Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TplPL7Y6q-pT2N607tXDZgI7_mg.roa
File: TplPL7Y6q-pT2N607tXDZgI7_mg.roa (raw, json)
Hash identifier: pmd0bNPIgn/uV0m7eYHUjBxLwZiogh8AjJ/lOuxDKXc=
Subject key identifier: 4E:99:4F:2F:B6:3A:AB:EA:53:D8:DE:B4:EE:D5:C3:66:02:3B:FE:68
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 042FD395
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TplPL7Y6q-pT2N607tXDZgI7_mg.roa
Signing time: Sat 01 Jan 2022 12:04:59 +0000
ROA not before: Sat 01 Jan 2022 12:04:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
193.233.197.0/24 maxlen: 24
193.233.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70243221 (0x42fd395)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 12:04:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e994f2fb63aabea53d8deb4eed5c366023bfe68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fd:ba:55:fd:2b:a6:8f:b0:20:b8:53:7d:4d:
d2:b1:32:dc:2b:9f:53:a0:07:86:73:8a:07:ea:e5:
f3:0b:38:a6:58:d4:2e:2f:c2:f1:2d:f2:9b:0c:54:
12:84:5a:31:0e:6f:75:6c:08:a3:e2:96:ba:e6:74:
1d:b9:70:77:69:83:81:c3:a6:f3:22:57:a1:c0:6f:
e6:74:66:f1:01:67:eb:8d:55:e5:df:02:b6:b0:85:
68:53:b7:c4:27:be:97:5f:5a:80:ea:61:31:59:3e:
e1:ba:ba:74:6e:9b:50:24:db:b1:81:32:1a:94:8b:
6a:85:12:d0:ca:db:f9:33:bc:e6:de:9d:4f:1d:21:
28:04:8e:c7:8c:27:37:9e:4e:3e:4d:18:50:f3:75:
d4:40:2f:c8:ef:06:04:c5:16:e2:cc:2e:5e:de:a0:
b7:12:bb:2d:59:ba:0b:2b:93:a8:c0:08:46:0d:4e:
f7:58:95:1c:b0:0c:17:a3:c4:7c:b9:50:18:d3:06:
a4:43:03:f6:6b:af:23:07:3e:c1:9e:c7:a6:ac:ff:
13:67:f7:42:43:52:4c:93:f2:4e:c6:96:4b:a4:55:
f9:4e:3b:fb:3f:99:45:51:3e:3c:5c:ad:e8:84:b9:
5f:eb:53:36:1c:e7:1d:03:db:22:01:ca:f3:20:f1:
c8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:99:4F:2F:B6:3A:AB:EA:53:D8:DE:B4:EE:D5:C3:66:02:3B:FE:68
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TplPL7Y6q-pT2N607tXDZgI7_mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.171.0/24
193.233.175.0/24
193.233.197.0/24
193.233.208.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:23:eb:6d:a9:1e:da:c3:e0:b0:f0:df:46:f8:aa:9f:35:38:
18:ca:29:23:e7:ae:6f:31:fe:c6:16:1a:2c:22:06:bd:8f:6b:
f6:f0:c6:40:7e:6f:ca:8f:a6:d3:4a:96:7a:fe:4a:d7:4a:1e:
24:4e:06:b6:63:4c:e8:8c:f8:fd:f8:80:62:57:44:58:c9:c6:
f5:85:7b:5d:4d:bf:af:e6:d8:bd:40:69:b4:f7:81:1f:57:c0:
4f:47:c1:35:4e:f8:0c:7d:99:67:15:d3:32:a6:c3:75:b6:fb:
7b:a4:00:9f:86:3f:2a:bd:fe:27:ce:d6:06:37:3a:64:b9:b1:
8b:a2:e0:10:88:77:4b:88:cf:d6:c3:41:5a:23:7c:d9:3a:9e:
b4:ae:34:7e:e3:ca:19:86:71:ad:f2:14:70:0a:e1:94:6f:20:
ed:48:5d:06:38:95:56:82:68:05:5f:c7:d3:95:14:8b:4c:1f:
58:52:51:16:cd:e0:99:02:82:ff:1f:81:72:6e:72:f3:a4:75:
6c:88:08:52:f8:14:93:6e:12:ed:ef:be:c4:11:08:3a:6f:af:
b5:6e:1f:da:09:27:57:24:a8:ef:06:83:55:d8:05:39:9b:af:
c0:a0:60:21:9c:53:d2:02:6a:35:24:8e:fc:63:77:b5:a5:a4:
15:dc:af:55
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBC/TlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEw
MTEyMDQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU5OTRmMmZiNjNh
YWJlYTUzZDhkZWI0ZWVkNWMzNjYwMjNiZmU2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKf9ulX9K6aPsCC4U31N0rEy3CufU6AHhnOKB+rl8ws4pljU
Li/C8S3ymwxUEoRaMQ5vdWwIo+KWuuZ0Hblwd2mDgcOm8yJXocBv5nRm8QFn641V
5d8CtrCFaFO3xCe+l19agOphMVk+4bq6dG6bUCTbsYEyGpSLaoUS0Mrb+TO85t6d
Tx0hKASOx4wnN55OPk0YUPN11EAvyO8GBMUW4swuXt6gtxK7LVm6CyuTqMAIRg1O
91iVHLAMF6PEfLlQGNMGpEMD9muvIwc+wZ7Hpqz/E2f3QkNSTJPyTsaWS6RV+U47
+z+ZRVE+PFyt6IS5X+tTNhznHQPbIgHK8yDxyOsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBROmU8vtjqr6lPY3rTu1cNmAjv+aDAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L1RwbFBMN1k2cS1wVDJONjA3dFhEWmdJN19tZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMHpqwMEAMHprwMEAMHpxQMEAsHp
0DANBgkqhkiG9w0BAQsFAAOCAQEAHCPrbake2sPgsPDfRviqnzU4GMopI+eubzH+
xhYaLCIGvY9r9vDGQH5vyo+m00qWev5K10oeJE4GtmNM6Iz4/fiAYldEWMnG9YV7
XU2/r+bYvUBptPeBH1fAT0fBNU74DH2ZZxXTMqbDdbb7e6QAn4Y/Kr3+J87WBjc6
ZLmxi6LgEIh3S4jP1sNBWiN82TqetK40fuPKGYZxrfIUcArhlG8g7UhdBjiVVoJo
BV/H05UUi0wfWFJRFs3gmQKC/x+Bcm5y86R1bIgIUvgUk24S7e++xBEIOm+vtW4f
2gknVySo7waDVdgFOZuvwKBgIZxT0gJqNSSO/GN3taWkFdyvVQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org