Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dZfsyV12epo30lNaEJF_3uiL5Zo.roa
File: dZfsyV12epo30lNaEJF_3uiL5Zo.roa (raw, json)
Hash identifier: Pby59ZzDiGom6qjZpeom2oyMyyKWp6h4dwV0QaA3j54=
Subject key identifier: 75:97:EC:C9:5D:76:7A:9A:37:D2:53:5A:10:91:7F:DE:E8:8B:E5:9A
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 043B7D5C
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dZfsyV12epo30lNaEJF_3uiL5Zo.roa
Signing time: Sat 01 Jan 2022 12:05:06 +0000
ROA not before: Sat 01 Jan 2022 12:05:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.120.0/22 maxlen: 22
193.233.124.0/23 maxlen: 23
193.233.126.0/23 maxlen: 23
193.233.96.0/22 maxlen: 22
193.233.104.0/22 maxlen: 22
193.233.112.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71007580 (0x43b7d5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 12:05:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7597ecc95d767a9a37d2535a10917fdee88be59a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f2:14:f6:b9:7c:63:84:d0:23:e6:e6:01:a4:
48:96:d6:32:2f:82:3d:6f:f6:68:e3:1c:0d:a4:57:
f8:46:37:45:44:d8:aa:22:0d:dc:95:09:f2:96:2e:
6b:e7:46:1a:9a:9a:6a:c3:cc:b4:fa:17:af:70:35:
fc:e5:42:7d:09:93:e1:fa:26:65:09:b9:32:e2:b9:
ff:31:f4:9d:67:cc:7f:25:42:be:c5:8e:86:77:08:
22:e6:0a:af:8b:62:1a:ed:5a:b1:ae:bf:5b:d7:ab:
8e:cd:34:a8:1a:07:1b:a8:1f:7f:3a:ef:5c:63:a3:
ce:15:17:16:fb:73:26:81:9e:d7:53:72:9d:91:19:
c8:47:a8:fd:e7:70:8b:1d:07:d7:a9:8e:4e:53:c5:
f0:11:7b:fc:da:98:8c:ce:69:0b:aa:e2:cc:17:c8:
bf:23:ee:51:73:4e:83:1d:ac:47:c1:d8:4c:19:49:
56:21:87:9f:2d:33:5e:be:a7:4d:07:1b:04:d7:1a:
c1:f2:e4:6c:a4:c5:30:a9:b1:7f:74:e8:72:e9:42:
34:b1:5d:c5:13:ce:a9:e0:96:5d:78:ab:94:a5:99:
e0:16:9d:df:22:93:39:61:5f:08:df:f7:4b:58:dc:
7e:3a:78:dc:b7:e5:fe:5d:9b:00:ca:46:16:aa:74:
89:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:97:EC:C9:5D:76:7A:9A:37:D2:53:5A:10:91:7F:DE:E8:8B:E5:9A
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dZfsyV12epo30lNaEJF_3uiL5Zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.96.0/22
193.233.104.0/22
193.233.112.0/22
193.233.120.0/21
Signature Algorithm: sha256WithRSAEncryption
64:1a:81:4b:66:ff:56:13:39:c5:64:7c:7b:1c:94:ac:b1:e7:
d4:27:7e:3f:12:ab:73:62:14:37:d2:ae:23:f8:0c:6c:57:46:
0a:1e:de:05:f4:f1:37:8d:d4:0e:82:15:88:03:e7:ad:68:9c:
b9:07:18:77:ea:3c:56:1b:b9:77:29:d3:98:1f:64:36:bd:0f:
e7:82:a8:87:eb:1a:97:4b:47:02:65:57:2d:0c:60:d6:35:e3:
b9:78:e2:28:99:ad:6d:7b:ee:71:ae:15:73:3f:af:6f:7f:af:
a5:6e:94:64:ed:bc:0e:4d:9f:12:0b:f0:e0:04:da:ee:dd:d9:
86:e5:74:db:c7:73:f8:2c:f8:50:e2:05:fb:0f:b0:80:41:ae:
ef:8a:10:6e:a2:82:61:93:0f:e7:9f:a4:1c:87:cd:fa:d4:4a:
e0:56:f1:e6:9d:74:7b:c1:09:9b:6a:78:24:cb:83:c1:3d:f0:
7f:9b:46:16:20:e7:54:3c:7d:f3:f7:fc:69:bf:4e:57:ca:26:
48:07:cc:e7:fa:9e:9f:79:e7:1b:7b:f3:6d:c4:56:7a:68:20:
69:43:95:bf:5a:f3:87:1a:3e:18:ed:a8:52:59:ea:22:e1:5e:
9c:af:4a:a9:72:b4:2f:6d:a8:d7:19:e2:33:a8:e9:21:c1:5a:
4f:30:37:05
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBDt9XDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEw
MTEyMDUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzU5N2VjYzk1ZDc2
N2E5YTM3ZDI1MzVhMTA5MTdmZGVlODhiZTU5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ7yFPa5fGOE0CPm5gGkSJbWMi+CPW/2aOMcDaRX+EY3RUTY
qiIN3JUJ8pYua+dGGpqaasPMtPoXr3A1/OVCfQmT4fomZQm5MuK5/zH0nWfMfyVC
vsWOhncIIuYKr4tiGu1asa6/W9erjs00qBoHG6gffzrvXGOjzhUXFvtzJoGe11Ny
nZEZyEeo/edwix0H16mOTlPF8BF7/NqYjM5pC6rizBfIvyPuUXNOgx2sR8HYTBlJ
ViGHny0zXr6nTQcbBNcawfLkbKTFMKmxf3ToculCNLFdxRPOqeCWXXirlKWZ4Bad
3yKTOWFfCN/3S1jcfjp43Lfl/l2bAMpGFqp0ieUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBR1l+zJXXZ6mjfSU1oQkX/e6IvlmjAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L2RaZnN5VjEyZXBvMzBsTmFFSkZfM3VpTDVaby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAsHpYAMEAsHpaAMEAsHpcAMEA8Hp
eDANBgkqhkiG9w0BAQsFAAOCAQEAZBqBS2b/VhM5xWR8exyUrLHn1Cd+PxKrc2IU
N9KuI/gMbFdGCh7eBfTxN43UDoIViAPnrWicuQcYd+o8Vhu5dynTmB9kNr0P54Ko
h+sal0tHAmVXLQxg1jXjuXjiKJmtbXvuca4Vcz+vb3+vpW6UZO28Dk2fEgvw4ATa
7t3ZhuV028dz+Cz4UOIF+w+wgEGu74oQbqKCYZMP55+kHIfN+tRK4Fbx5p10e8EJ
m2p4JMuDwT3wf5tGFiDnVDx98/f8ab9OV8omSAfM5/qen3nnG3vzbcRWemggaUOV
v1rzhxo+GO2oUlnqIuFenK9KqXK0L22o1xniM6jpIcFaTzA3BQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org