Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qpAybvy1okuvGZLuALkQ_oDj29s.roa
File: qpAybvy1okuvGZLuALkQ_oDj29s.roa (raw, json)
Hash identifier: fk3oUk0hCsTtXS4UDUdAaI0mqtTbfYUbmjpM63BAAKY=
Subject key identifier: AA:90:32:6E:FC:B5:A2:4B:AF:19:92:EE:00:B9:10:FE:80:E3:DB:DB
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018309F6F37E4D8B6AF4FD5C7CBD2177DA2D
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qpAybvy1okuvGZLuALkQ_oDj29s.roa
Signing time: Sun 04 Sep 2022 19:25:22 +0000
ROA not before: Sun 04 Sep 2022 19:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 193.233.232.0/22 maxlen: 22
193.233.85.0/24 maxlen: 24
193.233.94.0/23 maxlen: 24
193.233.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:09:f6:f3:7e:4d:8b:6a:f4:fd:5c:7c:bd:21:77:da:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 4 19:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa90326efcb5a24baf1992ee00b910fe80e3dbdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f9:90:89:12:a0:0d:7a:11:21:0f:68:64:9d:
26:26:c6:8a:da:f4:7d:a6:22:04:ca:5a:09:57:f3:
20:68:57:5c:22:a5:86:c5:18:87:bb:14:cf:60:ce:
66:23:bb:53:60:2d:db:e2:10:4e:79:77:6e:e5:a5:
42:2a:d1:17:4c:d3:54:6d:09:3e:61:72:36:a0:ac:
ad:b7:0f:b0:f9:f1:64:03:0b:61:74:00:02:11:0f:
1a:1b:3d:0e:48:5f:c8:46:24:0f:a4:be:0c:f3:f1:
65:86:fa:1b:4a:0a:7c:20:60:20:c9:84:ff:62:10:
7b:76:3d:00:a7:c7:c7:06:60:c1:df:4d:29:23:77:
68:ea:95:e4:49:db:9b:b6:0d:7b:04:c6:9a:11:d3:
19:0e:0d:77:26:6b:29:dc:2e:78:49:a2:3a:85:4f:
83:d8:07:80:40:42:ed:88:1f:db:8f:18:27:fb:68:
62:e6:60:aa:7f:95:c1:ec:55:c5:cb:47:8a:89:d6:
87:4a:18:7e:47:99:1a:3e:bc:02:a5:d8:97:43:11:
b0:35:93:ce:cb:c9:d4:7a:c1:f9:e1:91:41:5c:14:
fc:b9:7c:d6:9a:bc:24:d8:66:60:c6:fc:09:9e:c1:
b7:5d:89:00:0b:4a:d9:ae:31:d8:ff:2b:e9:4f:d4:
46:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:90:32:6E:FC:B5:A2:4B:AF:19:92:EE:00:B9:10:FE:80:E3:DB:DB
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qpAybvy1okuvGZLuALkQ_oDj29s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.85.0/24
193.233.93.0-193.233.95.255
193.233.232.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:a5:ec:b0:81:d2:90:83:66:00:fc:f1:6b:43:3e:80:3e:9b:
a9:9a:86:6e:4d:3b:11:6d:4c:d5:3c:31:7e:ed:d4:45:1e:53:
24:0e:a0:33:7d:e0:e8:29:8b:2f:f2:7f:31:5c:5e:32:86:21:
15:bf:7b:98:6c:c7:79:4e:82:d5:27:21:e2:6e:04:e4:db:9c:
9f:39:23:a5:72:27:c9:7e:94:c2:ae:63:c4:71:f8:2e:44:5d:
14:75:8d:c4:55:97:9d:2c:c4:30:e5:34:f5:1a:b5:1e:c5:fe:
e9:98:69:92:8e:2b:ec:16:fa:e2:98:1f:0b:e4:da:82:7a:c9:
38:c1:a1:ad:0e:20:a5:a5:97:dc:19:1e:bf:ff:db:32:a8:e8:
40:a0:ed:6c:ca:62:2e:ae:bd:5e:cf:22:2f:22:48:32:1c:b4:
69:2b:28:31:3e:3e:8b:a3:fa:8f:d8:e4:a1:e9:28:cb:ef:81:
03:e9:51:21:68:e8:c4:46:e5:13:20:66:e1:f8:4a:76:93:14:
0d:23:c3:1d:ff:d9:6d:ce:9c:4e:ca:ab:03:41:42:35:e9:51:
fe:bf:87:85:9f:be:4c:45:fb:da:f4:11:f3:f6:1a:e2:7c:37:
82:5b:d3:6a:17:64:62:cc:27:86:06:10:72:ab:09:44:06:2f:
79:90:81:48
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYMJ9vN+TYtq9P1cfL0hd9otMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwOTA0MTkyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTkwMzI2ZWZjYjVhMjRiYWYxOTkyZWUwMGI5MTBmZTgwZTNkYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvmQiRKgDXoRIQ9oZJ0mJsaK2vR9
piIEyloJV/MgaFdcIqWGxRiHuxTPYM5mI7tTYC3b4hBOeXdu5aVCKtEXTNNUbQk+
YXI2oKyttw+w+fFkAwthdAACEQ8aGz0OSF/IRiQPpL4M8/FlhvobSgp8IGAgyYT/
YhB7dj0Ap8fHBmDB300pI3do6pXkSdubtg17BMaaEdMZDg13Jmsp3C54SaI6hU+D
2AeAQELtiB/bjxgn+2hi5mCqf5XB7FXFy0eKidaHShh+R5kaPrwCpdiXQxGwNZPO
y8nUesH54ZFBXBT8uXzWmrwk2GZgxvwJnsG3XYkAC0rZrjHY/yvpT9RGVQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKqQMm78taJLrxmS7gC5EP6A49vbMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvcXBBeWJ2eTFva3V2R1pMdUFMa1Ffb0RqMjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwelVMAwD
BADB6V0DBAXB6UADBALB6egwDQYJKoZIhvcNAQELBQADggEBADyl7LCB0pCDZgD8
8WtDPoA+m6mahm5NOxFtTNU8MX7t1EUeUyQOoDN94Ogpiy/yfzFcXjKGIRW/e5hs
x3lOgtUnIeJuBOTbnJ85I6VyJ8l+lMKuY8Rx+C5EXRR1jcRVl50sxDDlNPUatR7F
/umYaZKOK+wW+uKYHwvk2oJ6yTjBoa0OIKWll9wZHr//2zKo6ECg7WzKYi6uvV7P
Ii8iSDIctGkrKDE+Pouj+o/Y5KHpKMvvgQPpUSFo6MRG5RMgZuH4SnaTFA0jwx3/
2W3OnE7KqwNBQjXpUf6/h4WfvkxF+9r0EfP2GuJ8N4Jb02oXZGLMJ4YGEHKrCUQG
L3mQgUg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-ams.rpki-client.org