Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/aaSMMPEJNc2xCrI6XvkoIlwOhzI.roa
File: aaSMMPEJNc2xCrI6XvkoIlwOhzI.roa (raw, json)
Hash identifier: cdA0Xl/FJgKyiiM2xhbdDPxYvRfsavxDE/qVMnmPdA4=
Subject key identifier: 69:A4:8C:30:F1:09:35:CD:B1:0A:B2:3A:5E:F9:28:22:5C:0E:87:32
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018414800A8A49E23F53E72AC4BA29886991
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/aaSMMPEJNc2xCrI6XvkoIlwOhzI.roa
Signing time: Wed 26 Oct 2022 13:34:06 +0000
ROA not before: Wed 26 Oct 2022 13:34:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51659
IP address blocks: 193.233.16.0/24 maxlen: 24
193.233.19.0/24 maxlen: 24
193.233.18.0/24 maxlen: 24
193.233.84.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:14:80:0a:8a:49:e2:3f:53:e7:2a:c4:ba:29:88:69:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Oct 26 13:34:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69a48c30f10935cdb10ab23a5ef928225c0e8732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8a:eb:8b:bc:9f:74:fd:39:0e:3e:cd:32:16:
82:2b:44:dd:76:3d:e4:35:12:b2:3e:d4:1b:34:ae:
f3:bd:77:44:bd:e1:98:79:bc:15:7b:2b:e6:49:fd:
07:ef:f8:7e:0f:3c:12:61:98:2d:d0:7f:6a:da:5d:
73:54:89:7b:bf:d1:50:58:82:b8:9b:c2:50:98:74:
f1:fb:f7:b8:25:c8:3c:54:62:76:46:98:48:14:4c:
d4:cd:4b:70:dd:28:78:5c:ca:97:78:99:9b:af:60:
6d:82:14:4d:b2:86:93:d4:df:88:a8:48:56:f5:80:
d8:f4:fc:f2:a3:98:5c:4a:f0:dc:4c:c4:c6:73:56:
46:c5:8f:2c:98:54:b4:d8:da:3c:62:6c:87:ae:2a:
26:b8:bc:00:93:a7:14:6b:48:85:94:d3:d8:c4:77:
42:bc:5f:9c:b0:cb:d2:15:31:a7:c3:97:d1:3a:f9:
66:41:bc:95:bd:1d:e5:3a:89:70:eb:ea:ae:e5:54:
6c:aa:97:68:02:28:9d:7b:9b:30:b7:a8:47:a8:e0:
1e:ca:a2:9c:23:6c:e0:27:14:36:17:f0:42:89:6a:
a2:82:8f:1c:c7:4d:c8:b1:3e:81:4b:a7:10:37:a3:
9b:58:37:e3:a3:ff:72:73:cb:b2:bf:b8:1b:fd:07:
09:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A4:8C:30:F1:09:35:CD:B1:0A:B2:3A:5E:F9:28:22:5C:0E:87:32
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/aaSMMPEJNc2xCrI6XvkoIlwOhzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.16.0/24
193.233.18.0/23
193.233.84.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:31:ea:46:83:52:b5:b9:7a:0d:18:4d:d1:9f:2d:75:4f:65:
c6:f9:5f:66:c7:76:5e:08:d8:69:7b:c6:40:66:34:d9:4d:47:
f0:f8:16:cd:b0:96:80:ed:d3:c1:a4:fc:b0:45:6d:95:e8:39:
48:28:a4:f1:30:d8:0a:03:1b:fb:87:3f:e0:93:02:9f:dc:22:
46:7f:3d:f3:35:ec:bd:fc:4a:5e:ff:8f:75:57:ae:93:ab:70:
be:4f:f3:47:3e:50:1f:8b:81:82:17:67:05:a4:9a:c0:66:20:
6c:9d:24:a2:e8:f8:4f:d6:dd:ab:4d:5d:05:6d:44:37:68:e2:
62:09:20:a3:53:41:5a:d1:f2:35:ea:75:e4:ee:63:8d:93:70:
88:1b:30:c3:7f:48:95:04:0c:7b:a4:24:b3:dc:c3:cc:55:60:
f1:55:43:92:ea:75:24:f1:74:09:62:1f:1a:60:1c:99:a3:32:
b8:3e:88:42:56:3e:5a:3a:a6:ec:c3:0a:57:06:e9:0e:46:ea:
37:05:3d:52:3b:7e:93:9e:10:50:3b:b0:bb:cb:d2:49:c3:ba:
73:e9:3d:71:2a:be:8f:65:81:4a:6a:ed:7f:e3:a8:84:3e:ca:
95:73:18:a0:64:22:92:60:5f:e2:bc:3f:2a:10:12:93:dd:57:
fe:11:b5:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQUgAqKSeI/U+cqxLopiGmRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMDI2MTMzNDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWE0OGMzMGYxMDkzNWNkYjEwYWIyM2E1ZWY5MjgyMjVjMGU4NzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYrri7yfdP05Dj7NMhaCK0Tddj3k
NRKyPtQbNK7zvXdEveGYebwVeyvmSf0H7/h+DzwSYZgt0H9q2l1zVIl7v9FQWIK4
m8JQmHTx+/e4Jcg8VGJ2RphIFEzUzUtw3Sh4XMqXeJmbr2BtghRNsoaT1N+IqEhW
9YDY9Pzyo5hcSvDcTMTGc1ZGxY8smFS02No8YmyHriomuLwAk6cUa0iFlNPYxHdC
vF+csMvSFTGnw5fROvlmQbyVvR3lOolw6+qu5VRsqpdoAiide5swt6hHqOAeyqKc
I2zgJxQ2F/BCiWqigo8cx03IsT6BS6cQN6ObWDfjo/9yc8uyv7gb/QcJtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGmkjDDxCTXNsQqyOl75KCJcDocyMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvYWFTTU1QRUpOYzJ4Q3JJNlh2a29JbHdPaHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwekQAwQB
wekSAwQCwelUMA0GCSqGSIb3DQEBCwUAA4IBAQCaMepGg1K1uXoNGE3Rny11T2XG
+V9mx3ZeCNhpe8ZAZjTZTUfw+BbNsJaA7dPBpPywRW2V6DlIKKTxMNgKAxv7hz/g
kwKf3CJGfz3zNey9/Epe/491V66Tq3C+T/NHPlAfi4GCF2cFpJrAZiBsnSSi6PhP
1t2rTV0FbUQ3aOJiCSCjU0Fa0fI16nXk7mONk3CIGzDDf0iVBAx7pCSz3MPMVWDx
VUOS6nUk8XQJYh8aYByZozK4PohCVj5aOqbswwpXBukORuo3BT1SO36TnhBQO7C7
y9JJw7pz6T1xKr6PZYFKau1/46iEPsqVcxigZCKSYF/ivD8qEBKT3Vf+EbUW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org