Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/jCMWn0LsWNXtt3bNhGZOV85X0Wo.roa
File: jCMWn0LsWNXtt3bNhGZOV85X0Wo.roa (raw, json)
Hash identifier: eg5M6CjD9zoLn/BpnNeGMlj0FiAcITS/wQ+R/5ur0kA=
Subject key identifier: 8C:23:16:9F:42:EC:58:D5:ED:B7:76:CD:84:66:4E:57:CE:57:D1:6A
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 05C6FCB7
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/jCMWn0LsWNXtt3bNhGZOV85X0Wo.roa
Signing time: Wed 01 Jun 2022 17:29:20 +0000
ROA not before: Wed 01 Jun 2022 17:29:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 193.233.96.0/22 maxlen: 22
193.233.104.0/22 maxlen: 22
193.233.216.0/22 maxlen: 24
193.233.108.0/23 maxlen: 24
193.233.110.0/23 maxlen: 24
193.233.118.0/23 maxlen: 24
193.233.116.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96926903 (0x5c6fcb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jun 1 17:29:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c23169f42ec58d5edb776cd84664e57ce57d16a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ca:78:9c:2e:18:eb:24:d8:95:7f:96:4e:a9:
0f:0a:9c:39:af:97:2f:80:f6:b5:ef:15:05:dd:45:
d9:90:3c:4d:4c:16:28:c0:f6:27:5e:42:dc:3a:7a:
5b:72:7b:98:44:c1:a2:fc:27:fe:70:84:20:72:df:
ec:a3:1a:53:fc:b1:c0:c4:3b:88:e8:55:d5:d2:72:
0a:62:f1:0c:09:1d:75:97:10:16:ba:a0:7f:ba:b3:
c3:86:ce:49:ff:7d:1a:8e:fa:ea:c2:95:2e:13:e5:
dc:a0:a4:54:2d:dc:82:42:12:b8:81:c2:84:ac:1d:
2c:03:39:5c:7f:fa:14:b6:ad:4e:fc:ef:37:f0:50:
1c:04:1d:2c:d2:a6:87:f0:2d:98:ed:24:a3:5d:43:
ef:b6:60:f4:f6:81:9a:76:b2:e9:c0:d2:ef:8c:3e:
b0:15:cc:38:60:bc:da:81:71:2c:a3:e5:d3:97:aa:
a4:7c:a0:49:95:b5:21:13:9a:af:80:c1:fc:e7:b7:
3b:e4:85:9b:d0:b7:5a:a7:be:91:d9:de:26:8e:67:
01:5e:95:c8:a5:19:8b:11:86:26:d0:21:96:c3:02:
6d:68:16:d4:a9:4b:cf:0f:b4:2b:7a:c1:de:92:bf:
10:2b:0d:72:a0:fa:fb:bb:a8:28:a8:f5:e9:47:fa:
95:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:23:16:9F:42:EC:58:D5:ED:B7:76:CD:84:66:4E:57:CE:57:D1:6A
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/jCMWn0LsWNXtt3bNhGZOV85X0Wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.96.0/22
193.233.104.0/21
193.233.116.0/22
193.233.216.0/22
Signature Algorithm: sha256WithRSAEncryption
24:bf:5e:75:81:e1:2c:a2:7f:9f:2d:61:09:dc:0a:30:16:12:
2e:b1:3a:26:0a:aa:91:66:07:cc:80:93:00:ad:b5:54:6f:45:
d1:97:a4:37:42:c2:f8:a8:9e:8d:35:b3:bd:2b:9a:34:d4:f1:
90:0e:4a:58:81:a2:53:1a:58:b8:cd:23:09:99:20:f1:53:10:
07:19:b0:99:7e:dd:6b:dc:06:d9:e7:f8:a1:f8:bd:b8:d8:44:
22:00:0e:01:7c:0e:16:c2:db:5a:fa:27:fe:c8:0e:43:6b:95:
83:0c:15:e1:30:86:6f:53:1b:37:b2:30:18:4d:eb:2c:26:6f:
34:c6:d9:b3:a2:3f:af:17:84:c4:df:2c:ac:9a:22:37:11:96:
19:84:6c:84:da:31:56:e3:a4:57:76:f8:1d:27:e1:8d:40:d1:
b5:1f:26:72:e2:44:5b:b0:b8:5a:28:01:22:dc:a0:74:ef:b6:
ed:3a:50:21:24:8e:ad:c8:64:16:d3:2b:18:bc:bb:a8:62:1d:
1c:c6:5e:90:e1:ac:e1:cb:b9:b5:ad:02:8d:fa:b7:5b:45:0e:
0f:1c:c3:4d:d6:f8:98:79:a9:15:2a:b3:98:89:76:22:c6:1f:
25:62:79:19:ab:8e:39:05:41:2f:c7:d6:f1:c8:c3:1e:d5:f5:
d8:be:ce:7d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBcb8tzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDYw
MTE3MjkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGMyMzE2OWY0MmVj
NThkNWVkYjc3NmNkODQ2NjRlNTdjZTU3ZDE2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrKeJwuGOsk2JV/lk6pDwqcOa+XL4D2te8VBd1F2ZA8TUwW
KMD2J15C3Dp6W3J7mETBovwn/nCEIHLf7KMaU/yxwMQ7iOhV1dJyCmLxDAkddZcQ
Frqgf7qzw4bOSf99Go766sKVLhPl3KCkVC3cgkISuIHChKwdLAM5XH/6FLatTvzv
N/BQHAQdLNKmh/AtmO0ko11D77Zg9PaBmnay6cDS74w+sBXMOGC82oFxLKPl05eq
pHygSZW1IROar4DB/Oe3O+SFm9C3Wqe+kdneJo5nAV6VyKUZixGGJtAhlsMCbWgW
1KlLzw+0K3rB3pK/ECsNcqD6+7uoKKj16Uf6lfcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSMIxafQuxY1e23ds2EZk5XzlfRajAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L2pDTVduMExzV05YdHQzYk5oR1pPVjg1WDBXby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAsHpYAMEA8HpaAMEAsHpdAMEAsHp
2DANBgkqhkiG9w0BAQsFAAOCAQEAJL9edYHhLKJ/ny1hCdwKMBYSLrE6JgqqkWYH
zICTAK21VG9F0ZekN0LC+KiejTWzvSuaNNTxkA5KWIGiUxpYuM0jCZkg8VMQBxmw
mX7da9wG2ef4ofi9uNhEIgAOAXwOFsLbWvon/sgOQ2uVgwwV4TCGb1MbN7IwGE3r
LCZvNMbZs6I/rxeExN8srJoiNxGWGYRshNoxVuOkV3b4HSfhjUDRtR8mcuJEW7C4
WigBItygdO+27TpQISSOrchkFtMrGLy7qGIdHMZekOGs4cu5ta0Cjfq3W0UODxzD
Tdb4mHmpFSqzmIl2IsYfJWJ5GauOOQVBL8fW8cjDHtX12L7OfQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org