Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nFRwS-TEo4KuRHrpdUWK1q0L450.roa
File: nFRwS-TEo4KuRHrpdUWK1q0L450.roa (raw, json)
Hash identifier: XrBAVIgDXktbywu8H2c+hqz1ASUBJWm53uSl1YVYn88=
Subject key identifier: 9C:54:70:4B:E4:C4:A3:82:AE:44:7A:E9:75:45:8A:D6:AD:0B:E3:9D
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 042796EB
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nFRwS-TEo4KuRHrpdUWK1q0L450.roa
Signing time: Sat 01 Jan 2022 12:04:54 +0000
ROA not before: Sat 01 Jan 2022 12:04:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42007
IP address blocks: 193.233.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69703403 (0x42796eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 12:04:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c54704be4c4a382ae447ae975458ad6ad0be39d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9d:94:7a:df:0f:d8:31:ed:5e:e8:a9:9c:cc:
fe:d1:34:3e:91:94:66:1e:cb:89:bf:25:06:75:1f:
4c:42:2e:e8:a5:14:6e:aa:94:42:61:8e:4d:67:97:
02:b0:bc:eb:de:2b:67:d2:11:b7:32:20:4f:3e:73:
33:3d:11:a7:de:e3:3d:55:ea:3e:ac:99:3b:83:4f:
6a:a0:4b:16:74:6c:17:06:8f:7a:0a:7f:f1:cc:ce:
3a:4a:3a:10:34:67:0c:03:b6:5d:93:04:1e:d0:e8:
b8:5a:35:f4:16:e7:d9:ed:b8:e7:52:88:ee:ce:a4:
81:07:f2:07:36:a7:d8:5d:22:45:2e:dd:11:bd:24:
fc:0e:7f:34:4c:d5:e9:00:ea:00:94:40:27:35:1f:
a1:ae:ae:93:d1:ee:02:ac:75:b2:90:27:69:94:c1:
d4:b8:e7:0b:4c:78:07:f9:0b:db:01:e0:09:15:82:
d4:6b:b3:3f:50:9d:4f:91:2c:74:b9:76:09:3d:8b:
aa:0a:33:ef:fd:1c:06:1a:ae:d1:03:79:ff:98:92:
b5:03:96:26:eb:37:f9:3e:fa:31:a3:49:2b:9f:1e:
58:f4:60:2e:42:9f:f3:e2:c4:86:b2:b7:30:31:08:
c4:aa:be:1a:ab:c7:85:7f:1c:c3:80:9e:87:0d:3a:
23:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:54:70:4B:E4:C4:A3:82:AE:44:7A:E9:75:45:8A:D6:AD:0B:E3:9D
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nFRwS-TEo4KuRHrpdUWK1q0L450.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.32.0/20
Signature Algorithm: sha256WithRSAEncryption
69:0c:0c:8d:a7:14:a8:cd:1d:27:cd:44:6c:ef:39:58:83:a4:
0d:63:d7:b0:25:10:b5:0b:f8:03:63:5f:c4:90:be:6b:58:aa:
36:22:73:cc:47:6b:0f:24:3b:0e:4e:be:3a:11:df:c9:f7:e9:
f6:4b:e0:5c:e4:e5:8c:ec:7e:77:96:0b:72:d8:5a:fa:84:3f:
9d:b1:0c:88:8e:a0:df:13:3a:1c:11:f1:47:29:f6:06:a8:bf:
2e:43:cb:4b:d9:16:c4:07:d0:03:98:5b:6e:e6:77:ee:ca:da:
9c:3f:ca:c1:fe:91:50:cf:41:a1:70:35:18:2f:1a:d1:2a:e0:
c2:74:c8:78:b2:78:a5:c7:d1:78:33:6e:3c:56:aa:c4:36:e7:
c4:ab:13:5d:fd:ba:46:f6:8d:db:e2:f4:25:76:db:cb:98:3d:
27:e0:11:71:94:18:a1:a9:cb:7d:d3:da:a1:f1:80:85:f6:8e:
87:99:d4:dd:bd:09:07:a3:0b:b4:cb:00:86:0a:b1:b2:35:a8:
43:81:06:aa:7c:4a:5c:f5:07:f4:3b:70:9b:5a:d8:2e:de:f4:
80:e6:ea:3b:3d:9d:2f:ee:ab:01:88:69:1c:dd:5c:8d:38:2d:
aa:51:34:3e:32:91:2f:24:83:12:a5:dd:f0:11:da:6b:b4:2a:
ad:42:2e:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCeW6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEw
MTEyMDQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWM1NDcwNGJlNGM0
YTM4MmFlNDQ3YWU5NzU0NThhZDZhZDBiZTM5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmdlHrfD9gx7V7oqZzM/tE0PpGUZh7Lib8lBnUfTEIu6KUU
bqqUQmGOTWeXArC8694rZ9IRtzIgTz5zMz0Rp97jPVXqPqyZO4NPaqBLFnRsFwaP
egp/8czOOko6EDRnDAO2XZMEHtDouFo19Bbn2e2451KI7s6kgQfyBzan2F0iRS7d
Eb0k/A5/NEzV6QDqAJRAJzUfoa6uk9HuAqx1spAnaZTB1LjnC0x4B/kL2wHgCRWC
1GuzP1CdT5EsdLl2CT2Lqgoz7/0cBhqu0QN5/5iStQOWJus3+T76MaNJK58eWPRg
LkKf8+LEhrK3MDEIxKq+GqvHhX8cw4Cehw06I+cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBScVHBL5MSjgq5Eeul1RYrWrQvjnTAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L25GUndTLVRFbzRLdVJIcnBkVVdLMXEwTDQ1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMHpIDANBgkqhkiG9w0BAQsFAAOC
AQEAaQwMjacUqM0dJ81EbO85WIOkDWPXsCUQtQv4A2NfxJC+a1iqNiJzzEdrDyQ7
Dk6+OhHfyffp9kvgXOTljOx+d5YLctha+oQ/nbEMiI6g3xM6HBHxRyn2Bqi/LkPL
S9kWxAfQA5hbbuZ37sranD/Kwf6RUM9BoXA1GC8a0SrgwnTIeLJ4pcfReDNuPFaq
xDbnxKsTXf26RvaN2+L0JXbby5g9J+ARcZQYoanLfdPaofGAhfaOh5nU3b0JB6ML
tMsAhgqxsjWoQ4EGqnxKXPUH9Dtwm1rYLt70gObqOz2dL+6rAYhpHN1cjTgtqlE0
PjKRLySDEqXd8BHaa7QqrUIuSA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:39 2023 by rpki-client on console-fra.rpki-client.org