Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/UE-zAcMANx2WIzhnmcP08tKYvww.roa
File: UE-zAcMANx2WIzhnmcP08tKYvww.roa (raw, json)
Hash identifier: peZTdeladLy6+321temzn0FkhYF4JlgYcKjqlbPCd+A=
Subject key identifier: 50:4F:B3:01:C3:00:37:1D:96:23:38:67:99:C3:F4:F2:D2:98:BF:0C
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0183F598C176AFBE368229D04B9815F0DD5C
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/UE-zAcMANx2WIzhnmcP08tKYvww.roa
Signing time: Thu 20 Oct 2022 13:32:52 +0000
ROA not before: Thu 20 Oct 2022 13:32:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.120.0/23 maxlen: 23
193.233.124.0/23 maxlen: 23
193.233.122.0/23 maxlen: 23
193.233.126.0/23 maxlen: 23
193.233.96.0/22 maxlen: 22
193.233.104.0/22 maxlen: 22
193.233.112.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:98:c1:76:af:be:36:82:29:d0:4b:98:15:f0:dd:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Oct 20 13:32:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=504fb301c300371d9623386799c3f4f2d298bf0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b1:c9:40:75:20:88:de:47:5e:07:47:7e:04:
57:89:49:9e:c3:89:58:3e:20:c2:fa:d2:cb:96:57:
70:df:e7:21:4d:b9:0c:a9:36:ed:ae:a5:48:18:b3:
a6:1f:0a:f6:0f:a4:db:02:ba:8b:f4:df:a6:be:fa:
be:c7:ee:e2:6c:39:d2:b5:49:05:ff:6b:73:71:fa:
7d:ac:34:62:ff:d1:a9:5a:17:16:11:f2:7c:3a:fc:
40:2e:2c:d8:90:c0:b2:1e:b5:ec:a1:49:34:73:40:
d5:db:8d:e5:12:31:00:8f:79:fe:5d:68:32:74:e5:
47:6e:d7:0d:ba:8c:66:35:ee:f7:56:7e:c5:0f:d1:
7f:dd:f7:28:70:12:9b:76:d3:7c:35:46:c8:c2:f9:
9e:76:90:a2:38:57:d3:a8:f9:6a:48:d7:fd:6e:90:
c0:28:9b:13:68:7f:fa:57:b8:e0:55:65:f6:75:45:
f4:b5:0d:d3:2f:9d:b2:b6:3b:2a:ca:1b:9a:b3:d0:
db:93:a4:bf:48:31:76:e3:e9:2a:11:25:e1:6f:33:
35:65:df:cf:41:0b:3f:89:6b:bf:66:a7:c6:1b:4e:
ff:e9:31:67:ff:93:53:9c:db:d8:80:4b:ee:27:4e:
47:f0:12:bf:af:ed:6e:a3:81:32:ae:e3:10:a1:1d:
5b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4F:B3:01:C3:00:37:1D:96:23:38:67:99:C3:F4:F2:D2:98:BF:0C
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/UE-zAcMANx2WIzhnmcP08tKYvww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.96.0/22
193.233.104.0-193.233.127.255
Signature Algorithm: sha256WithRSAEncryption
43:0f:f5:03:79:58:a7:10:ea:ac:8a:aa:0a:3f:0e:4b:c7:d9:
31:7f:f5:7b:56:81:23:b1:6a:c2:45:ee:78:5e:de:7a:89:c1:
ff:71:62:81:44:7c:03:8e:2a:ce:9d:db:82:fb:f5:c6:9a:5e:
39:21:b9:f3:21:77:a7:c3:ab:01:6d:27:eb:75:ac:54:23:d1:
dd:59:86:e0:a7:ff:97:61:c8:84:16:c0:eb:5d:1d:ad:14:6a:
92:3c:e6:d8:e2:50:53:f4:e6:d9:68:43:59:98:3f:00:68:ac:
23:c3:e1:40:a3:a0:61:cd:a4:55:9b:54:0e:a3:a8:c5:17:87:
f8:0f:54:e4:7e:b6:23:63:eb:7b:68:8c:60:3d:02:60:d5:1a:
f1:ab:41:dd:e2:39:6a:24:36:0e:8c:fd:a3:fe:f0:d0:23:a3:
c8:78:dc:ea:d5:a6:18:3a:41:96:a6:e6:bb:7b:dd:f6:ac:1b:
d5:29:47:bf:78:4c:f3:e6:56:e1:aa:3d:4e:8e:ba:fa:27:5d:
54:76:d2:23:78:10:3a:51:d2:33:21:a0:4d:bc:bb:d1:87:08:
31:ff:6c:3f:10:f0:b8:1c:5d:da:4d:77:50:b3:9c:9a:7b:32:
bd:14:70:4a:88:d6:ee:90:9f:20:8e:fc:7b:81:cd:87:28:18:
05:c3:51:ec
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYP1mMF2r742ginQS5gV8N1cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMDIwMTMzMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDRmYjMwMWMzMDAzNzFkOTYyMzM4Njc5OWMzZjRmMmQyOThiZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLHJQHUgiN5HXgdHfgRXiUmew4lY
PiDC+tLLlldw3+chTbkMqTbtrqVIGLOmHwr2D6TbArqL9N+mvvq+x+7ibDnStUkF
/2tzcfp9rDRi/9GpWhcWEfJ8OvxALizYkMCyHrXsoUk0c0DV243lEjEAj3n+XWgy
dOVHbtcNuoxmNe73Vn7FD9F/3fcocBKbdtN8NUbIwvmedpCiOFfTqPlqSNf9bpDA
KJsTaH/6V7jgVWX2dUX0tQ3TL52ytjsqyhuas9Dbk6S/SDF24+kqESXhbzM1Zd/P
QQs/iWu/ZqfGG07/6TFn/5NTnNvYgEvuJ05H8BK/r+1uo4EyruMQoR1biwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFBPswHDADcdliM4Z5nD9PLSmL8MMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvVUUtekFjTUFOeDJXSXpobm1jUDA4dEtZdnd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCwelgMAwD
BAPB6WgDBAfB6QAwDQYJKoZIhvcNAQELBQADggEBAEMP9QN5WKcQ6qyKqgo/DkvH
2TF/9XtWgSOxasJF7nhe3nqJwf9xYoFEfAOOKs6d24L79caaXjkhufMhd6fDqwFt
J+t1rFQj0d1ZhuCn/5dhyIQWwOtdHa0UapI85tjiUFP05tloQ1mYPwBorCPD4UCj
oGHNpFWbVA6jqMUXh/gPVOR+tiNj63tojGA9AmDVGvGrQd3iOWokNg6M/aP+8NAj
o8h43OrVphg6QZam5rt73fasG9UpR794TPPmVuGqPU6OuvonXVR20iN4EDpR0jMh
oE28u9GHCDH/bD8Q8LgcXdpNd1CznJp7Mr0UcEqI1u6QnyCO/HuBzYcoGAXDUew=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org