Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/h9bPD-kUt9Rd5WvFVQFtCEmwloE.roa
File: h9bPD-kUt9Rd5WvFVQFtCEmwloE.roa (raw, json)
Hash identifier: pdKfsI1QwREDeX9hwa9LLb0i61DW0aDZRl6gAum4dn0=
Subject key identifier: 87:D6:CF:0F:E9:14:B7:D4:5D:E5:6B:C5:55:01:6D:08:49:B0:96:81
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01833BF10D0F90A4496222F6C6A94940E791
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/h9bPD-kUt9Rd5WvFVQFtCEmwloE.roa
Signing time: Wed 14 Sep 2022 12:19:56 +0000
ROA not before: Wed 14 Sep 2022 12:19:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43444
IP address blocks: 193.233.128.0/22 maxlen: 22
193.233.210.0/23 maxlen: 23
193.233.220.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3b:f1:0d:0f:90:a4:49:62:22:f6:c6:a9:49:40:e7:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 14 12:19:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87d6cf0fe914b7d45de56bc555016d0849b09681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cf:1c:f7:e0:6e:f3:ab:46:ac:68:dc:39:44:
ed:c7:eb:59:3d:f3:c8:94:ff:24:40:51:5b:39:b0:
86:cd:6d:9a:df:06:df:0d:12:58:f8:cc:f9:b6:65:
f9:0e:ca:50:91:d9:c6:86:dd:73:31:45:02:0e:e8:
5d:7d:b8:10:f7:1f:33:7a:60:bd:2a:27:0b:89:02:
54:84:d3:33:1f:47:85:36:4c:04:50:53:4a:d1:77:
17:e9:24:8d:3e:2c:ed:64:cf:41:90:8b:ae:a3:c4:
16:b0:a5:8d:fa:02:40:21:3c:aa:be:58:5f:98:e4:
cb:be:93:28:23:a1:9b:14:9e:ec:c6:f7:82:6f:b0:
c2:5e:09:e1:fb:90:6a:f7:ec:dc:b0:7f:2e:4d:54:
9e:b9:6b:26:84:70:1f:04:f7:03:4b:6c:55:0c:22:
aa:03:10:4f:fb:7d:c9:59:69:c3:ee:3c:04:1a:e3:
62:e5:a1:7e:92:28:af:62:6a:6f:a8:2d:54:3d:67:
25:e2:8f:6b:a1:87:d6:64:8b:8d:f9:57:7e:ab:28:
79:2f:39:f8:5e:2e:f2:fa:e7:cd:60:57:a6:b3:80:
6e:2d:e7:61:e4:41:4b:b1:0f:8e:79:58:91:71:f0:
f0:7f:9a:94:8b:e8:fc:d8:a3:6d:8d:f6:c1:24:72:
bd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D6:CF:0F:E9:14:B7:D4:5D:E5:6B:C5:55:01:6D:08:49:B0:96:81
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/h9bPD-kUt9Rd5WvFVQFtCEmwloE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.128.0/22
193.233.210.0/23
193.233.220.0/23
Signature Algorithm: sha256WithRSAEncryption
74:3c:a0:31:83:67:cf:d0:6e:da:0c:d3:d2:fc:62:bb:06:6a:
a3:03:07:17:cd:2e:c6:15:10:cf:7d:4b:40:5e:ca:95:18:09:
92:fc:ba:a1:db:3a:00:51:4b:da:36:8d:24:6a:cd:9a:97:75:
90:a9:b2:68:d8:bd:d2:13:28:1e:43:4b:f1:d4:fe:51:17:98:
e0:c4:4b:e7:68:5a:84:86:0b:c6:51:c5:61:27:5c:df:88:01:
1f:70:4a:96:bd:65:16:35:79:22:10:8a:1d:c6:14:29:a4:3a:
61:3a:81:3d:16:89:9b:57:f9:d3:f9:1d:45:87:43:34:e2:fa:
1a:02:a5:cb:e9:9b:df:b5:16:97:9e:51:14:94:c7:45:ad:cb:
d7:7d:8e:f7:a5:c7:18:56:69:cc:4e:e5:0d:42:cc:2a:08:e1:
27:a1:51:87:ef:64:50:93:f8:06:65:bb:5b:48:30:fd:64:81:
69:1a:52:13:86:ee:46:e5:07:3d:22:e6:00:73:4c:35:f5:ef:
0d:4f:cd:7d:47:8f:c8:58:a2:a8:3a:13:5a:0a:88:55:99:7b:
50:59:3b:9d:e2:90:9c:20:dc:a8:e8:c9:45:ef:a5:df:a3:8c:
6a:7f:e8:cd:54:b1:4c:7d:2a:7d:53:a2:89:9a:0b:0d:be:8f:
56:49:0d:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYM78Q0PkKRJYiL2xqlJQOeRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwOTE0MTIxOTU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Q2Y2YwZmU5MTRiN2Q0NWRlNTZiYzU1NTAxNmQwODQ5YjA5NjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos8c9+Bu86tGrGjcOUTtx+tZPfPI
lP8kQFFbObCGzW2a3wbfDRJY+Mz5tmX5DspQkdnGht1zMUUCDuhdfbgQ9x8zemC9
KicLiQJUhNMzH0eFNkwEUFNK0XcX6SSNPiztZM9BkIuuo8QWsKWN+gJAITyqvlhf
mOTLvpMoI6GbFJ7sxveCb7DCXgnh+5Bq9+zcsH8uTVSeuWsmhHAfBPcDS2xVDCKq
AxBP+33JWWnD7jwEGuNi5aF+kiivYmpvqC1UPWcl4o9roYfWZIuN+Vd+qyh5Lzn4
Xi7y+ufNYFems4BuLedh5EFLsQ+OeViRcfDwf5qUi+j82KNtjfbBJHK96QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIfWzw/pFLfUXeVrxVUBbQhJsJaBMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvaDliUEQta1V0OVJkNVd2RlZRRnRDRW13bG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCwemAAwQB
wenSAwQBwencMA0GCSqGSIb3DQEBCwUAA4IBAQB0PKAxg2fP0G7aDNPS/GK7Bmqj
AwcXzS7GFRDPfUtAXsqVGAmS/Lqh2zoAUUvaNo0kas2al3WQqbJo2L3SEygeQ0vx
1P5RF5jgxEvnaFqEhgvGUcVhJ1zfiAEfcEqWvWUWNXkiEIodxhQppDphOoE9Fomb
V/nT+R1Fh0M04voaAqXL6ZvftRaXnlEUlMdFrcvXfY73pccYVmnMTuUNQswqCOEn
oVGH72RQk/gGZbtbSDD9ZIFpGlIThu5G5Qc9IuYAc0w19e8NT819R4/IWKKoOhNa
CohVmXtQWTud4pCcINyo6MlF76Xfo4xqf+jNVLFMfSp9U6KJmgsNvo9WSQ3c
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org