Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oMCbzC1MgzilEg5CUGNgt5Yp9Rk.roa
File: oMCbzC1MgzilEg5CUGNgt5Yp9Rk.roa (raw, json)
Hash identifier: X/JoYlNifjY/NJRo3+8RkCoa7xggTUxMvmpxAvyoNBU=
Subject key identifier: A0:C0:9B:CC:2D:4C:83:38:A5:12:0E:42:50:63:60:B7:96:29:F5:19
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0182D1F5C3225F9CED22585FDE34A4DA7E42
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oMCbzC1MgzilEg5CUGNgt5Yp9Rk.roa
Signing time: Wed 24 Aug 2022 22:25:20 +0000
ROA not before: Wed 24 Aug 2022 22:25:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 193.233.124.0/22 maxlen: 22
193.233.120.0/22 maxlen: 22
193.233.132.0/22 maxlen: 22
193.233.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d1:f5:c3:22:5f:9c:ed:22:58:5f:de:34:a4:da:7e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Aug 24 22:25:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0c09bcc2d4c8338a5120e42506360b79629f519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:5e:6c:c2:bc:57:2e:a9:4d:85:23:d5:f4:
bc:03:3a:16:c8:aa:83:c1:f1:58:06:ea:ac:2b:91:
bc:ee:4d:4e:f7:c7:3f:ca:d0:05:25:0d:24:8c:d2:
32:3a:c8:bb:1f:81:57:8c:cb:97:96:19:57:fd:76:
b4:9b:6d:12:b1:08:17:d8:bd:2e:cf:70:78:af:a1:
a3:24:ad:fc:5b:ff:e3:ab:f7:9a:6b:ef:95:d3:e2:
2e:e8:ae:35:bd:aa:45:22:2e:f2:ca:7d:14:67:3e:
50:86:27:da:f1:8c:46:57:18:33:79:3d:94:cf:a6:
7f:5b:f1:65:80:26:09:6a:fb:b4:29:3f:0c:17:0d:
e4:98:e0:d7:f0:49:cb:9c:6a:62:73:0a:e2:e9:0f:
5a:e2:76:9b:5a:eb:a5:8a:ca:ff:d3:52:04:e9:80:
62:ce:c6:b4:e9:a1:03:8d:b1:3f:fc:9e:1d:97:8e:
1e:64:ef:ca:b5:40:85:cc:f4:92:30:3c:bf:3f:c5:
a2:3b:30:34:24:41:aa:98:85:ff:1b:9c:bf:51:a7:
5c:d2:9a:ae:1c:ff:dc:33:b8:33:f1:e8:f0:83:d8:
68:33:f3:7a:94:51:b2:51:88:b6:7d:bf:de:f8:f6:
38:02:cc:28:60:15:53:a5:76:08:ff:b9:4e:03:ab:
e8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C0:9B:CC:2D:4C:83:38:A5:12:0E:42:50:63:60:B7:96:29:F5:19
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oMCbzC1MgzilEg5CUGNgt5Yp9Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.120.0/21
193.233.132.0/22
193.233.236.0/22
Signature Algorithm: sha256WithRSAEncryption
20:73:e2:bc:cd:c6:04:62:24:02:f8:75:33:9d:6e:10:df:cb:
78:a9:53:2f:6b:46:c3:f6:e3:44:7c:1c:fe:b3:32:33:74:62:
e3:b3:20:ad:1b:c8:e5:70:da:be:39:ab:75:3f:ac:86:cd:db:
1a:06:05:74:fb:77:bd:38:c0:c0:e0:dd:7c:22:10:6f:21:c9:
79:47:36:af:b9:91:f1:bf:d9:57:c5:59:3e:7f:d8:ac:86:dc:
2b:69:5d:fc:b1:a1:2e:6a:61:98:44:6f:2d:fa:ec:7d:d0:f8:
d1:20:74:f7:a9:d6:d6:80:db:4e:a9:17:ae:a9:c5:e8:df:fc:
a9:81:11:79:90:dd:11:80:67:f8:5b:21:d8:1d:6d:c7:0f:9e:
f1:a2:0e:cc:29:89:a9:da:17:52:71:33:92:da:94:1e:36:a9:
43:18:dc:be:81:f6:6e:d7:4a:67:aa:35:05:b1:90:6b:60:65:
e9:bb:0f:4e:05:e3:c1:5b:6d:ba:11:c4:19:24:32:30:59:33:
ce:f5:cd:c7:1c:b6:13:c0:37:b7:73:25:cc:3f:c1:80:4c:29:
46:e2:68:87:e1:ef:34:23:48:61:ce:ff:12:7b:be:1a:e8:4a:
b9:27:8a:d3:39:09:de:07:96:db:44:e8:06:f6:d0:54:9c:98:
df:c6:83:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLR9cMiX5ztIlhf3jSk2n5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwODI0MjIyNTIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGMwOWJjYzJkNGM4MzM4YTUxMjBlNDI1MDYzNjBiNzk2MjlmNTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuRebMK8Vy6pTYUj1fS8AzoWyKqD
wfFYBuqsK5G87k1O98c/ytAFJQ0kjNIyOsi7H4FXjMuXlhlX/Xa0m20SsQgX2L0u
z3B4r6GjJK38W//jq/eaa++V0+Iu6K41vapFIi7yyn0UZz5Qhifa8YxGVxgzeT2U
z6Z/W/FlgCYJavu0KT8MFw3kmODX8EnLnGpicwri6Q9a4nabWuulisr/01IE6YBi
zsa06aEDjbE//J4dl44eZO/KtUCFzPSSMDy/P8WiOzA0JEGqmIX/G5y/Uadc0pqu
HP/cM7gz8ejwg9hoM/N6lFGyUYi2fb/e+PY4AswoYBVTpXYI/7lOA6voGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKDAm8wtTIM4pRIOQlBjYLeWKfUZMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvb01DYnpDMU1nemlsRWc1Q1VHTmd0NVlwOVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDwel4AwQC
wemEAwQCwensMA0GCSqGSIb3DQEBCwUAA4IBAQAgc+K8zcYEYiQC+HUznW4Q38t4
qVMva0bD9uNEfBz+szIzdGLjsyCtG8jlcNq+Oat1P6yGzdsaBgV0+3e9OMDA4N18
IhBvIcl5RzavuZHxv9lXxVk+f9ishtwraV38saEuamGYRG8t+ux90PjRIHT3qdbW
gNtOqReuqcXo3/ypgRF5kN0RgGf4WyHYHW3HD57xog7MKYmp2hdScTOS2pQeNqlD
GNy+gfZu10pnqjUFsZBrYGXpuw9OBePBW226EcQZJDIwWTPO9c3HHLYTwDe3cyXM
P8GATClG4miH4e80I0hhzv8Se74a6Eq5J4rTOQneB5bbROgG9tBUnJjfxoPi
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:39 2023 by rpki-client on console-fra.rpki-client.org