2:44:ca:8b:12:88:
33:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F4:9B:25:7A:DE:E7:B0:7F:9A:5A:EC:CA:ED:AB:26:B3:5F:29:A9
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TPSbJXre57B_mlrsyu2rJrNfKak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.96.0/22
193.233.104.0-193.233.115.255
193.233.120.0/21
Signature Algorithm: sha256WithRSAEncryption
93:fd:99:af:56:f5:ec:96:39:bd:76:0b:6e:b6:cc:aa:3f:7a:
65:f0:30:dd:06:63:83:87:8e:1d:c2:b4:c6:dd:34:0a:2b:dc:
b8:2e:81:29:86:de:55:6e:81:cf:2b:db:66:26:ff:65:84:37:
18:ac:c5:72:62:fa:79:8a:47:81:60:5b:20:b6:a7:58:85:de:
92:2a:61:44:8a:f6:ce:e1:a5:e4:e7:17:73:89:99:0e:d9:cd:
52:80:39:31:9d:9d:1f:05:38:38:2a:8e:0b:f6:b2:97:ed:e6:
04:3c:39:55:11:1d:39:c9:5c:41:cc:bc:85:cf:00:12:af:a6:
75:5a:19:09:72:7e:de:8e:d9:e8:a7:0d:d7:a5:74:be:8e:26:
15:e0:23:a7:8c:e1:2d:b8:82:95:d8:83:a1:d7:86:36:a4:9e:
a1:82:52:8a:09:b2:58:68:55:6a:ff:62:13:35:b1:4a:30:60:
1b:bb:1c:8f:c2:98:7a:03:8a:25:b7:5c:07:b7:ae:39:59:43:
4a:cb:66:15:f2:3b:ec:6d:60:43:07:94:31:17:35:83:63:e7:
a3:a4:df:4a:2f:dd:b6:3f:d9:ce:76:92:95:9b:ea:e8:d4:80:
29:91:d1:c1:08:04:43:9e:85:88:21:10:fd:b8:a8:7f:d5:81:
ef:71:9e:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBJGCHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEz
MTE0MzQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGNmNDliMjU3YWRl
ZTdiMDdmOWE1YWVjY2FlZGFiMjZiMzVmMjlhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3TZ2+E6u+q5Rr4EEKZX6x3UblDxzy/7ItsH4mLfwsrbkt6
BWc80C2F1WpCH+8iQMD624L5jvRi6FaL/q084l0KXwsfKg954u43j9pNT9koqWy9
X5PL9C3gqVVqG2DqjQu+yK8FvWuCD4KkY71xZuLZrvkLSzbrsiMTgd6mUHdjf86J
bl1Vgcew2OQ3Tz3yCkqXsE21xRi9B7YA3xpnlzqYfRBFzbapXoXbv3t2NFg2IMK9
nQTxz1v5BdTtSVvndgtY6YjJOeSEofF4oglXpkE6nzZUtmei4Zvk32m33CWHMfIZ
9kx9PgEaETe99UVg/aF4IR7450VEwkTKixKIM70CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRM9Jslet7nsH+aWuzK7asms18pqTAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L1RQU2JKWHJlNTdCX21scnN5dTJySnJOZkthay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAsHpYDAMAwQDweloAwQCwelwAwQD
wel4MA0GCSqGSIb3DQEBCwUAA4IBAQCT/ZmvVvXsljm9dgtutsyqP3pl8DDdBmOD
h44dwrTG3TQKK9y4LoEpht5VboHPK9tmJv9lhDcYrMVyYvp5ikeBYFsgtqdYhd6S
KmFEivbO4aXk5xdziZkO2c1SgDkxnZ0fBTg4Ko4L9rKX7eYEPDlVER05yVxBzLyF
zwASr6Z1WhkJcn7ejtnopw3XpXS+jiYV4COnjOEtuIKV2IOh14Y2pJ6hglKKCbJY
aFVq/2ITNbFKMGAbuxyPwph6A4olt1wHt645WUNKy2YV8jvsbWBDB5QxFzWDY+ej
pN9KL922P9nOdpKVm+ro1IApkdHBCARDnoWIIRD9uKh/1YHvcZ6A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:30 2023 by rpki-client on console-ams.rpki-client.org