Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/XQnzRCjoDbTzN7i3EnK5Ew7lvKQ.roa
File: XQnzRCjoDbTzN7i3EnK5Ew7lvKQ.roa (raw, json)
Hash identifier: YgEStNeN82r/cDLzimMY7VgNsIMgndQDRtcAxjaP/GQ=
Subject key identifier: 5D:09:F3:44:28:E8:0D:B4:F3:37:B8:B7:12:72:B9:13:0E:E5:BC:A4
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 05D54991
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/XQnzRCjoDbTzN7i3EnK5Ew7lvKQ.roa
Signing time: Sun 05 Jun 2022 18:06:20 +0000
ROA not before: Sun 05 Jun 2022 18:06:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213220
IP address blocks: 193.233.124.0/22 maxlen: 22
193.233.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97864081 (0x5d54991)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jun 5 18:06:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d09f34428e80db4f337b8b71272b9130ee5bca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:90:6c:48:56:03:8e:d9:2f:42:24:e1:e8:59:
36:65:89:11:ca:67:4e:8d:51:2b:95:4e:99:03:dc:
0a:33:28:64:5e:92:c5:32:69:b4:52:df:20:be:c0:
f3:61:c0:63:54:7d:f6:d0:e5:1b:dd:6c:72:57:d2:
14:92:b5:f9:bb:7b:8a:0e:8d:04:b9:a3:90:1b:ae:
f1:f7:8e:68:a2:dc:3a:3a:38:14:ff:13:ff:07:92:
48:97:b6:39:86:bb:90:11:89:39:54:6a:5a:2b:3d:
0a:c4:9e:8f:bb:cd:9e:2f:03:8e:2d:7e:de:84:11:
2b:96:47:e7:94:e2:93:2d:20:d6:57:8b:6f:37:bb:
7c:1b:15:be:08:d3:76:67:c9:3b:d5:73:b2:97:a7:
d9:41:fe:b0:9d:0e:cc:bf:b2:ff:80:36:2f:1f:b1:
b1:5f:a3:94:03:94:70:31:81:32:d5:72:4e:30:d6:
58:c8:95:3b:58:d5:99:64:be:6a:15:47:87:96:a2:
6c:da:f6:cc:9c:42:07:eb:d7:d9:22:90:52:6d:6e:
a0:6c:08:f1:25:2c:f3:e8:f7:89:f8:2f:b4:39:fe:
bb:24:83:a0:b6:5a:aa:3f:59:1f:77:70:a1:0c:d1:
b2:37:2c:b6:0a:45:e9:f4:d0:d2:f8:08:c0:6f:aa:
f5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:09:F3:44:28:E8:0D:B4:F3:37:B8:B7:12:72:B9:13:0E:E5:BC:A4
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/XQnzRCjoDbTzN7i3EnK5Ew7lvKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.120.0/21
Signature Algorithm: sha256WithRSAEncryption
57:98:4a:31:3f:91:8f:4c:87:42:fd:f9:0e:c8:1d:4b:cb:53:
85:0c:d9:46:e2:78:19:fe:90:27:8a:11:a6:e7:19:a0:2f:64:
43:ab:84:73:32:ea:5e:7e:a3:44:0b:d5:c6:cc:70:01:bd:26:
5a:96:12:99:21:47:d0:98:5b:4f:6a:70:5a:7d:15:68:49:21:
e2:28:4c:30:e4:7b:7a:6c:35:bf:8f:e0:dd:d3:f8:25:76:30:
04:d4:a5:4f:c1:bd:6e:84:ab:81:f1:bb:a2:f9:1a:d8:eb:f6:
56:7e:07:45:b5:90:ed:17:9f:fe:6c:29:05:77:47:e6:f0:1e:
40:e2:bb:a8:07:b6:f0:b5:ff:b2:61:90:ac:14:7d:ad:ab:fd:
cf:31:83:a3:f0:eb:ac:bc:74:65:a8:db:a2:05:59:9b:c8:c8:
96:ae:a0:4a:0f:31:a1:2e:c8:73:a7:70:09:f2:4c:95:48:71:
e5:35:ff:1f:3a:21:15:ed:c8:66:ff:1f:10:a0:d7:32:b5:d0:
5f:14:6d:d9:87:de:85:c0:54:85:10:3a:e9:66:62:67:26:37:
07:ba:64:b5:f6:ae:89:9a:e8:90:95:d7:d0:d5:9e:d2:3f:42:
14:60:bd:d8:0f:e9:05:9d:72:55:e5:55:a3:99:7d:28:50:1a:
10:4c:1c:2b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBdVJkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDYw
NTE4MDYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQwOWYzNDQyOGU4
MGRiNGYzMzdiOGI3MTI3MmI5MTMwZWU1YmNhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSQbEhWA47ZL0Ik4ehZNmWJEcpnTo1RK5VOmQPcCjMoZF6S
xTJptFLfIL7A82HAY1R99tDlG91sclfSFJK1+bt7ig6NBLmjkBuu8feOaKLcOjo4
FP8T/weSSJe2OYa7kBGJOVRqWis9CsSej7vNni8Dji1+3oQRK5ZH55Tiky0g1leL
bze7fBsVvgjTdmfJO9Vzspen2UH+sJ0OzL+y/4A2Lx+xsV+jlAOUcDGBMtVyTjDW
WMiVO1jVmWS+ahVHh5aibNr2zJxCB+vX2SKQUm1uoGwI8SUs8+j3ifgvtDn+uySD
oLZaqj9ZH3dwoQzRsjcstgpF6fTQ0vgIwG+q9ccCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRdCfNEKOgNtPM3uLcScrkTDuW8pDAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L1hRbnpSQ2pvRGJUek43aTNFbks1RXc3bHZLUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8HpeDANBgkqhkiG9w0BAQsFAAOC
AQEAV5hKMT+Rj0yHQv35DsgdS8tThQzZRuJ4Gf6QJ4oRpucZoC9kQ6uEczLqXn6j
RAvVxsxwAb0mWpYSmSFH0JhbT2pwWn0VaEkh4ihMMOR7emw1v4/g3dP4JXYwBNSl
T8G9boSrgfG7ovka2Ov2Vn4HRbWQ7Ref/mwpBXdH5vAeQOK7qAe28LX/smGQrBR9
rav9zzGDo/DrrLx0ZajbogVZm8jIlq6gSg8xoS7Ic6dwCfJMlUhx5TX/HzohFe3I
Zv8fEKDXMrXQXxRt2YfehcBUhRA66WZiZyY3B7pktfauiZrokJXX0NWe0j9CFGC9
2A/pBZ1yVeVVo5l9KFAaEEwcKw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org