Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/pJmoX7C_qyJjFH_N22t8TmUOs40.roa
File: pJmoX7C_qyJjFH_N22t8TmUOs40.roa (raw, json)
Hash identifier: DU9rABV8+sTuwzuNGHcuOI7Z3A9GyBjxx+X/MLqP2DE=
Subject key identifier: A4:99:A8:5F:B0:BF:AB:22:63:14:7F:CD:DB:6B:7C:4E:65:0E:B3:8D
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 05F3D5BD
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/pJmoX7C_qyJjFH_N22t8TmUOs40.roa
Signing time: Thu 16 Jun 2022 15:42:44 +0000
ROA not before: Thu 16 Jun 2022 15:42:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51659
IP address blocks: 193.233.16.0/24 maxlen: 24
193.233.22.0/24 maxlen: 24
193.233.23.0/24 maxlen: 24
193.233.21.0/24 maxlen: 24
193.233.19.0/24 maxlen: 24
193.233.20.0/24 maxlen: 24
193.233.240.0/22 maxlen: 22
193.233.18.0/24 maxlen: 24
193.233.252.0/22 maxlen: 22
193.233.61.0/24 maxlen: 24
193.233.84.0/22 maxlen: 22
193.233.92.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99866045 (0x5f3d5bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jun 16 15:42:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a499a85fb0bfab2263147fcddb6b7c4e650eb38d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7f:a8:65:ab:29:8d:7b:84:19:70:c3:d1:8c:
6c:66:5b:f2:47:b1:e3:1d:14:91:2e:a5:dc:c8:49:
f2:b5:7f:82:c4:ac:f4:2a:2c:f2:6f:96:76:a5:d5:
b6:34:60:be:64:e0:31:61:44:6c:74:40:c2:ec:df:
84:be:29:d2:59:f0:5e:b6:c7:77:eb:be:ad:92:3d:
76:b4:57:1f:54:9b:77:31:c7:96:89:ba:0a:e1:96:
6a:de:d7:44:af:0f:15:4d:3a:2c:ef:40:d9:50:91:
ce:d4:a2:33:7f:fd:a6:85:fa:87:56:39:ff:14:1a:
50:8e:30:88:7f:a8:3b:33:78:25:74:d1:49:d2:7d:
88:93:79:f1:a1:3c:06:d6:11:53:68:bb:58:4e:93:
77:ef:55:ac:43:36:a6:92:0b:88:d8:64:0e:0d:db:
7c:f5:11:3b:6f:d6:86:4c:d0:7e:56:63:d8:4f:2e:
c4:5d:ba:87:aa:aa:49:59:9d:21:97:26:a5:06:32:
d1:f1:27:13:44:20:68:db:22:88:38:ae:df:d7:4a:
e4:56:85:e5:64:45:33:52:09:a4:fe:86:67:64:22:
37:3c:e2:8f:ec:1e:98:63:ba:38:84:3c:7e:f9:50:
3a:96:2f:b4:1e:2d:64:45:df:a2:5d:65:9f:6c:3f:
bc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:99:A8:5F:B0:BF:AB:22:63:14:7F:CD:DB:6B:7C:4E:65:0E:B3:8D
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/pJmoX7C_qyJjFH_N22t8TmUOs40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.16.0/24
193.233.18.0-193.233.23.255
193.233.61.0/24
193.233.84.0/22
193.233.92.0/22
193.233.240.0/22
193.233.252.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:0a:6c:5b:e5:73:16:d4:f0:40:c8:99:33:40:3f:01:9d:37:
d6:8c:ab:ee:a5:29:40:f4:47:c2:2c:ff:7b:85:fa:db:6a:dd:
d0:df:ec:7b:91:06:b1:4a:b3:16:00:8d:41:61:95:e4:2f:8d:
f6:4c:b5:26:b7:e7:7a:b0:37:18:7e:d6:f2:fe:b8:82:bb:d4:
64:ad:8e:83:47:83:2a:2b:d0:a4:04:aa:85:79:7c:16:7b:b7:
19:bf:2c:9a:22:3c:f7:c3:24:60:b7:f2:76:13:22:0c:19:38:
7a:18:ba:5c:25:e1:4f:f4:39:52:44:d2:e1:bf:05:ce:3a:e4:
73:03:ab:fb:0b:d4:d3:01:25:ba:b7:dd:22:b1:97:09:f1:13:
4e:91:23:67:5c:30:04:3d:41:de:9f:04:ae:0d:78:4e:c4:24:
36:4c:5c:86:b6:33:51:d6:a5:57:96:f0:ea:41:a7:d4:7b:1d:
10:5e:c2:f3:f4:33:d2:75:28:bd:a2:7c:8c:15:a3:e1:df:c8:
1f:e2:1c:64:ab:a2:9f:2d:ba:29:bc:34:d5:09:3d:3f:89:4a:
7a:b7:3d:32:5a:dd:1f:b7:f1:62:b8:6b:9f:ba:63:b3:2c:27:
56:f5:c9:c7:4a:14:07:72:86:ed:60:87:f0:d0:33:ed:2f:70:
a7:17:01:58
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEBfPVvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDYx
NjE1NDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ5OWE4NWZiMGJm
YWIyMjYzMTQ3ZmNkZGI2YjdjNGU2NTBlYjM4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJ/qGWrKY17hBlww9GMbGZb8kex4x0UkS6l3MhJ8rV/gsSs
9Cos8m+WdqXVtjRgvmTgMWFEbHRAwuzfhL4p0lnwXrbHd+u+rZI9drRXH1SbdzHH
lom6CuGWat7XRK8PFU06LO9A2VCRztSiM3/9poX6h1Y5/xQaUI4wiH+oOzN4JXTR
SdJ9iJN58aE8BtYRU2i7WE6Td+9VrEM2ppILiNhkDg3bfPURO2/WhkzQflZj2E8u
xF26h6qqSVmdIZcmpQYy0fEnE0QgaNsiiDiu39dK5FaF5WRFM1IJpP6GZ2QiNzzi
j+wemGO6OIQ8fvlQOpYvtB4tZEXfol1ln2w/vA8CAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBSkmahfsL+rImMUf83ba3xOZQ6zjTAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L3BKbW9YN0NfcXlKakZIX04yMnQ4VG1VT3M0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAMHpEDAMAwQBwekSAwQDwekQAwQA
wek9AwQCwelUAwQCwelcAwQCwenwAwQCwen8MA0GCSqGSIb3DQEBCwUAA4IBAQBN
Cmxb5XMW1PBAyJkzQD8BnTfWjKvupSlA9EfCLP97hfrbat3Q3+x7kQaxSrMWAI1B
YZXkL432TLUmt+d6sDcYftby/riCu9RkrY6DR4MqK9CkBKqFeXwWe7cZvyyaIjz3
wyRgt/J2EyIMGTh6GLpcJeFP9DlSRNLhvwXOOuRzA6v7C9TTASW6t90isZcJ8RNO
kSNnXDAEPUHenwSuDXhOxCQ2TFyGtjNR1qVXlvDqQafUex0QXsLz9DPSdSi9onyM
FaPh38gf4hxkq6KfLbopvDTVCT0/iUp6tz0yWt0ft/FiuGufumOzLCdW9cnHShQH
cobtYIfw0DPtL3CnFwFY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:33 2024 by rpki-client on console-ams.rpki-client.org