Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sW4hOC565DeHZ_mHKlbXro3v4ZA.roa
File: sW4hOC565DeHZ_mHKlbXro3v4ZA.roa (raw, json)
Hash identifier: 2NtnGqCF2TB2TSpdX+CaKFpQie/f+gyOee4v+xa+Zng=
Subject key identifier: B1:6E:21:38:2E:7A:E4:37:87:67:F9:87:2A:56:D7:AE:8D:EF:E1:90
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0182A6E44AC15B02A1A7B0EDC3A30019C271
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sW4hOC565DeHZ_mHKlbXro3v4ZA.roa
Signing time: Tue 16 Aug 2022 13:42:35 +0000
ROA not before: Tue 16 Aug 2022 13:42:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2895
IP address blocks: 185.103.100.0/22 maxlen: 22
193.233.150.0/23 maxlen: 24
147.45.0.0/16 maxlen: 16
193.233.4.0/24 maxlen: 24
193.233.0.0/22 maxlen: 22
193.233.10.0/23 maxlen: 23
193.233.8.0/24 maxlen: 24
2001:640::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a6:e4:4a:c1:5b:02:a1:a7:b0:ed:c3:a3:00:19:c2:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Aug 16 13:42:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b16e21382e7ae4378767f9872a56d7ae8defe190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a8:9b:81:ba:9f:de:1c:a9:ed:82:99:d7:d2:
a4:d7:5e:ad:cc:1c:36:c5:3e:77:b7:40:05:73:65:
cc:24:ac:22:82:92:94:aa:02:cb:cb:75:b4:65:95:
df:47:ce:50:42:a6:b0:b7:bb:57:0f:40:29:94:31:
84:8b:b6:fa:d8:a3:06:ec:11:7a:7e:e4:74:ef:4f:
28:45:f3:dd:14:de:a6:ba:73:13:1a:b0:73:b1:22:
92:e2:93:10:e2:31:42:3b:9d:97:03:f4:51:b7:03:
bb:98:dc:d5:89:4b:f3:02:dc:42:a0:f3:07:8d:2d:
a1:b6:4a:a6:61:3d:24:0d:24:3d:7d:d8:39:50:2d:
69:1f:97:68:f7:24:67:3b:e5:7f:ec:bb:b4:5e:fc:
f1:a4:ee:a2:8a:ea:6b:c9:bf:14:7c:1f:f4:a1:3c:
57:94:3d:dc:fd:2b:a0:2b:fe:fc:a6:7e:35:f7:da:
19:51:25:c1:2a:2d:25:20:9f:7e:b0:d4:ae:19:44:
e1:16:7a:1f:05:76:42:0a:0e:d0:1b:14:40:a6:35:
da:00:4d:55:9a:86:fc:3b:69:9f:3e:b8:23:c6:c6:
ab:0a:2e:42:ed:44:98:7a:14:e3:73:a0:10:11:d0:
44:7a:be:b7:10:c4:fc:20:3c:f1:67:eb:96:64:da:
e5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:6E:21:38:2E:7A:E4:37:87:67:F9:87:2A:56:D7:AE:8D:EF:E1:90
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sW4hOC565DeHZ_mHKlbXro3v4ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.0.0/16
185.103.100.0/22
193.233.0.0-193.233.4.255
193.233.8.0/24
193.233.10.0/23
193.233.150.0/23
IPv6:
2001:640::/32
Signature Algorithm: sha256WithRSAEncryption
2f:6a:37:91:8e:0e:e3:67:72:8d:dc:98:75:bd:51:24:5f:fa:
ad:2b:78:59:e5:81:fe:e7:90:54:34:fd:4f:19:41:1b:04:dd:
c9:58:c4:b6:2b:0a:0e:c8:a0:b3:9e:67:9f:ee:9b:df:fa:f1:
cd:f6:36:25:ce:60:5a:83:12:ef:0e:72:d1:0b:cf:b8:18:a3:
75:03:d6:73:8c:85:54:db:b3:1f:f0:19:e0:27:3a:11:95:95:
57:36:2d:4d:28:73:a7:c3:38:e5:67:ba:9c:52:ac:d1:9e:62:
6a:94:29:05:4f:8b:cf:5e:6e:cc:03:76:19:2f:31:92:d3:ac:
a0:c0:c3:f4:72:bc:03:7c:1e:e0:d0:d0:19:79:94:32:43:80:
c6:ab:30:69:a4:c8:89:b3:4e:f1:2b:cd:78:9f:52:74:f2:fe:
c5:09:ab:c8:3c:5d:c1:db:21:8c:bb:c3:87:8e:ee:64:67:8d:
b6:1b:b6:b6:5b:8f:e6:89:f0:36:b2:dc:cf:85:bf:fa:19:60:
41:1a:7c:29:18:bb:ea:01:51:77:84:bb:47:1f:a4:fd:86:47:
b8:80:ed:8d:9e:03:b7:ac:94:46:6c:f2:31:36:7a:d3:d1:24:
d5:ff:1d:38:5f:8e:0a:f2:57:c1:c3:62:41:a8:f6:ee:dc:35:
b4:6d:3d:3d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYKm5ErBWwKhp7Dtw6MAGcJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwODE2MTM0MjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTZlMjEzODJlN2FlNDM3ODc2N2Y5ODcyYTU2ZDdhZThkZWZlMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6ibgbqf3hyp7YKZ19Kk116tzBw2
xT53t0AFc2XMJKwigpKUqgLLy3W0ZZXfR85QQqawt7tXD0AplDGEi7b62KMG7BF6
fuR0708oRfPdFN6munMTGrBzsSKS4pMQ4jFCO52XA/RRtwO7mNzViUvzAtxCoPMH
jS2htkqmYT0kDSQ9fdg5UC1pH5do9yRnO+V/7Lu0XvzxpO6iiupryb8UfB/0oTxX
lD3c/SugK/78pn4199oZUSXBKi0lIJ9+sNSuGUThFnofBXZCCg7QGxRApjXaAE1V
mob8O2mfPrgjxsarCi5C7USYehTjc6AQEdBEer63EMT8IDzxZ+uWZNrl7wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLFuITgueuQ3h2f5hypW166N7+GQMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvc1c0aE9DNTY1RGVIWl9tSEtsYlhybzN2NFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwMAky0DBAK5
Z2QwCwMDAMHpAwQAwekEAwQAwekIAwQBwekKAwQBwemWMA0EAgACMAcDBQAgAQZA
MA0GCSqGSIb3DQEBCwUAA4IBAQAvajeRjg7jZ3KN3Jh1vVEkX/qtK3hZ5YH+55BU
NP1PGUEbBN3JWMS2KwoOyKCznmef7pvf+vHN9jYlzmBagxLvDnLRC8+4GKN1A9Zz
jIVU27Mf8BngJzoRlZVXNi1NKHOnwzjlZ7qcUqzRnmJqlCkFT4vPXm7MA3YZLzGS
06ygwMP0crwDfB7g0NAZeZQyQ4DGqzBppMiJs07xK814n1J08v7FCavIPF3B2yGM
u8OHju5kZ422G7a2W4/mifA2stzPhb/6GWBBGnwpGLvqAVF3hLtHH6T9hke4gO2N
ngO3rJRGbPIxNnrT0STV/x04X44K8lfBw2JBqPbu3DW0bT09
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-ams.rpki-client.org