Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dNRQhyayoa7OVs4ONz0FxJgLbFc.roa
File: dNRQhyayoa7OVs4ONz0FxJgLbFc.roa (raw, json)
Hash identifier: jF+AnDsh1lMKdejKkVAHkEe6vDYkUaFqUKApfPdOqIA=
Subject key identifier: 74:D4:50:87:26:B2:A1:AE:CE:56:CE:0E:37:3D:05:C4:98:0B:6C:57
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 043C05BE
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dNRQhyayoa7OVs4ONz0FxJgLbFc.roa
Signing time: Sat 01 Jan 2022 12:05:06 +0000
ROA not before: Sat 01 Jan 2022 12:05:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209759
IP address blocks: 193.233.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71042494 (0x43c05be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 12:05:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74d4508726b2a1aece56ce0e373d05c4980b6c57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e3:6e:c1:3d:d0:c4:c1:61:44:f7:47:c9:9f:
59:07:bd:9c:3b:16:0e:53:12:af:41:a2:35:ba:df:
9a:2a:02:c2:22:ad:51:74:85:14:1e:77:e0:4d:ec:
f7:88:50:6c:45:8f:f9:db:52:4c:a4:83:cb:de:f4:
0b:d0:f3:5c:c1:18:bf:6d:cb:a3:a7:3a:4f:8c:7a:
28:6d:23:0c:5d:76:7e:d2:7e:f6:2a:63:db:87:17:
92:5c:fe:08:66:2e:00:48:d6:96:3a:17:90:2c:99:
6d:67:94:d6:67:8d:2d:bb:1e:cf:13:24:34:3e:76:
83:ac:b5:9b:1d:50:e3:8d:28:5d:c2:1b:b5:ec:8b:
26:a3:cb:d2:1b:df:e8:88:77:74:01:5b:ea:4e:67:
f4:bf:e5:f5:2e:6d:df:0d:3b:eb:73:cd:94:69:33:
e1:90:d2:f6:e8:c0:a5:bc:ec:45:3a:a3:8b:ff:16:
18:21:9c:3c:23:a3:20:a2:d7:49:3a:08:f0:d4:45:
c0:c2:2f:f0:31:d9:3f:0a:4a:1d:02:a9:9d:5a:6f:
6d:e3:a9:3d:10:2f:01:85:8c:c9:7f:45:b0:fb:9d:
50:87:cc:23:38:9f:c5:a6:14:cf:ac:9d:bb:02:e6:
77:0c:96:70:6e:93:a2:4a:0d:54:17:3c:39:76:b1:
8b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:D4:50:87:26:B2:A1:AE:CE:56:CE:0E:37:3D:05:C4:98:0B:6C:57
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dNRQhyayoa7OVs4ONz0FxJgLbFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.244.0/22
Signature Algorithm: sha256WithRSAEncryption
98:0f:1d:46:5a:44:f7:c0:ad:d3:0c:5e:76:b6:67:a0:10:e8:
ce:62:3a:42:01:6a:1a:53:2e:63:e2:fe:c9:8e:c3:ba:6e:a5:
bf:4e:d7:0f:96:b9:5e:6c:dc:be:85:7a:0f:f7:06:48:cc:da:
66:a6:4b:96:99:d6:f6:39:b7:f9:5f:86:95:cc:08:c5:6b:52:
3a:90:a4:7a:f0:6d:2c:49:87:59:4f:e3:bd:0c:ca:7a:53:58:
7d:6c:a1:45:46:ee:60:a4:98:6f:6e:dd:c3:32:fb:d8:0a:56:
14:f3:6d:e8:fa:bf:e5:09:8a:01:89:10:2b:79:c5:85:ac:9c:
ea:6e:02:65:67:00:1e:ca:83:d3:2b:21:5c:4a:b8:f6:03:e9:
d1:54:bc:88:62:2b:f5:81:8a:ed:3c:41:c0:d5:ff:97:0a:c0:
48:81:49:0c:5d:fd:22:93:5f:12:19:16:3d:8c:8a:92:24:89:
bb:13:22:b6:74:e0:6d:f8:5d:03:c9:4f:85:86:63:23:8d:9a:
80:26:28:91:da:7d:77:cf:4f:d6:3c:6b:38:1a:ef:a3:4c:8c:
4f:75:e4:1f:a9:6f:34:61:2a:69:9b:dc:8e:54:da:e8:c4:27:
f4:29:be:c4:27:fe:a5:70:a5:0f:5a:fe:18:6f:45:a4:c3:cd:
08:25:8f:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBDwFvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEw
MTEyMDUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRkNDUwODcyNmIy
YTFhZWNlNTZjZTBlMzczZDA1YzQ5ODBiNmM1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPjbsE90MTBYUT3R8mfWQe9nDsWDlMSr0GiNbrfmioCwiKt
UXSFFB534E3s94hQbEWP+dtSTKSDy970C9DzXMEYv23Lo6c6T4x6KG0jDF12ftJ+
9ipj24cXklz+CGYuAEjWljoXkCyZbWeU1meNLbsezxMkND52g6y1mx1Q440oXcIb
teyLJqPL0hvf6Ih3dAFb6k5n9L/l9S5t3w0763PNlGkz4ZDS9ujApbzsRTqji/8W
GCGcPCOjIKLXSToI8NRFwMIv8DHZPwpKHQKpnVpvbeOpPRAvAYWMyX9FsPudUIfM
IzifxaYUz6yduwLmdwyWcG6TokoNVBc8OXaxi+ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR01FCHJrKhrs5Wzg43PQXEmAtsVzAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L2ROUlFoeWF5b2E3T1ZzNE9OejBGeEpnTGJGYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsHp9DANBgkqhkiG9w0BAQsFAAOC
AQEAmA8dRlpE98Ct0wxedrZnoBDozmI6QgFqGlMuY+L+yY7Dum6lv07XD5a5Xmzc
voV6D/cGSMzaZqZLlpnW9jm3+V+GlcwIxWtSOpCkevBtLEmHWU/jvQzKelNYfWyh
RUbuYKSYb27dwzL72ApWFPNt6Pq/5QmKAYkQK3nFhayc6m4CZWcAHsqD0yshXEq4
9gPp0VS8iGIr9YGK7TxBwNX/lwrASIFJDF39IpNfEhkWPYyKkiSJuxMitnTgbfhd
A8lPhYZjI42agCYokdp9d89P1jxrOBrvo0yMT3XkH6lvNGEqaZvcjlTa6MQn9Cm+
xCf+pXClD1r+GG9FpMPNCCWPCQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org