Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oXsVselfdhxWAi3RcC4_AjdjnjY.roa
File: oXsVselfdhxWAi3RcC4_AjdjnjY.roa (raw, json)
Hash identifier: AO7kJUo9BGIB+0t6Et4FGkSmeiuUfC0zWVansVxrExg=
Subject key identifier: A1:7B:15:B1:E9:5F:76:1C:56:02:2D:D1:70:2E:3F:02:37:63:9E:36
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 047FF7C8
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oXsVselfdhxWAi3RcC4_AjdjnjY.roa
Signing time: Mon 24 Jan 2022 12:04:56 +0000
ROA not before: Mon 24 Jan 2022 12:04:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51659
IP address blocks: 193.233.84.0/22 maxlen: 22
193.233.92.0/22 maxlen: 22
193.233.17.0/24 maxlen: 24
193.233.16.0/24 maxlen: 24
193.233.22.0/24 maxlen: 24
193.233.23.0/24 maxlen: 24
193.233.21.0/24 maxlen: 24
193.233.19.0/24 maxlen: 24
193.233.20.0/24 maxlen: 24
193.233.240.0/22 maxlen: 22
193.233.18.0/24 maxlen: 24
193.233.252.0/22 maxlen: 22
193.233.61.0/24 maxlen: 24
193.233.192.0/22 maxlen: 22
193.233.224.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75495368 (0x47ff7c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 24 12:04:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a17b15b1e95f761c56022dd1702e3f0237639e36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0c:b5:1e:de:8f:b9:bf:0e:6a:6b:8f:ae:ad:
05:fb:54:d5:85:6e:d6:51:43:ea:68:6b:a3:9d:a9:
73:a7:ed:a0:37:f7:c9:eb:ac:cd:84:ab:13:b6:67:
31:09:73:88:0e:4c:d4:0a:3d:b4:4f:15:2e:95:d2:
ea:93:34:87:94:72:95:45:a8:0e:68:74:c0:d5:2a:
7d:ba:5d:99:ac:48:44:b7:1e:60:77:68:5b:35:48:
dd:04:0d:52:cd:04:6e:37:95:e1:83:f0:d4:61:e7:
1a:76:f8:92:6a:c3:22:50:60:73:49:a6:4e:71:56:
c7:a3:e2:fd:0f:2d:89:4a:f8:1c:3e:54:8f:06:05:
9a:04:d9:62:c0:c6:3d:59:bc:22:dc:34:9c:f6:b4:
42:74:be:7a:ac:ca:03:c4:89:5f:ac:a4:74:8b:38:
7c:19:ac:ce:18:7b:89:71:5d:cd:74:2e:1c:67:bb:
f6:3b:88:ca:39:e9:9d:de:34:02:5e:b8:87:0e:c2:
c5:8d:5a:70:46:21:6c:7e:36:a5:a3:8d:9a:92:55:
87:56:9f:95:59:00:18:90:eb:b8:43:cb:d6:48:01:
b1:fa:11:ba:95:ac:55:82:93:51:52:ef:7d:26:6a:
34:76:5f:93:ed:a3:18:37:36:2b:67:4a:91:69:18:
60:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7B:15:B1:E9:5F:76:1C:56:02:2D:D1:70:2E:3F:02:37:63:9E:36
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oXsVselfdhxWAi3RcC4_AjdjnjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.16.0/21
193.233.61.0/24
193.233.84.0/22
193.233.92.0/22
193.233.192.0/22
193.233.224.0/22
193.233.240.0/22
193.233.252.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:0b:7b:fa:5a:86:6d:e3:60:01:26:91:c5:d4:92:60:66:35:
13:59:61:4d:09:b7:cc:8d:51:bb:29:2f:83:03:de:59:2f:a8:
c5:40:db:c8:aa:d2:55:92:8e:7d:cd:e4:72:36:ab:08:9f:bf:
80:f2:29:e0:55:c5:c0:6e:ed:04:44:86:37:f0:a7:c5:27:48:
a6:92:34:de:b4:de:76:67:49:64:90:7b:57:d6:8c:09:7d:b1:
df:14:c2:af:e4:ae:7b:54:bb:1b:3d:05:36:0c:64:ee:ab:8c:
5a:4b:20:e5:29:a7:b1:f4:91:b4:ec:27:0f:a5:64:0f:91:2a:
f4:ec:c0:62:6d:70:cd:b2:6d:67:3e:f0:a4:92:3e:19:c3:ca:
2e:40:7c:6b:8c:82:74:40:98:5e:35:44:d6:34:2e:66:21:50:
29:cc:ed:77:d1:b6:ac:6c:0e:d8:c6:4f:de:ad:f3:09:59:f7:
0f:60:91:29:07:57:24:33:f5:87:6c:9f:f4:a5:8c:a9:f2:9d:
bb:65:1f:7f:47:79:62:d6:41:7d:4f:45:8a:09:5e:38:b3:73:
b4:ee:9c:73:ac:78:a5:3c:f2:a8:7a:37:94:4a:14:fe:cb:00:
b2:9c:25:98:2b:3d:e5:28:46:6d:77:86:63:5f:09:24:bd:4d:
85:d2:3c:b5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBH/3yDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEy
NDEyMDQ1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE3YjE1YjFlOTVm
NzYxYzU2MDIyZGQxNzAyZTNmMDIzNzYzOWUzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKMMtR7ej7m/Dmprj66tBftU1YVu1lFD6mhro52pc6ftoDf3
yeuszYSrE7ZnMQlziA5M1Ao9tE8VLpXS6pM0h5RylUWoDmh0wNUqfbpdmaxIRLce
YHdoWzVI3QQNUs0EbjeV4YPw1GHnGnb4kmrDIlBgc0mmTnFWx6Pi/Q8tiUr4HD5U
jwYFmgTZYsDGPVm8Itw0nPa0QnS+eqzKA8SJX6ykdIs4fBmszhh7iXFdzXQuHGe7
9juIyjnpnd40Al64hw7CxY1acEYhbH42paONmpJVh1aflVkAGJDruEPL1kgBsfoR
upWsVYKTUVLvfSZqNHZfk+2jGDc2K2dKkWkYYHcCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBShexWx6V92HFYCLdFwLj8CN2OeNjAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L29Yc1ZzZWxmZGh4V0FpM1JjQzRfQWpkam5qWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEA8HpEAMEAMHpPQMEAsHpVAMEAsHp
XAMEAsHpwAMEAsHp4AMEAsHp8AMEAsHp/DANBgkqhkiG9w0BAQsFAAOCAQEAjAt7
+lqGbeNgASaRxdSSYGY1E1lhTQm3zI1RuykvgwPeWS+oxUDbyKrSVZKOfc3kcjar
CJ+/gPIp4FXFwG7tBESGN/CnxSdIppI03rTedmdJZJB7V9aMCX2x3xTCr+Sue1S7
Gz0FNgxk7quMWksg5SmnsfSRtOwnD6VkD5Eq9OzAYm1wzbJtZz7wpJI+GcPKLkB8
a4yCdECYXjVE1jQuZiFQKcztd9G2rGwO2MZP3q3zCVn3D2CRKQdXJDP1h2yf9KWM
qfKdu2Uff0d5YtZBfU9FigleOLNztO6cc6x4pTzyqHo3lEoU/ssAspwlmCs95ShG
bXeGY18JJL1NhdI8tQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-ams.rpki-client.org