Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bXsnR4vQnk1McjgivkfTWk3YntY.roa
File: bXsnR4vQnk1McjgivkfTWk3YntY.roa (raw, json)
Hash identifier: XYR3rC8M4X47k9KYpg2TlaBB9ynZtFKSdXOb7s2D4AM=
Subject key identifier: 6D:7B:27:47:8B:D0:9E:4D:4C:72:38:22:BE:47:D3:5A:4D:D8:9E:D6
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0184BE37FF4F255E4577FC76D321C7BAA673
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bXsnR4vQnk1McjgivkfTWk3YntY.roa
Signing time: Mon 28 Nov 2022 12:30:51 +0000
ROA not before: Mon 28 Nov 2022 12:30:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43444
IP address blocks: 193.233.128.0/22 maxlen: 22
193.233.216.0/22 maxlen: 22
193.233.220.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:37:ff:4f:25:5e:45:77:fc:76:d3:21:c7:ba:a6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Nov 28 12:30:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d7b27478bd09e4d4c723822be47d35a4dd89ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7a:85:26:4b:ea:45:18:51:4d:26:30:1c:52:
4d:53:94:a4:c7:7b:79:bd:fc:9b:4b:d5:0c:08:82:
f0:7b:d3:99:c3:b1:10:c6:d6:74:62:d5:43:06:dd:
e2:63:14:34:f9:c3:24:45:4b:47:14:68:c5:d6:59:
39:df:40:96:6b:56:c3:c9:43:37:86:e8:6c:f7:85:
83:c7:4a:93:08:89:cc:f7:a1:b4:ca:c6:6e:9e:37:
7d:5d:ab:90:ef:20:3a:a8:c1:b8:c9:6a:a2:00:9d:
71:8e:d4:07:e4:67:fb:9b:f2:45:04:7f:1e:f1:89:
b7:9f:81:19:d5:d2:06:95:69:1d:69:0f:15:11:8b:
31:7f:07:75:8d:71:6c:08:22:2f:97:ed:e7:09:2a:
26:ee:db:7b:6c:71:ea:d5:0d:5f:e9:99:b3:93:8f:
54:c4:e1:52:75:78:32:85:8c:50:bc:21:05:20:db:
a0:34:9f:d4:b2:2f:40:7f:56:a5:c0:f6:bd:3d:08:
38:57:6c:2e:c1:6d:94:b0:37:2c:23:6e:21:06:f8:
64:37:36:09:1f:db:b4:ca:63:36:2f:a0:14:e3:6c:
0b:7a:3b:df:d8:25:8a:e1:64:5c:32:1f:10:ba:23:
ec:b9:2a:8b:30:a3:5c:3e:e4:63:aa:b7:81:a9:b2:
7b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:7B:27:47:8B:D0:9E:4D:4C:72:38:22:BE:47:D3:5A:4D:D8:9E:D6
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bXsnR4vQnk1McjgivkfTWk3YntY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.128.0/22
193.233.216.0-193.233.221.255
Signature Algorithm: sha256WithRSAEncryption
08:06:e2:d6:55:f2:9a:29:17:7e:b1:6f:0c:0c:5d:b7:8b:80:
59:4f:23:2d:6c:1a:58:3b:c8:9f:4a:a6:33:e1:ca:d1:59:b4:
1b:0c:87:a9:54:88:00:c2:55:7c:04:48:b7:22:63:e6:a7:87:
ed:bf:72:82:2c:27:e1:0d:b4:b8:23:d3:40:94:07:8f:62:68:
6c:d2:46:11:16:91:b9:f2:6a:ed:08:73:63:fc:03:7e:b6:50:
d1:a0:14:c2:79:0a:dc:54:74:3b:82:11:d5:c7:d5:1f:00:92:
93:74:4c:2f:60:3f:1a:2b:a7:9c:73:cc:51:c8:c9:9e:9a:bd:
2c:65:eb:56:3c:d2:33:58:65:1f:87:7b:a2:2b:8c:ac:4c:84:
0f:0a:61:71:11:3e:7f:08:49:5d:3a:88:73:9f:d0:ec:4a:ad:
4c:e7:f7:53:45:f6:98:1a:e6:98:77:ec:37:38:af:1a:0b:64:
cb:24:63:59:9c:1c:61:71:40:a6:11:5f:80:01:92:da:a0:26:
1b:0f:29:60:67:89:51:4a:ae:5f:51:8c:f7:51:b4:77:ef:b1:
53:60:1b:9c:5b:68:1c:79:3a:02:79:a3:7b:e8:f6:c7:bb:85:
db:75:2c:48:22:32:1b:21:28:cb:2d:b7:71:fc:08:f9:b2:e2:
e5:9f:c5:15
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYS+N/9PJV5Fd/x20yHHuqZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMTI4MTIzMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDdiMjc0NzhiZDA5ZTRkNGM3MjM4MjJiZTQ3ZDM1YTRkZDg5ZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3qFJkvqRRhRTSYwHFJNU5Skx3t5
vfybS9UMCILwe9OZw7EQxtZ0YtVDBt3iYxQ0+cMkRUtHFGjF1lk530CWa1bDyUM3
huhs94WDx0qTCInM96G0ysZunjd9XauQ7yA6qMG4yWqiAJ1xjtQH5Gf7m/JFBH8e
8Ym3n4EZ1dIGlWkdaQ8VEYsxfwd1jXFsCCIvl+3nCSom7tt7bHHq1Q1f6Zmzk49U
xOFSdXgyhYxQvCEFINugNJ/Usi9Af1alwPa9PQg4V2wuwW2UsDcsI24hBvhkNzYJ
H9u0ymM2L6AU42wLejvf2CWK4WRcMh8QuiPsuSqLMKNcPuRjqreBqbJ7mwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFG17J0eL0J5NTHI4Ir5H01pN2J7WMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvYlhzblI0dlFuazFNY2pnaXZrZlRXazNZbnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCwemAMAwD
BAPB6dgDBAHB6dwwDQYJKoZIhvcNAQELBQADggEBAAgG4tZV8popF36xbwwMXbeL
gFlPIy1sGlg7yJ9KpjPhytFZtBsMh6lUiADCVXwESLciY+anh+2/coIsJ+ENtLgj
00CUB49iaGzSRhEWkbnyau0Ic2P8A362UNGgFMJ5CtxUdDuCEdXH1R8AkpN0TC9g
Pxorp5xzzFHIyZ6avSxl61Y80jNYZR+He6IrjKxMhA8KYXERPn8ISV06iHOf0OxK
rUzn91NF9pga5ph37Dc4rxoLZMskY1mcHGFxQKYRX4ABktqgJhsPKWBniVFKrl9R
jPdRtHfvsVNgG5xbaBx5OgJ5o3vo9se7hdt1LEgiMhshKMstt3H8CPmy4uWfxRU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org