Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/XJA09Wd32dfLNKiXLJEJ0a5WDf8.roa
File: XJA09Wd32dfLNKiXLJEJ0a5WDf8.roa (raw, json)
Hash identifier: /vYWNPEIOowVaFnIpEXkZheE2bRPwohxZyKYXLVu+kU=
Subject key identifier: 5C:90:34:F5:67:77:D9:D7:CB:34:A8:97:2C:91:09:D1:AE:56:0D:FF
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 05D3AC76
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/XJA09Wd32dfLNKiXLJEJ0a5WDf8.roa
Signing time: Sun 05 Jun 2022 17:52:20 +0000
ROA not before: Sun 05 Jun 2022 17:52:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51659
IP address blocks: 193.233.84.0/22 maxlen: 22
193.233.92.0/22 maxlen: 22
193.233.17.0/24 maxlen: 24
193.233.16.0/24 maxlen: 24
193.233.22.0/24 maxlen: 24
193.233.23.0/24 maxlen: 24
193.233.21.0/24 maxlen: 24
193.233.19.0/24 maxlen: 24
193.233.20.0/24 maxlen: 24
193.233.240.0/22 maxlen: 22
193.233.18.0/24 maxlen: 24
193.233.252.0/22 maxlen: 22
193.233.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97758326 (0x5d3ac76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jun 5 17:52:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c9034f56777d9d7cb34a8972c9109d1ae560dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:09:34:a9:a7:8c:66:44:8e:59:e0:bb:95:3e:
5e:7c:d2:7b:5e:f9:d1:25:e2:6f:ea:a5:ba:ae:76:
58:58:ad:01:c2:45:01:cc:f9:be:ec:c3:24:05:81:
09:f4:35:a1:26:45:a7:e8:8b:65:c1:3e:cd:b2:29:
3d:f0:aa:0d:c7:be:3d:5e:af:7d:bd:74:eb:e6:9d:
1b:75:e7:a8:3d:5d:f1:09:a2:33:50:3f:75:53:13:
42:0e:e1:3a:2a:9d:75:f1:a3:10:bc:5b:24:f0:50:
67:e0:9a:77:c4:91:ec:22:95:21:4a:29:b2:95:33:
21:df:d3:24:4d:ed:0f:a5:4a:0b:35:50:41:95:62:
8d:27:ef:3d:c7:bb:06:6c:d5:14:09:69:0e:9e:4e:
3c:94:4a:57:99:0e:34:9d:89:9c:ab:83:a6:5a:47:
35:8f:c1:b5:92:a7:bc:a8:3f:33:cc:57:da:60:17:
c6:ac:cc:80:f7:58:8e:48:36:b9:cb:6d:74:82:50:
49:5a:ae:75:73:2b:0c:ec:37:32:a9:8e:96:47:8f:
c1:9a:c3:7d:8c:f0:58:80:ae:eb:d4:d4:3e:9c:6f:
32:3b:bf:a9:8d:4a:cb:4f:32:4a:1b:d7:c3:c4:61:
73:c1:1f:f3:28:10:65:ce:f0:4b:40:58:e3:55:10:
da:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:90:34:F5:67:77:D9:D7:CB:34:A8:97:2C:91:09:D1:AE:56:0D:FF
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/XJA09Wd32dfLNKiXLJEJ0a5WDf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.16.0/21
193.233.61.0/24
193.233.84.0/22
193.233.92.0/22
193.233.240.0/22
193.233.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:df:66:42:04:c5:23:56:9a:83:d7:3a:d1:03:31:a4:fa:29:
f5:7e:27:a6:f0:7d:0d:3b:a4:f2:ce:53:f2:61:d3:04:ae:64:
fc:5e:f6:a9:dd:f2:d0:06:bb:ce:55:5d:0a:b4:d0:bd:df:5c:
5a:89:73:7f:24:fb:0a:a6:9b:f1:f8:95:92:c0:94:80:36:e2:
dc:2b:e0:60:3d:fa:79:46:da:5d:f9:82:72:2c:e9:c8:c0:81:
34:26:5e:68:2c:75:a9:2d:62:bb:08:f3:f3:9d:dd:1f:11:2f:
00:58:5e:8b:71:ac:e5:a0:c3:b1:db:19:7b:3c:a2:68:41:d7:
c4:a8:29:e5:5a:db:71:a0:05:14:2a:22:bd:86:9a:b7:15:70:
49:d2:61:db:e9:68:78:c1:c9:44:5e:3b:b5:94:e0:ef:65:75:
59:ad:de:94:27:1b:44:5b:bc:c5:2c:03:ce:c3:92:cd:00:dd:
0f:25:10:44:c9:a5:7a:9b:ac:10:6b:de:07:51:c8:2c:3e:44:
c7:c9:90:ac:b1:5c:03:8e:05:36:6b:cf:6c:1f:73:49:9f:4a:
ce:cb:ce:42:c9:df:94:51:61:cd:63:ad:c7:d7:0b:d2:4c:af:
13:13:87:34:d9:40:e2:b0:6f:c5:df:59:4d:c3:9e:d8:e1:5c:
3b:8a:27:73
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBdOsdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDYw
NTE3NTIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM5MDM0ZjU2Nzc3
ZDlkN2NiMzRhODk3MmM5MTA5ZDFhZTU2MGRmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkJNKmnjGZEjlngu5U+XnzSe1750SXib+qluq52WFitAcJF
Acz5vuzDJAWBCfQ1oSZFp+iLZcE+zbIpPfCqDce+PV6vfb106+adG3XnqD1d8Qmi
M1A/dVMTQg7hOiqddfGjELxbJPBQZ+Cad8SR7CKVIUopspUzId/TJE3tD6VKCzVQ
QZVijSfvPce7BmzVFAlpDp5OPJRKV5kONJ2JnKuDplpHNY/BtZKnvKg/M8xX2mAX
xqzMgPdYjkg2ucttdIJQSVqudXMrDOw3MqmOlkePwZrDfYzwWICu69TUPpxvMju/
qY1Ky08yShvXw8Rhc8Ef8ygQZc7wS0BY41UQ2qECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRckDT1Z3fZ18s0qJcskQnRrlYN/zAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L1hKQTA5V2QzMmRmTE5LaVhMSkVKMGE1V0RmOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEA8HpEAMEAMHpPQMEAsHpVAMEAsHp
XAMEAsHp8AMEAsHp/DANBgkqhkiG9w0BAQsFAAOCAQEAm99mQgTFI1aag9c60QMx
pPop9X4npvB9DTuk8s5T8mHTBK5k/F72qd3y0Aa7zlVdCrTQvd9cWolzfyT7Cqab
8fiVksCUgDbi3CvgYD36eUbaXfmCcizpyMCBNCZeaCx1qS1iuwjz853dHxEvAFhe
i3Gs5aDDsdsZezyiaEHXxKgp5VrbcaAFFCoivYaatxVwSdJh2+loeMHJRF47tZTg
72V1Wa3elCcbRFu8xSwDzsOSzQDdDyUQRMmlepusEGveB1HILD5Ex8mQrLFcA44F
NmvPbB9zSZ9KzsvOQsnflFFhzWOtx9cL0kyvExOHNNlA4rBvxd9ZTcOe2OFcO4on
cw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:30 2023 by rpki-client on console-ams.rpki-client.org