Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/s-zXsd1N6O4az2tU2S-CwnGxuag.roa
File: s-zXsd1N6O4az2tU2S-CwnGxuag.roa (raw, json)
Hash identifier: 7se2l8YD9FunTNe3yIL+8g4piCdjJnkEr8qB4i+p5Og=
Subject key identifier: B3:EC:D7:B1:DD:4D:E8:EE:1A:CF:6B:54:D9:2F:82:C2:71:B1:B9:A8
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0592C243
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/s-zXsd1N6O4az2tU2S-CwnGxuag.roa
Signing time: Fri 13 May 2022 07:20:03 +0000
ROA not before: Fri 13 May 2022 07:20:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 193.233.120.0/24 maxlen: 24
193.233.121.0/24 maxlen: 24
193.233.124.0/24 maxlen: 24
193.233.125.0/24 maxlen: 24
193.233.122.0/24 maxlen: 24
193.233.123.0/24 maxlen: 24
193.233.127.0/24 maxlen: 24
193.233.126.0/24 maxlen: 24
193.233.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93504067 (0x592c243)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: May 13 07:20:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3ecd7b1dd4de8ee1acf6b54d92f82c271b1b9a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:db:6b:a0:ad:0f:ef:9d:8b:8c:e0:37:d9:eb:
6e:13:94:f0:61:5f:31:e4:a6:cb:4a:09:29:a2:28:
cc:19:e3:f9:71:57:db:3e:cf:4e:69:1d:77:70:77:
50:de:23:7c:a3:3f:91:6a:51:b0:f0:89:2a:30:52:
bb:c9:d1:8d:aa:4f:85:c7:b9:7c:1e:4c:be:32:dd:
15:45:4f:5f:59:bb:99:62:ac:c9:53:20:98:63:4b:
45:a8:ce:f7:17:84:29:f7:dc:5a:55:cd:a5:0b:88:
29:be:bc:d4:20:be:f9:6c:13:3a:d4:48:8b:f3:d6:
d0:45:52:25:81:93:c0:e3:e3:94:6b:ad:65:f8:e2:
04:94:00:07:c1:1f:cb:f0:3b:d3:22:e6:1c:67:0f:
8f:27:d6:39:36:ff:dd:ce:11:e6:6b:4c:ce:a4:21:
8d:6d:92:01:00:7a:c4:6c:2c:cf:f7:30:f7:b8:3c:
45:b4:2e:46:13:11:e4:b8:c6:77:1f:a8:ab:ce:67:
66:e8:cb:1b:b0:a3:c0:2e:91:c0:1d:06:65:f1:de:
38:b3:68:37:78:e5:06:ba:a9:f2:12:ac:17:fc:57:
9a:ac:0b:18:e0:ab:d9:7f:65:b1:3f:76:de:12:29:
2c:fe:10:49:cc:29:10:f1:6f:d7:51:8d:32:24:b6:
06:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:EC:D7:B1:DD:4D:E8:EE:1A:CF:6B:54:D9:2F:82:C2:71:B1:B9:A8
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/s-zXsd1N6O4az2tU2S-CwnGxuag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.100.0/22
193.233.120.0/21
Signature Algorithm: sha256WithRSAEncryption
29:46:56:e4:6f:f1:0f:f8:a9:44:fc:a5:5f:67:3e:41:e9:16:
38:f6:58:f8:f3:f9:95:89:61:d8:e4:fe:fa:98:e9:27:95:91:
51:84:70:71:84:0c:1b:ba:69:6c:40:98:72:cd:2b:83:5a:ca:
73:e0:7c:2e:51:e5:3d:5d:24:d7:e0:cd:80:41:18:e2:23:d4:
19:04:d2:a4:3a:9f:65:f6:96:60:ec:0a:62:f7:a1:57:58:0f:
27:73:53:01:6c:c9:be:c5:8d:53:5b:c3:6e:b2:9c:b1:2b:bc:
5c:71:85:27:e0:25:b5:f3:f6:f1:76:ed:85:7a:84:fd:6e:02:
e3:7a:ac:7f:97:2a:61:1e:ab:75:8d:1c:f0:d6:3a:7a:22:53:
2b:dd:75:ec:57:da:a2:09:9b:a7:88:60:6c:d3:2e:40:5c:ff:
d7:be:7d:77:6a:2e:c2:99:8a:4d:1f:c0:88:02:41:30:8d:c9:
09:38:98:d5:a1:92:3c:d9:f4:29:8b:62:80:93:23:ad:da:20:
6c:62:2c:a0:26:96:df:5c:80:3c:45:69:30:81:7e:af:d1:63:
e3:0b:b1:85:d2:de:cb:92:43:09:10:ff:96:ba:c9:ad:da:5e:
78:c1:71:05:41:98:22:ab:ae:7f:46:49:3d:2f:4a:23:d4:a5:
a7:75:d0:76
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBZLCQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDUx
MzA3MjAwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjNlY2Q3YjFkZDRk
ZThlZTFhY2Y2YjU0ZDkyZjgyYzI3MWIxYjlhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfba6CtD++di4zgN9nrbhOU8GFfMeSmy0oJKaIozBnj+XFX
2z7PTmkdd3B3UN4jfKM/kWpRsPCJKjBSu8nRjapPhce5fB5MvjLdFUVPX1m7mWKs
yVMgmGNLRajO9xeEKffcWlXNpQuIKb681CC++WwTOtRIi/PW0EVSJYGTwOPjlGut
ZfjiBJQAB8Efy/A70yLmHGcPjyfWOTb/3c4R5mtMzqQhjW2SAQB6xGwsz/cw97g8
RbQuRhMR5LjGdx+oq85nZujLG7CjwC6RwB0GZfHeOLNoN3jlBrqp8hKsF/xXmqwL
GOCr2X9lsT923hIpLP4QScwpEPFv11GNMiS2Bq0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSz7Nex3U3o7hrPa1TZL4LCcbG5qDAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L3MtelhzZDFONk80YXoydFUyUy1Dd25HeHVhZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAsHpZAMEA8HpeDANBgkqhkiG9w0B
AQsFAAOCAQEAKUZW5G/xD/ipRPylX2c+QekWOPZY+PP5lYlh2OT++pjpJ5WRUYRw
cYQMG7ppbECYcs0rg1rKc+B8LlHlPV0k1+DNgEEY4iPUGQTSpDqfZfaWYOwKYveh
V1gPJ3NTAWzJvsWNU1vDbrKcsSu8XHGFJ+AltfP28XbthXqE/W4C43qsf5cqYR6r
dY0c8NY6eiJTK9117Ffaogmbp4hgbNMuQFz/1759d2ouwpmKTR/AiAJBMI3JCTiY
1aGSPNn0KYtigJMjrdogbGIsoCaW31yAPEVpMIF+r9Fj4wuxhdLey5JDCRD/lrrJ
rdpeeMFxBUGYIquuf0ZJPS9KI9Slp3XQdg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-ams.rpki-client.org