Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ahP0F9UYGBvUxtIblBFEtWWaD20.roa
File: ahP0F9UYGBvUxtIblBFEtWWaD20.roa (raw, json)
Hash identifier: Pz9w8fAkk+gIrjwKJ+agC/E31qod2LwPB3BkXGIBduM=
Subject key identifier: 6A:13:F4:17:D5:18:18:1B:D4:C6:D2:1B:94:11:44:B5:65:9A:0F:6D
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0183141B0BE4A1D6FC2F8C836ABF594A87B1
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ahP0F9UYGBvUxtIblBFEtWWaD20.roa
Signing time: Tue 06 Sep 2022 18:40:59 +0000
ROA not before: Tue 06 Sep 2022 18:40:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2895
IP address blocks: 185.103.100.0/22 maxlen: 22
147.45.0.0/16 maxlen: 16
193.233.4.0/24 maxlen: 24
193.233.0.0/22 maxlen: 22
193.233.10.0/23 maxlen: 23
193.233.8.0/24 maxlen: 24
2001:640::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:14:1b:0b:e4:a1:d6:fc:2f:8c:83:6a:bf:59:4a:87:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 6 18:40:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a13f417d518181bd4c6d21b941144b5659a0f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:77:2f:a7:ad:00:5b:b4:cd:0b:ce:6c:7c:4a:
51:79:00:3b:7b:b5:c6:c8:05:09:11:a1:6b:4b:fc:
7a:d7:d7:4e:01:40:82:86:0c:88:64:91:b5:d8:2a:
0e:62:18:2f:c6:bc:37:79:3b:23:9c:5a:0e:cd:61:
17:86:39:ce:1b:1b:3b:ab:3e:59:b5:9c:01:5d:cd:
81:1b:f1:20:cb:ec:1d:bf:ad:53:b3:29:71:95:c3:
3e:75:48:9a:9f:d8:0a:67:e4:cb:8b:ce:da:cf:8d:
e5:28:e1:5a:84:e1:a9:fd:50:07:65:b9:a1:82:f9:
fe:e7:c0:6a:cc:6c:5b:58:2d:30:f4:6a:51:2f:43:
98:e9:fc:e0:7f:cc:38:d6:f6:d1:4e:e1:56:9f:d1:
1e:0e:a5:25:98:2a:90:40:96:84:f4:b9:64:93:c3:
1e:46:28:f3:dc:4c:d1:b8:49:6d:5a:65:85:e7:b5:
c7:a3:8c:26:68:07:ff:29:b0:dd:5e:7b:d4:b6:6c:
93:95:5b:b7:d6:4d:2c:fd:71:bb:93:9d:bd:07:e2:
6a:f6:29:e5:9c:c6:61:a9:78:c2:ab:0c:4c:c4:cc:
24:67:fc:a1:4d:19:6d:82:c2:8e:45:0d:f6:46:37:
7c:9f:d1:83:3c:15:74:ec:67:26:fd:ad:25:84:99:
16:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:13:F4:17:D5:18:18:1B:D4:C6:D2:1B:94:11:44:B5:65:9A:0F:6D
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ahP0F9UYGBvUxtIblBFEtWWaD20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.0.0/16
185.103.100.0/22
193.233.0.0-193.233.4.255
193.233.8.0/24
193.233.10.0/23
IPv6:
2001:640::/32
Signature Algorithm: sha256WithRSAEncryption
16:a5:61:d0:3f:c7:37:39:3a:53:86:fa:9e:02:8d:2a:f2:7c:
06:f4:26:04:e7:6f:58:32:14:56:46:1a:c3:ae:35:83:65:0b:
8d:b2:32:24:2e:05:00:2f:55:2d:66:86:c4:1a:b4:f8:16:5c:
bb:55:ae:f0:33:42:c5:23:e3:9b:f7:ea:03:76:b0:9c:37:fb:
cb:a0:b3:a1:bc:ee:4d:ce:a7:7e:b7:bb:65:21:74:90:99:0d:
ca:0f:a9:51:98:e9:40:2a:d4:b8:8b:aa:b6:83:00:3d:27:f9:
fc:5a:f5:d6:78:71:3a:44:75:14:a5:12:33:5d:8a:73:ff:58:
e6:07:87:fe:f7:89:e4:21:21:b8:88:06:e7:db:2b:9e:a9:82:
6f:f6:0b:8c:8e:aa:9f:f9:bf:3c:16:26:1f:fa:83:1f:7a:55:
42:bb:0c:a6:9f:10:15:36:2e:9a:70:b0:95:34:ab:8e:88:58:
02:94:8c:4f:24:f3:53:c0:a7:72:f6:81:9a:c0:71:ce:1c:f6:
49:bc:a9:1c:55:3b:3c:66:f8:c1:f9:c2:ca:84:70:57:47:7b:
68:cb:64:e7:8b:60:05:99:3a:f0:cb:77:2f:a9:06:fa:ec:fe:
79:ab:f7:3e:26:dc:a2:36:b2:3f:eb:f1:e7:85:38:f7:e9:a4:
c8:da:da:66
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYMUGwvkodb8L4yDar9ZSoexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwOTA2MTg0MDU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTEzZjQxN2Q1MTgxODFiZDRjNmQyMWI5NDExNDRiNTY1OWEwZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3cvp60AW7TNC85sfEpReQA7e7XG
yAUJEaFrS/x619dOAUCChgyIZJG12CoOYhgvxrw3eTsjnFoOzWEXhjnOGxs7qz5Z
tZwBXc2BG/Egy+wdv61TsylxlcM+dUian9gKZ+TLi87az43lKOFahOGp/VAHZbmh
gvn+58BqzGxbWC0w9GpRL0OY6fzgf8w41vbRTuFWn9EeDqUlmCqQQJaE9Llkk8Me
Rijz3EzRuEltWmWF57XHo4wmaAf/KbDdXnvUtmyTlVu31k0s/XG7k529B+Jq9inl
nMZhqXjCqwxMxMwkZ/yhTRltgsKORQ32Rjd8n9GDPBV07Gcm/a0lhJkW6wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGoT9BfVGBgb1MbSG5QRRLVlmg9tMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvYWhQMEY5VVlHQnZVeHRJYmxCRkV0V1dhRDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwMAky0DBAK5
Z2QwCwMDAMHpAwQAwekEAwQAwekIAwQBwekKMA0EAgACMAcDBQAgAQZAMA0GCSqG
SIb3DQEBCwUAA4IBAQAWpWHQP8c3OTpThvqeAo0q8nwG9CYE529YMhRWRhrDrjWD
ZQuNsjIkLgUAL1UtZobEGrT4Fly7Va7wM0LFI+Ob9+oDdrCcN/vLoLOhvO5Nzqd+
t7tlIXSQmQ3KD6lRmOlAKtS4i6q2gwA9J/n8WvXWeHE6RHUUpRIzXYpz/1jmB4f+
94nkISG4iAbn2yueqYJv9guMjqqf+b88FiYf+oMfelVCuwymnxAVNi6acLCVNKuO
iFgClIxPJPNTwKdy9oGawHHOHPZJvKkcVTs8ZvjB+cLKhHBXR3toy2Tni2AFmTrw
y3cvqQb67P55q/c+JtyiNrI/6/HnhTj36aTI2tpm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-ams.rpki-client.org