Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gN3PDlWG3EjM1xEuojs6IcrACKQ.roa
File: gN3PDlWG3EjM1xEuojs6IcrACKQ.roa (raw, json)
Hash identifier: FwCrDKsJIP8Od+gCFQI1hBJQ+9herdaGkxRIVK5+T5g=
Subject key identifier: 80:DD:CF:0E:55:86:DC:48:CC:D7:11:2E:A2:3B:3A:21:CA:C0:08:A4
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0183371B27FD0DFD6BD811905448FD8EFE7B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gN3PDlWG3EjM1xEuojs6IcrACKQ.roa
Signing time: Tue 13 Sep 2022 13:47:50 +0000
ROA not before: Tue 13 Sep 2022 13:47:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 193.233.161.0/24 maxlen: 24
193.233.176.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:37:1b:27:fd:0d:fd:6b:d8:11:90:54:48:fd:8e:fe:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 13 13:47:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80ddcf0e5586dc48ccd7112ea23b3a21cac008a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a1:c3:ca:cd:53:00:ef:01:df:5e:c8:cd:2a:
38:76:c6:35:2a:7e:91:db:b5:7e:67:cd:f0:cd:0c:
f4:ee:9b:03:a6:12:00:70:7d:2b:29:57:f9:8b:d1:
04:94:a4:5b:01:c3:c0:79:78:bd:e5:be:2a:f1:c1:
8a:a6:c5:71:d5:58:fb:0a:4f:36:e7:fe:e0:05:93:
a3:a2:81:6d:68:cf:0d:95:da:69:8b:31:5a:cb:f2:
bb:d9:d9:d5:74:8e:e4:4b:19:e2:fb:80:9e:2e:01:
43:1c:1e:fc:78:f6:d6:b5:f3:6a:38:43:b7:6f:40:
a1:5e:ac:9b:93:d2:1b:b4:7d:32:2a:36:6f:85:3a:
ec:59:fc:f2:4b:86:70:8b:d0:00:8b:ba:91:d6:74:
a4:3a:d3:07:4f:c7:00:aa:8e:03:45:53:30:f5:15:
e1:24:c2:aa:30:65:fa:cd:b8:71:e1:2e:8d:50:94:
9f:14:e0:81:c4:85:0b:2f:5c:fc:a5:76:94:5b:2b:
77:cd:9d:f6:ed:73:9f:48:86:55:e8:d1:fc:74:85:
83:0c:86:92:3e:06:40:71:90:7c:e0:d8:d5:03:71:
9c:c5:b1:44:a8:36:de:53:08:03:03:08:6b:65:a0:
79:52:f1:01:76:99:ea:2a:4a:34:5d:05:b9:63:6a:
1d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:DD:CF:0E:55:86:DC:48:CC:D7:11:2E:A2:3B:3A:21:CA:C0:08:A4
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gN3PDlWG3EjM1xEuojs6IcrACKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.161.0/24
193.233.176.0/20
Signature Algorithm: sha256WithRSAEncryption
35:84:bb:cf:81:0d:c8:2f:01:1e:7d:0e:a0:fb:0c:ed:65:c2:
01:ef:e8:64:19:d6:af:33:88:a2:f1:e3:53:6f:d6:83:ed:6a:
b1:06:13:7e:f3:51:8a:da:50:9c:a0:b4:76:42:63:9e:7e:72:
17:7d:ee:9e:f7:c5:f3:d5:b4:12:1e:ae:b0:b8:8b:8f:41:0d:
9d:be:d5:9e:42:67:cf:13:49:fc:1a:57:fe:b6:66:39:58:1a:
5d:a1:b5:09:d0:91:4b:81:3d:06:bd:66:ed:6e:b9:44:d9:22:
84:c1:3e:a7:f8:c4:d6:57:a4:39:e8:09:0a:aa:e3:d6:6a:86:
b2:d6:5f:14:67:64:34:1d:ca:05:1a:cb:39:d0:3c:fe:f0:32:
f9:14:09:d5:f6:cc:da:75:d1:51:e7:a0:48:29:ac:5d:7c:e8:
bc:e0:f6:d1:69:53:fe:ad:a0:15:6c:96:df:e0:5a:c9:45:f7:
09:bf:e5:af:cf:8c:a4:1b:6c:43:a8:f9:8a:00:a0:46:e0:9a:
24:40:8a:d1:54:1d:ea:90:b5:cf:43:77:42:ab:fc:77:7b:4b:
24:e6:69:f5:3c:0d:e1:a4:10:80:71:d7:e8:c3:cd:3d:34:68:
f6:00:42:94:9f:eb:a7:3b:88:5a:4f:f9:1c:1f:c9:b5:84:90:
8a:b6:6a:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYM3Gyf9Df1r2BGQVEj9jv57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwOTEzMTM0NzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGRkY2YwZTU1ODZkYzQ4Y2NkNzExMmVhMjNiM2EyMWNhYzAwOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6HDys1TAO8B317IzSo4dsY1Kn6R
27V+Z83wzQz07psDphIAcH0rKVf5i9EElKRbAcPAeXi95b4q8cGKpsVx1Vj7Ck82
5/7gBZOjooFtaM8NldppizFay/K72dnVdI7kSxni+4CeLgFDHB78ePbWtfNqOEO3
b0ChXqybk9IbtH0yKjZvhTrsWfzyS4Zwi9AAi7qR1nSkOtMHT8cAqo4DRVMw9RXh
JMKqMGX6zbhx4S6NUJSfFOCBxIULL1z8pXaUWyt3zZ327XOfSIZV6NH8dIWDDIaS
PgZAcZB84NjVA3GcxbFEqDbeUwgDAwhrZaB5UvEBdpnqKko0XQW5Y2odywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIDdzw5VhtxIzNcRLqI7OiHKwAikMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZ04zUERsV0czRWpNMXhFdW9qczZJY3JBQ0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwemhAwQE
wemwMA0GCSqGSIb3DQEBCwUAA4IBAQA1hLvPgQ3ILwEefQ6g+wztZcIB7+hkGdav
M4ii8eNTb9aD7WqxBhN+81GK2lCcoLR2QmOefnIXfe6e98Xz1bQSHq6wuIuPQQ2d
vtWeQmfPE0n8Glf+tmY5WBpdobUJ0JFLgT0GvWbtbrlE2SKEwT6n+MTWV6Q56AkK
quPWaoay1l8UZ2Q0HcoFGss50Dz+8DL5FAnV9szaddFR56BIKaxdfOi84PbRaVP+
raAVbJbf4FrJRfcJv+Wvz4ykG2xDqPmKAKBG4JokQIrRVB3qkLXPQ3dCq/x3e0sk
5mn1PA3hpBCAcdfow809NGj2AEKUn+unO4haT/kcH8m1hJCKtmoW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-ams.rpki-client.org