Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n3yVYR2UpSq7jaoPaVchzGyD8vc.roa
File: n3yVYR2UpSq7jaoPaVchzGyD8vc.roa (raw, json)
Hash identifier: Ro9guyg0mxeNDqdcExZ3MRBi0gpF6WlzVqMLI18jecY=
Subject key identifier: 9F:7C:95:61:1D:94:A5:2A:BB:8D:AA:0F:69:57:21:CC:6C:83:F2:F7
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 05F52987
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n3yVYR2UpSq7jaoPaVchzGyD8vc.roa
Signing time: Thu 16 Jun 2022 20:03:44 +0000
ROA not before: Thu 16 Jun 2022 20:03:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 193.233.179.0/24 maxlen: 24
193.233.177.0/24 maxlen: 24
193.233.178.0/24 maxlen: 24
193.233.182.0/24 maxlen: 24
193.233.183.0/24 maxlen: 24
193.233.180.0/24 maxlen: 24
193.233.181.0/24 maxlen: 24
193.233.186.0/24 maxlen: 24
193.233.184.0/24 maxlen: 24
193.233.185.0/24 maxlen: 24
193.233.189.0/24 maxlen: 24
193.233.190.0/24 maxlen: 24
193.233.187.0/24 maxlen: 24
193.233.188.0/24 maxlen: 24
193.233.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99953031 (0x5f52987)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jun 16 20:03:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f7c95611d94a52abb8daa0f695721cc6c83f2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f3:c7:75:d5:dd:3c:46:c6:13:c9:38:ff:75:
1e:20:94:ec:69:d3:6e:70:8b:6d:be:ff:b1:cc:c8:
c8:53:90:98:9e:33:a6:8f:b3:4e:a7:d6:87:89:60:
4a:ec:e6:1f:10:05:5c:53:07:34:ba:f2:0c:86:a8:
a8:a1:69:3e:8d:ea:a2:df:0f:73:0b:ac:74:e9:e6:
11:60:c5:04:45:37:47:ff:24:2e:d1:b3:0e:fc:be:
e3:7a:69:52:35:d0:60:62:68:4e:fa:f3:8a:ca:8c:
35:16:61:ca:f6:d3:70:d9:bb:a0:6e:6c:3d:ee:a3:
19:34:d2:e0:1e:57:e7:85:50:01:b2:b7:21:9c:f0:
67:96:df:73:62:27:31:02:b5:78:52:47:88:85:d8:
d4:6c:b5:43:de:a4:54:7e:47:d2:de:e6:46:91:c4:
82:a5:e4:c1:53:d4:f0:ff:9b:72:48:97:42:29:28:
ca:61:cc:da:bd:70:26:53:c4:1b:34:ff:bc:0a:4c:
fd:18:61:cd:56:c9:a2:3d:02:7f:dc:5c:7b:10:ff:
9d:2e:77:91:9d:39:8f:3a:83:cc:1c:56:6a:5b:aa:
e4:2f:33:6c:30:5e:49:80:4c:21:29:fc:2b:08:d2:
ff:f5:f4:74:78:47:a6:35:be:0b:b9:1d:7f:6f:5e:
07:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7C:95:61:1D:94:A5:2A:BB:8D:AA:0F:69:57:21:CC:6C:83:F2:F7
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n3yVYR2UpSq7jaoPaVchzGyD8vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.177.0-193.233.191.255
Signature Algorithm: sha256WithRSAEncryption
04:eb:3c:9c:e7:f3:4f:f0:17:f1:3b:a3:59:64:d7:84:88:ba:
34:b8:93:1d:05:cc:f4:f6:30:ce:5f:83:37:4a:06:92:fd:4b:
a6:0f:79:47:f0:43:32:61:6f:24:f3:da:f0:ef:be:8f:f8:da:
84:e0:28:35:f7:45:1d:58:07:21:87:b2:11:06:6d:d5:1f:da:
37:5e:82:a4:21:9b:03:36:6d:f5:7e:fb:cc:98:43:98:59:43:
df:8b:4d:15:0a:69:83:99:42:dc:1a:ca:9a:81:a9:d1:f7:48:
00:16:6d:0b:60:e9:73:e7:fd:aa:01:10:66:fa:d3:36:bb:5d:
12:5d:fa:70:7b:ba:ef:06:46:2d:d3:58:8e:33:77:76:91:a5:
fa:07:c9:42:c0:f5:70:04:69:18:d4:f0:96:a2:74:32:2f:54:
99:9e:79:2c:c4:50:ea:db:65:18:69:97:66:88:94:89:8b:40:
f0:b0:fb:01:ba:59:e2:2e:3c:33:91:5d:73:cc:d7:dd:90:8c:
ac:e4:b4:a1:77:fc:fc:b6:19:4c:e5:c6:67:29:db:e1:83:a9:
89:fe:dd:18:59:22:62:a7:7d:b7:5b:30:a6:82:ee:f9:29:52:
d2:31:ec:c3:1f:ab:fd:74:31:ab:bb:92:49:3b:e8:d5:e8:ba:
a7:6c:1d:ea
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBfUphzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDYx
NjIwMDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWY3Yzk1NjExZDk0
YTUyYWJiOGRhYTBmNjk1NzIxY2M2YzgzZjJmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvzx3XV3TxGxhPJOP91HiCU7GnTbnCLbb7/sczIyFOQmJ4z
po+zTqfWh4lgSuzmHxAFXFMHNLryDIaoqKFpPo3qot8PcwusdOnmEWDFBEU3R/8k
LtGzDvy+43ppUjXQYGJoTvrzisqMNRZhyvbTcNm7oG5sPe6jGTTS4B5X54VQAbK3
IZzwZ5bfc2InMQK1eFJHiIXY1Gy1Q96kVH5H0t7mRpHEgqXkwVPU8P+bckiXQiko
ymHM2r1wJlPEGzT/vApM/RhhzVbJoj0Cf9xcexD/nS53kZ05jzqDzBxWaluq5C8z
bDBeSYBMISn8KwjS//X0dHhHpjW+C7kdf29eB1sCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSffJVhHZSlKruNqg9pVyHMbIPy9zAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L24zeVZZUjJVcFNxN2phb1BhVmNoekd5RDh2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAwemxAwQGwemAMA0GCSqGSIb3
DQEBCwUAA4IBAQAE6zyc5/NP8BfxO6NZZNeEiLo0uJMdBcz09jDOX4M3SgaS/Uum
D3lH8EMyYW8k89rw776P+NqE4Cg190UdWAchh7IRBm3VH9o3XoKkIZsDNm31fvvM
mEOYWUPfi00VCmmDmULcGsqaganR90gAFm0LYOlz5/2qARBm+tM2u10SXfpwe7rv
BkYt01iOM3d2kaX6B8lCwPVwBGkY1PCWonQyL1SZnnksxFDq22UYaZdmiJSJi0Dw
sPsBulniLjwzkV1zzNfdkIys5LShd/z8thlM5cZnKdvhg6mJ/t0YWSJip323WzCm
gu75KVLSMezDH6v9dDGru5JJO+jV6LqnbB3q
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:39 2023 by rpki-client on console-fra.rpki-client.org