Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/jQHBU7ZJd_BDmoMlp27gG3nVHI8.roa
File: jQHBU7ZJd_BDmoMlp27gG3nVHI8.roa (raw, json)
Hash identifier: BWNgOarHz9fTjaibA9UYiMpwIiGY598K05TH1N92SW0=
Subject key identifier: 8D:01:C1:53:B6:49:77:F0:43:9A:83:25:A7:6E:E0:1B:79:D5:1C:8F
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0183B3CF2A05E372D9190755B0BC3FBCE2E8
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/jQHBU7ZJd_BDmoMlp27gG3nVHI8.roa
Signing time: Fri 07 Oct 2022 18:57:21 +0000
ROA not before: Fri 07 Oct 2022 18:57:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51659
IP address blocks: 193.233.16.0/24 maxlen: 24
193.233.22.0/24 maxlen: 24
193.233.23.0/24 maxlen: 24
193.233.21.0/24 maxlen: 24
193.233.19.0/24 maxlen: 24
193.233.20.0/24 maxlen: 24
193.233.18.0/24 maxlen: 24
193.233.252.0/22 maxlen: 22
193.233.192.0/22 maxlen: 22
193.233.84.0/22 maxlen: 22
193.233.94.0/23 maxlen: 24
193.233.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b3:cf:2a:05:e3:72:d9:19:07:55:b0:bc:3f:bc:e2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Oct 7 18:57:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d01c153b64977f0439a8325a76ee01b79d51c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:01:41:f5:71:82:70:86:e0:ed:b5:05:92:68:
de:f9:22:69:57:be:a8:09:06:bd:80:65:d0:24:5f:
0e:e7:30:39:d1:16:14:a0:c0:e6:ed:e1:7d:5f:29:
54:e2:66:5b:40:fb:e9:d0:a3:4e:33:c5:b2:bf:eb:
9d:dd:e2:db:24:c3:52:31:6e:7e:33:5b:4a:f9:b5:
10:99:c6:39:9c:0f:b6:55:28:91:a7:57:c1:f6:af:
fe:5c:1b:57:0b:51:bc:2b:4d:bd:ec:e8:e7:83:99:
fc:09:fc:e1:be:b7:a3:d6:5b:06:b5:1f:3b:bb:c7:
0a:dc:12:ab:47:e6:03:f9:93:1b:a9:9f:05:a0:5b:
a2:7c:f4:8f:3b:a8:e6:9a:e9:e6:f9:eb:9d:f0:58:
19:16:93:12:a6:e1:8c:78:6a:05:3f:db:27:37:f5:
96:bb:7c:a7:02:f2:18:71:58:f2:e5:a6:84:d3:84:
ef:40:e0:d5:73:28:68:28:07:73:8b:0e:3a:0b:c9:
5b:3b:fb:8f:56:1b:16:5e:68:95:be:dd:58:00:42:
a8:08:05:00:a6:d3:cc:73:d0:2c:55:dc:e2:21:0b:
b5:c6:af:4d:58:24:10:3b:ef:b7:6f:fe:df:02:ba:
ab:bc:ba:65:36:c6:96:07:37:2f:9a:94:67:17:2b:
f6:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:01:C1:53:B6:49:77:F0:43:9A:83:25:A7:6E:E0:1B:79:D5:1C:8F
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/jQHBU7ZJd_BDmoMlp27gG3nVHI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.16.0/24
193.233.18.0-193.233.23.255
193.233.84.0/22
193.233.93.0-193.233.95.255
193.233.192.0/22
193.233.252.0/22
Signature Algorithm: sha256WithRSAEncryption
95:5e:2b:ba:82:c2:28:46:33:e5:30:56:2e:7b:85:fa:84:cb:
4c:f7:d0:7a:c4:32:04:a4:fa:7c:8d:8e:cc:c6:3a:94:63:ad:
d3:a1:c8:de:69:06:db:e1:14:7e:c3:aa:c4:53:e9:32:c6:c1:
aa:6b:c2:e8:47:5e:3b:53:12:bf:c0:98:28:cb:bf:85:95:66:
0d:d7:bc:c3:b2:20:51:d7:aa:60:7e:7f:47:56:e6:4a:8c:8a:
e4:22:88:40:40:96:26:aa:9c:04:c5:22:f5:7f:a0:c0:84:9d:
03:eb:f2:09:11:4e:28:f0:20:02:e2:cb:50:f2:cc:59:f4:33:
d6:17:b5:3a:79:77:a3:87:6c:95:0b:22:51:ed:b7:cb:ae:ed:
50:e0:31:54:b5:40:eb:13:0b:44:4f:da:b5:96:f9:d0:db:1c:
fe:78:a9:cf:e5:c6:82:ec:db:78:77:89:e6:08:8a:8f:f7:fe:
86:76:5c:4e:4a:57:73:36:a9:9e:16:3c:1a:e4:1f:57:be:5c:
08:c3:a3:1e:b5:9d:d1:37:d4:9c:a5:cf:88:a4:a4:5c:56:ab:
6a:d8:ba:2b:5d:d1:cd:81:72:1a:5f:f0:6d:69:81:f4:90:1a:
fd:77:3c:af:e4:1e:0b:be:dd:94:02:ea:e7:5d:36:53:ab:61:
47:9d:67:59
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYOzzyoF43LZGQdVsLw/vOLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMDA3MTg1NzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDAxYzE1M2I2NDk3N2YwNDM5YTgzMjVhNzZlZTAxYjc5ZDUxYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAFB9XGCcIbg7bUFkmje+SJpV76o
CQa9gGXQJF8O5zA50RYUoMDm7eF9XylU4mZbQPvp0KNOM8Wyv+ud3eLbJMNSMW5+
M1tK+bUQmcY5nA+2VSiRp1fB9q/+XBtXC1G8K0297Ojng5n8Cfzhvrej1lsGtR87
u8cK3BKrR+YD+ZMbqZ8FoFuifPSPO6jmmunm+eud8FgZFpMSpuGMeGoFP9snN/WW
u3ynAvIYcVjy5aaE04TvQODVcyhoKAdziw46C8lbO/uPVhsWXmiVvt1YAEKoCAUA
ptPMc9AsVdziIQu1xq9NWCQQO++3b/7fArqrvLplNsaWBzcvmpRnFyv2TQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFI0BwVO2SXfwQ5qDJadu4Bt51RyPMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvalFIQlU3WkpkX0JEbW9NbHAyN2dHM25WSEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAwekQMAwD
BAHB6RIDBAPB6RADBALB6VQwDAMEAMHpXQMEBcHpQAMEAsHpwAMEAsHp/DANBgkq
hkiG9w0BAQsFAAOCAQEAlV4ruoLCKEYz5TBWLnuF+oTLTPfQesQyBKT6fI2OzMY6
lGOt06HI3mkG2+EUfsOqxFPpMsbBqmvC6EdeO1MSv8CYKMu/hZVmDde8w7IgUdeq
YH5/R1bmSoyK5CKIQECWJqqcBMUi9X+gwISdA+vyCRFOKPAgAuLLUPLMWfQz1he1
Onl3o4dslQsiUe23y67tUOAxVLVA6xMLRE/atZb50Nsc/nipz+XGguzbeHeJ5giK
j/f+hnZcTkpXczapnhY8GuQfV75cCMOjHrWd0TfUnKXPiKSkXFarati6K13RzYFy
Gl/wbWmB9JAa/Xc8r+QeC77dlALq5102U6thR51nWQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org