Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fKuKTwRmVViwMEES0LnPFfSEQ-4.roa
File: fKuKTwRmVViwMEES0LnPFfSEQ-4.roa (raw, json)
Hash identifier: s34r63m9LWUigoPEuv3cE5HDFKsTz7SYWjYuQ3JDXt4=
Subject key identifier: 7C:AB:8A:4F:04:66:55:58:B0:30:41:12:D0:B9:CF:15:F4:84:43:EE
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0182016F1296A955FB2A83D2AA80EE7314F5
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fKuKTwRmVViwMEES0LnPFfSEQ-4.roa
Signing time: Fri 15 Jul 2022 10:37:12 +0000
ROA not before: Fri 15 Jul 2022 10:37:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 193.233.179.0/24 maxlen: 24
193.233.177.0/24 maxlen: 24
193.233.187.0/24 maxlen: 24
193.233.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:6f:12:96:a9:55:fb:2a:83:d2:aa:80:ee:73:14:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jul 15 10:37:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7cab8a4f04665558b0304112d0b9cf15f48443ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0a:31:f5:53:11:e3:4b:98:98:c6:7a:c0:c9:
5c:d0:b9:5a:8d:81:d9:6d:fb:0a:6f:a9:e7:3c:46:
b9:42:e4:ce:77:9e:52:f0:2f:a6:5a:77:fe:f3:be:
d6:91:e5:9d:fa:62:14:4c:a3:7e:ac:df:9b:c3:d9:
65:a4:fb:d0:f5:b2:c0:55:67:7b:38:81:ec:3d:18:
fa:60:47:f2:ae:b5:f8:1e:05:fe:f5:1e:14:d9:87:
4a:57:3f:3b:a0:74:6f:c7:6c:90:2a:b2:91:0b:4b:
60:59:96:de:65:76:89:c6:2d:dd:fb:5f:5b:0a:8c:
cf:89:71:ae:8a:26:4e:c8:40:91:fb:4d:20:27:51:
fc:ba:d6:18:bd:51:23:ba:3f:09:6f:da:e0:d4:1c:
a4:39:3d:be:bf:43:09:c7:49:68:a1:93:9b:dd:6f:
f9:7b:42:01:20:74:e7:01:4c:de:e3:0a:92:91:04:
98:36:80:bb:fb:68:19:e3:81:35:df:fa:a8:3b:99:
c0:23:f2:5b:e9:2d:dd:de:aa:9d:2d:74:45:1e:89:
69:ba:61:61:19:f4:42:bd:22:21:ed:5a:13:8d:e8:
fc:d4:93:8c:82:ea:36:69:e8:f7:57:7f:29:ec:66:
8f:e7:53:2d:ab:38:02:a0:73:e7:ec:7b:cc:f0:36:
9a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:AB:8A:4F:04:66:55:58:B0:30:41:12:D0:B9:CF:15:F4:84:43:EE
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fKuKTwRmVViwMEES0LnPFfSEQ-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.177.0/24
193.233.179.0/24
193.233.187.0-193.233.188.255
Signature Algorithm: sha256WithRSAEncryption
8b:29:00:0e:22:28:26:5a:a1:b4:98:8e:f9:45:44:92:be:2c:
44:ce:d0:93:3b:41:04:5f:0a:5f:ab:0e:9b:40:7f:52:17:96:
c3:21:ee:b4:ed:ee:9f:ad:72:89:b1:3e:dd:94:c6:d9:6f:22:
d0:1a:81:58:3b:ac:00:ce:0c:9b:4f:ca:d0:07:16:f8:63:c5:
f3:c1:24:e1:3b:36:a4:0e:91:18:b3:af:6f:da:8b:0d:9c:a3:
94:7f:48:55:31:ff:03:2e:32:79:ee:92:6f:24:ea:c3:e0:15:
10:6a:45:03:ba:df:ac:b2:8a:08:22:d6:ff:74:e1:91:56:4b:
00:5b:19:50:a3:f3:0d:60:9e:bb:58:f8:4c:ef:99:3b:59:49:
17:16:ec:82:f3:5b:62:c5:9d:4b:92:87:00:11:e6:0b:d9:d3:
bb:74:8e:74:18:12:e3:3e:6e:bc:88:f5:ad:21:75:3e:07:81:
a3:c8:f7:cb:80:ec:bf:54:30:3f:7e:99:65:97:d1:e1:85:6a:
1c:12:10:8f:6b:7b:40:79:9d:51:2e:53:b6:cc:23:7b:90:83:
7e:ab:ab:c2:2f:f8:98:f2:5e:8c:57:d6:26:ef:e6:d1:6b:b6:
89:c3:f8:19:43:5e:40:37:70:90:58:9d:c1:a6:d6:b8:e2:f6:
3c:c7:22:61
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYIBbxKWqVX7KoPSqoDucxT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwNzE1MTAzNzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2FiOGE0ZjA0NjY1NTU4YjAzMDQxMTJkMGI5Y2YxNWY0ODQ0M2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAox9VMR40uYmMZ6wMlc0LlajYHZ
bfsKb6nnPEa5QuTOd55S8C+mWnf+877WkeWd+mIUTKN+rN+bw9llpPvQ9bLAVWd7
OIHsPRj6YEfyrrX4HgX+9R4U2YdKVz87oHRvx2yQKrKRC0tgWZbeZXaJxi3d+19b
CozPiXGuiiZOyECR+00gJ1H8utYYvVEjuj8Jb9rg1BykOT2+v0MJx0looZOb3W/5
e0IBIHTnAUze4wqSkQSYNoC7+2gZ44E13/qoO5nAI/Jb6S3d3qqdLXRFHolpumFh
GfRCvSIh7VoTjej81JOMguo2aej3V38p7GaP51MtqzgCoHPn7HvM8Daa/wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHyrik8EZlVYsDBBEtC5zxX0hEPuMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZkt1S1R3Um1WVml3TUVFUzBMblBGZlNFUS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwemxAwQA
wemzMAwDBADB6bsDBADB6bwwDQYJKoZIhvcNAQELBQADggEBAIspAA4iKCZaobSY
jvlFRJK+LETO0JM7QQRfCl+rDptAf1IXlsMh7rTt7p+tcomxPt2UxtlvItAagVg7
rADODJtPytAHFvhjxfPBJOE7NqQOkRizr2/aiw2co5R/SFUx/wMuMnnukm8k6sPg
FRBqRQO636yyiggi1v904ZFWSwBbGVCj8w1gnrtY+EzvmTtZSRcW7ILzW2LFnUuS
hwAR5gvZ07t0jnQYEuM+bryI9a0hdT4HgaPI98uA7L9UMD9+mWWX0eGFahwSEI9r
e0B5nVEuU7bMI3uQg36rq8Iv+JjyXoxX1ibv5tFrtonD+BlDXkA3cJBYncGm1rji
9jzHImE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org