Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bP3SScKMWNq2EvT1vPQkBrlv2XE.roa
File: bP3SScKMWNq2EvT1vPQkBrlv2XE.roa (raw, json)
Hash identifier: DWrqOg8FnHrjYSbyNSRXO5/lsyjB9I3QOEaKsQckbSw=
Subject key identifier: 6C:FD:D2:49:C2:8C:58:DA:B6:12:F4:F5:BC:F4:24:06:B9:6F:D9:71
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 04239A3D
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bP3SScKMWNq2EvT1vPQkBrlv2XE.roa
Signing time: Sat 01 Jan 2022 12:04:53 +0000
ROA not before: Sat 01 Jan 2022 12:04:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8480
IP address blocks: 193.233.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69442109 (0x4239a3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 12:04:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6cfdd249c28c58dab612f4f5bcf42406b96fd971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:05:85:e7:e0:2b:52:f8:f0:4a:47:e6:7e:d4:
03:cb:23:ab:23:e2:e8:d2:03:86:24:1f:90:7b:c5:
6c:0d:72:2a:96:61:7c:7a:6b:c3:b5:f8:7d:4b:97:
a5:eb:3c:69:f0:50:fb:14:2a:3e:f3:c5:d1:33:44:
97:61:a3:d1:de:77:f2:7e:65:a3:3e:7d:23:5d:a0:
e5:d8:3a:84:3f:ac:eb:4c:65:93:2c:ac:d7:99:28:
52:97:ed:a4:18:e4:b6:a5:0c:f5:8d:1f:40:af:5e:
0c:aa:93:48:c1:b1:3e:da:22:2f:21:fb:5f:b9:ea:
7a:bd:4f:dd:58:f8:dc:0c:f2:e5:21:bc:72:16:3f:
4e:d8:21:8f:1b:09:cf:e3:25:93:42:e6:86:cd:3d:
48:f9:70:45:3b:c7:a3:9f:98:9f:13:04:57:31:95:
85:95:60:c4:37:30:24:56:48:3c:72:4a:d2:91:20:
49:ff:b1:99:51:69:5f:4d:06:bf:a1:47:36:22:84:
96:89:6b:b9:39:82:60:fa:e0:86:82:8d:e1:69:99:
b1:95:ff:61:55:80:34:3a:34:7c:c7:e8:34:7f:84:
9e:47:6d:88:9e:e4:2e:f2:c1:07:a8:3c:e8:da:0f:
42:49:31:92:56:ae:b0:5d:e6:e6:92:c8:5f:4f:d1:
c2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:FD:D2:49:C2:8C:58:DA:B6:12:F4:F5:BC:F4:24:06:B9:6F:D9:71
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bP3SScKMWNq2EvT1vPQkBrlv2XE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.144.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:f7:67:22:b9:ad:29:e0:0c:6f:8f:11:be:13:b5:07:71:e1:
75:23:f6:50:14:f1:c1:e6:9e:76:f6:4d:e6:f5:0b:dc:0a:2d:
b0:5d:0d:2c:fb:cf:22:e8:b2:5f:b7:e2:3d:bc:92:b7:9e:3f:
9a:e9:fe:f8:28:76:8b:33:bd:f7:82:73:08:b3:bc:f3:86:6d:
34:64:22:0f:71:66:62:01:b0:85:fd:0d:d1:d1:88:29:c3:8b:
ba:bb:7c:24:a0:97:45:87:a4:15:a4:8a:1f:c3:08:3d:ae:ee:
b4:1a:c3:96:b0:05:e6:dc:53:9b:5d:9e:11:6f:68:a6:b4:62:
a8:ae:71:99:4b:fa:e6:3c:ef:17:2a:62:6a:34:7a:92:36:54:
2a:71:fb:fd:9c:61:fe:37:f0:a5:20:4b:6f:b2:bf:f0:6e:e9:
55:2b:d2:b5:c8:24:50:9e:42:14:02:59:7a:cd:91:ed:8c:75:
71:92:a5:91:6d:9e:aa:71:ec:49:43:79:d3:15:28:39:99:21:
96:27:0e:19:78:f1:f0:2e:86:80:04:2f:9d:f6:e2:89:f8:15:
0a:a5:08:3a:ba:0b:f2:9c:ed:30:e7:4f:bf:2f:c9:5c:e9:50:
4a:e3:4f:34:10:a8:39:7e:ee:4d:0e:0c:e5:81:88:55:03:28:
d6:44:55:15
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCOaPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEw
MTEyMDQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmNmZGQyNDljMjhj
NThkYWI2MTJmNGY1YmNmNDI0MDZiOTZmZDk3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkFhefgK1L48EpH5n7UA8sjqyPi6NIDhiQfkHvFbA1yKpZh
fHprw7X4fUuXpes8afBQ+xQqPvPF0TNEl2Gj0d538n5loz59I12g5dg6hD+s60xl
kyys15koUpftpBjktqUM9Y0fQK9eDKqTSMGxPtoiLyH7X7nqer1P3Vj43Azy5SG8
chY/TtghjxsJz+Mlk0Lmhs09SPlwRTvHo5+YnxMEVzGVhZVgxDcwJFZIPHJK0pEg
Sf+xmVFpX00Gv6FHNiKElolruTmCYPrghoKN4WmZsZX/YVWANDo0fMfoNH+Enkdt
iJ7kLvLBB6g86NoPQkkxklausF3m5pLIX0/RwiUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRs/dJJwoxY2rYS9PW89CQGuW/ZcTAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L2JQM1NTY0tNV05xMkV2VDF2UFFrQnJsdjJYRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsHpkDANBgkqhkiG9w0BAQsFAAOC
AQEAb/dnIrmtKeAMb48RvhO1B3HhdSP2UBTxweaedvZN5vUL3AotsF0NLPvPIuiy
X7fiPbySt54/mun++Ch2izO994JzCLO884ZtNGQiD3FmYgGwhf0N0dGIKcOLurt8
JKCXRYekFaSKH8MIPa7utBrDlrAF5txTm12eEW9oprRiqK5xmUv65jzvFypiajR6
kjZUKnH7/Zxh/jfwpSBLb7K/8G7pVSvStcgkUJ5CFAJZes2R7Yx1cZKlkW2eqnHs
SUN50xUoOZkhlicOGXjx8C6GgAQvnfbiifgVCqUIOroL8pztMOdPvy/JXOlQSuNP
NBCoOX7uTQ4M5YGIVQMo1kRVFQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-ams.rpki-client.org