Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fquHXKd74UITRA9qKDY-xZtpxHk.roa
File: fquHXKd74UITRA9qKDY-xZtpxHk.roa (raw, json)
Hash identifier: RDhd8pu5xci7a3qexSiVuJnQRrRwfw2OSdAZaOdNb9c=
Subject key identifier: 7E:AB:87:5C:A7:7B:E1:42:13:44:0F:6A:28:36:3E:C5:9B:69:C4:79
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01821B70F418D65025734FA2CD9C644DAC5C
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fquHXKd74UITRA9qKDY-xZtpxHk.roa
Signing time: Wed 20 Jul 2022 11:49:23 +0000
ROA not before: Wed 20 Jul 2022 11:49:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.96.0/22 maxlen: 22
193.233.104.0/22 maxlen: 22
193.233.112.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1b:70:f4:18:d6:50:25:73:4f:a2:cd:9c:64:4d:ac:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jul 20 11:49:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7eab875ca77be14213440f6a28363ec59b69c479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c9:d4:3b:9f:00:5e:96:ba:8a:97:fd:8f:3c:
af:6f:64:b7:68:de:77:0a:bb:38:03:a0:6a:96:93:
a8:8d:7c:e5:cf:24:1a:3c:38:67:4a:43:f4:aa:6f:
c8:1e:55:53:a6:b0:80:6e:c2:83:a7:db:86:a4:2c:
c0:1a:1b:64:d5:96:61:d9:98:29:73:bb:f5:53:f6:
69:c6:e7:0f:c2:54:31:34:b3:ee:3a:36:03:11:8d:
b8:2a:26:9c:aa:c1:05:f6:71:cd:6e:4a:15:94:0c:
9b:a5:19:b8:77:72:fe:52:72:0f:4b:13:c8:1f:19:
1f:42:87:57:e0:20:b8:ba:11:25:ff:a9:4a:37:be:
e2:5a:c4:14:86:65:a7:b9:03:8e:c4:71:dd:9b:5b:
dc:d1:1a:71:10:67:57:46:8a:cf:7a:e7:35:3b:e8:
08:c9:0d:51:ef:ff:ee:2d:2b:b2:83:75:3f:c5:13:
6e:7f:5f:41:e4:b9:d9:43:0d:a7:f5:57:29:04:c6:
19:38:0d:95:76:c5:9d:0a:fe:41:bd:39:65:93:08:
70:8f:9f:62:88:2a:11:7d:ac:4f:67:c1:02:6a:98:
ef:10:12:3c:f6:e7:fc:b5:f1:36:77:2b:08:d5:13:
35:5e:ff:73:cf:f5:5d:67:b6:72:7c:b3:aa:1b:9e:
23:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:AB:87:5C:A7:7B:E1:42:13:44:0F:6A:28:36:3E:C5:9B:69:C4:79
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fquHXKd74UITRA9qKDY-xZtpxHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.96.0/22
193.233.104.0-193.233.119.255
Signature Algorithm: sha256WithRSAEncryption
77:e4:1d:f9:03:18:2a:57:37:d9:50:5a:4a:9a:0f:07:14:62:
0d:a9:c6:d4:86:86:c5:d6:a0:e6:d0:e5:f8:7a:bf:42:ea:88:
db:9e:f9:b5:00:e1:64:09:94:60:bd:50:4c:d6:90:6f:b5:cd:
1b:41:fd:42:e1:aa:36:63:c5:dc:7f:42:83:e0:08:2e:22:63:
15:d6:83:d2:a5:e9:bf:bb:a5:4b:91:33:f0:87:06:e9:7c:6c:
86:87:12:e4:f3:f6:2a:c0:7e:ec:75:f4:1c:71:46:2c:a0:c1:
ee:7a:21:5a:23:ec:7b:0c:33:9d:c2:d5:e6:d4:80:92:b0:8d:
86:25:d4:5c:8d:0e:93:67:3e:56:d4:b2:ca:f7:9f:49:bf:62:
79:99:60:38:fa:e8:49:18:08:a0:9f:6a:45:bf:d5:3f:fc:ff:
43:d1:3f:ac:66:ba:7e:f9:94:05:da:1b:6b:a2:d3:fa:82:26:
b9:01:bf:f8:76:ed:8d:69:ad:4c:36:a1:ff:a3:25:1c:aa:06:
00:a9:85:57:7c:f8:61:44:02:ba:7e:d5:75:5e:7d:8d:e8:9a:
ef:8e:b5:f3:35:f1:5c:3c:e2:b3:20:f8:e2:50:46:08:15:b0:
23:3c:9a:cd:75:e9:1c:77:87:da:b6:3c:b7:38:52:37:6b:02:
0c:80:c8:d8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYIbcPQY1lAlc0+izZxkTaxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwNzIwMTE0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWFiODc1Y2E3N2JlMTQyMTM0NDBmNmEyODM2M2VjNTliNjljNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMnUO58AXpa6ipf9jzyvb2S3aN53
Crs4A6BqlpOojXzlzyQaPDhnSkP0qm/IHlVTprCAbsKDp9uGpCzAGhtk1ZZh2Zgp
c7v1U/ZpxucPwlQxNLPuOjYDEY24KiacqsEF9nHNbkoVlAybpRm4d3L+UnIPSxPI
HxkfQodX4CC4uhEl/6lKN77iWsQUhmWnuQOOxHHdm1vc0RpxEGdXRorPeuc1O+gI
yQ1R7//uLSuyg3U/xRNuf19B5LnZQw2n9VcpBMYZOA2VdsWdCv5BvTllkwhwj59i
iCoRfaxPZ8ECapjvEBI89uf8tfE2dysI1RM1Xv9zz/VdZ7ZyfLOqG54j5wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFH6rh1yne+FCE0QPaig2PsWbacR5MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZnF1SFhLZDc0VUlUUkE5cUtEWS14WnRweEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCwelgMAwD
BAPB6WgDBAPB6XAwDQYJKoZIhvcNAQELBQADggEBAHfkHfkDGCpXN9lQWkqaDwcU
Yg2pxtSGhsXWoObQ5fh6v0LqiNue+bUA4WQJlGC9UEzWkG+1zRtB/ULhqjZjxdx/
QoPgCC4iYxXWg9Kl6b+7pUuRM/CHBul8bIaHEuTz9irAfux19BxxRiygwe56IVoj
7HsMM53C1ebUgJKwjYYl1FyNDpNnPlbUssr3n0m/YnmZYDj66EkYCKCfakW/1T/8
/0PRP6xmun75lAXaG2ui0/qCJrkBv/h27Y1prUw2of+jJRyqBgCphVd8+GFEArp+
1XVefY3omu+OtfM18Vw84rMg+OJQRggVsCM8ms116Rx3h9q2PLc4UjdrAgyAyNg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org