Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ZvfDlpiVmwxB3G2IlEbu_0OtwGM.roa
File: ZvfDlpiVmwxB3G2IlEbu_0OtwGM.roa (raw, json)
Hash identifier: uGHM2yn1Neo135+Ht4f9Nb+p4BMrSrz7129PVAMPM1A=
Subject key identifier: 66:F7:C3:96:98:95:9B:0C:41:DC:6D:88:94:46:EE:FF:43:AD:C0:63
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018410CA20017E0189CA2A4FCE8C34015E79
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ZvfDlpiVmwxB3G2IlEbu_0OtwGM.roa
Signing time: Tue 25 Oct 2022 20:16:32 +0000
ROA not before: Tue 25 Oct 2022 20:16:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51659
IP address blocks: 193.233.16.0/24 maxlen: 24
193.233.19.0/24 maxlen: 24
193.233.18.0/24 maxlen: 24
193.233.252.0/22 maxlen: 22
193.233.192.0/22 maxlen: 22
193.233.84.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:ca:20:01:7e:01:89:ca:2a:4f:ce:8c:34:01:5e:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Oct 25 20:16:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66f7c39698959b0c41dc6d889446eeff43adc063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:76:71:f4:64:18:d6:a8:39:3f:3b:21:39:07:
31:0c:99:f7:89:60:cd:78:04:54:a5:f2:a9:65:64:
0c:4c:aa:68:ce:1e:8d:14:c3:c8:22:e1:39:0b:56:
ad:b2:81:e7:60:e9:36:1c:f4:6f:dd:c9:56:21:bb:
c4:2c:71:de:a9:01:d7:07:cb:b2:e7:69:23:7a:16:
e5:55:61:6c:6a:77:b6:62:3b:f4:7f:cb:fd:dd:15:
24:87:55:13:4c:4c:41:5f:ba:33:8f:dd:7d:4a:7d:
c0:80:80:a1:cf:18:d4:8a:aa:c4:a2:21:16:26:a1:
bd:94:c0:e1:bb:a9:3f:9c:64:2b:bf:75:a0:7f:81:
46:fb:e7:95:e8:f9:f8:4a:fc:bc:b3:fb:af:ab:09:
23:2f:19:af:04:e0:b2:41:56:16:81:ee:dd:f9:01:
e3:c1:52:b7:09:77:d8:4c:62:29:78:0a:8c:90:d1:
bb:30:87:25:9c:31:b9:dc:04:62:94:e5:11:67:35:
f6:71:0e:55:f4:9d:83:64:97:69:7e:34:e7:46:7b:
41:26:fc:79:cd:61:f1:92:a5:a5:7d:04:c1:11:87:
82:9f:03:04:c8:92:f3:b4:b0:a0:13:f2:db:95:c4:
d2:2a:93:ef:78:40:52:91:91:91:f5:99:f3:7e:6b:
ef:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F7:C3:96:98:95:9B:0C:41:DC:6D:88:94:46:EE:FF:43:AD:C0:63
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ZvfDlpiVmwxB3G2IlEbu_0OtwGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.16.0/24
193.233.18.0/23
193.233.84.0/22
193.233.192.0/22
193.233.252.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:6e:f9:fc:63:2f:53:12:78:b8:11:5c:f8:c9:89:6c:01:f4:
e1:15:4d:97:28:0f:d9:97:7d:cf:20:a3:5b:b0:2b:2e:ed:a1:
40:fa:4c:7a:e3:15:cb:0c:ff:37:e0:fe:b5:cb:c3:5f:7f:a6:
ee:17:b3:6b:cc:46:dc:e1:61:45:38:6a:f2:19:0d:b4:3e:f2:
79:92:fc:99:ce:0b:bb:75:0c:d0:55:48:92:33:31:cd:cd:52:
6b:96:e5:ee:f1:eb:ba:18:3c:cd:e8:7b:d3:98:0b:e7:ae:a4:
9a:36:a6:31:f5:c9:5a:07:07:56:ba:18:bd:30:56:32:09:19:
1d:53:33:3a:75:ea:19:e6:88:6f:17:8d:97:87:ee:36:7b:d0:
04:60:4e:15:50:67:41:1e:62:8b:a5:9b:b6:cd:8c:af:19:16:
83:cb:6b:90:3c:0f:ba:db:50:de:f0:46:49:bb:be:44:f9:a9:
cf:25:02:13:5e:b3:ad:99:1e:41:20:69:82:d4:10:53:5b:b3:
98:80:c5:06:14:06:a7:89:a1:ec:81:6c:4d:6e:11:d9:f9:fe:
a5:26:3f:e2:72:17:ee:94:1a:dd:58:f6:9e:74:cc:4e:13:6d:
28:95:bb:62:13:aa:48:a9:07:86:fd:2e:aa:e0:75:47:a6:a3:
d3:19:da:78
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQQyiABfgGJyipPzow0AV55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMDI1MjAxNjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmY3YzM5Njk4OTU5YjBjNDFkYzZkODg5NDQ2ZWVmZjQzYWRjMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3Zx9GQY1qg5PzshOQcxDJn3iWDN
eARUpfKpZWQMTKpozh6NFMPIIuE5C1atsoHnYOk2HPRv3clWIbvELHHeqQHXB8uy
52kjehblVWFsane2Yjv0f8v93RUkh1UTTExBX7ozj919Sn3AgIChzxjUiqrEoiEW
JqG9lMDhu6k/nGQrv3Wgf4FG++eV6Pn4Svy8s/uvqwkjLxmvBOCyQVYWge7d+QHj
wVK3CXfYTGIpeAqMkNG7MIclnDG53ARilOURZzX2cQ5V9J2DZJdpfjTnRntBJvx5
zWHxkqWlfQTBEYeCnwMEyJLztLCgE/LblcTSKpPveEBSkZGR9ZnzfmvvYQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGb3w5aYlZsMQdxtiJRG7v9DrcBjMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvWnZmRGxwaVZtd3hCM0cySWxFYnVfME90d0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwekQAwQB
wekSAwQCwelUAwQCwenAAwQCwen8MA0GCSqGSIb3DQEBCwUAA4IBAQAObvn8Yy9T
Eni4EVz4yYlsAfThFU2XKA/Zl33PIKNbsCsu7aFA+kx64xXLDP834P61y8Nff6bu
F7NrzEbc4WFFOGryGQ20PvJ5kvyZzgu7dQzQVUiSMzHNzVJrluXu8eu6GDzN6HvT
mAvnrqSaNqYx9claBwdWuhi9MFYyCRkdUzM6deoZ5ohvF42Xh+42e9AEYE4VUGdB
HmKLpZu2zYyvGRaDy2uQPA+621De8EZJu75E+anPJQITXrOtmR5BIGmC1BBTW7OY
gMUGFAaniaHsgWxNbhHZ+f6lJj/ichfulBrdWPaedMxOE20olbtiE6pIqQeG/S6q
4HVHpqPTGdp4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org