Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/t21viNeWLgVN5-LZ3Z2iD5WoFoA.roa
File: t21viNeWLgVN5-LZ3Z2iD5WoFoA.roa (raw, json)
Hash identifier: aOByqjqLKrE4tIa/s85fiV4A2JiyoKM/y0bPnYd5Qmw=
Subject key identifier: B7:6D:6F:88:D7:96:2E:05:4D:E7:E2:D9:DD:9D:A2:0F:95:A8:16:80
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018540767104882CDA105248C51A436D88B9
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/t21viNeWLgVN5-LZ3Z2iD5WoFoA.roa
Signing time: Fri 23 Dec 2022 19:29:41 +0000
ROA not before: Fri 23 Dec 2022 19:29:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56701
IP address blocks: 193.233.120.0/24 maxlen: 24
193.233.123.0/24 maxlen: 24
193.233.122.0/24 maxlen: 24
193.233.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:40:76:71:04:88:2c:da:10:52:48:c5:1a:43:6d:88:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Dec 23 19:29:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b76d6f88d7962e054de7e2d9dd9da20f95a81680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6c:7b:35:79:a3:f3:24:0e:07:93:4e:28:6f:
d0:34:09:b6:1f:f2:5b:c7:cf:fb:09:04:ee:bf:b9:
e3:6f:0c:de:41:9f:d9:eb:ce:a4:aa:ca:cf:5e:9f:
e5:05:c1:c3:e0:61:13:3a:5b:c6:a3:31:a0:d2:f0:
ff:8a:e5:66:d5:8a:46:c0:d9:4d:57:ad:14:76:24:
03:9b:15:44:5c:7d:1d:b3:0b:7f:11:a2:bf:57:dc:
e0:79:da:db:4f:eb:61:fe:6c:4b:98:93:0a:dc:2d:
29:8f:16:c9:1f:cc:f6:9c:19:1f:86:0d:9f:9e:17:
88:e9:86:32:4b:18:da:1f:08:b3:72:1e:74:d7:9a:
8f:58:40:a1:0d:38:23:59:fd:6f:d3:77:25:92:af:
09:dc:43:b0:e1:6f:45:cf:9b:40:5a:6a:03:08:55:
b2:5b:c8:be:86:a1:0c:5f:cd:a1:60:67:c5:4b:9a:
44:6f:61:e1:be:37:f9:47:95:9f:c3:18:50:e1:f3:
22:a6:ff:61:83:80:a1:35:21:3b:91:f4:ff:9e:b7:
e9:f6:92:9e:ac:62:7b:25:b3:73:f3:5f:ce:7e:28:
65:c9:69:eb:46:0d:b7:91:bb:8e:4c:4e:fd:5f:52:
05:c6:fa:e1:1b:f6:5d:03:a2:56:45:34:7c:cf:62:
24:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6D:6F:88:D7:96:2E:05:4D:E7:E2:D9:DD:9D:A2:0F:95:A8:16:80
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/t21viNeWLgVN5-LZ3Z2iD5WoFoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.120.0/22
Signature Algorithm: sha256WithRSAEncryption
19:42:a4:49:e9:5e:a9:94:a3:7b:7f:50:25:93:5e:20:ae:d0:
4b:f5:25:a7:d7:f4:39:15:f3:80:62:8c:3f:1b:67:73:7d:75:
e7:35:d1:7d:23:0b:49:b6:b3:26:75:d6:b9:5f:4b:1f:b1:4c:
26:a6:05:72:d2:e3:63:c0:f3:f1:98:94:6b:38:bf:25:a1:51:
ae:a7:b9:9c:ba:23:f8:9e:dc:23:fa:82:d9:56:03:2a:af:6d:
67:90:46:6c:57:6c:14:9c:41:00:2e:56:fb:54:d4:30:89:14:
06:7d:c9:35:d2:4d:b1:4b:67:1a:b4:53:e5:81:7e:a6:21:68:
37:aa:46:df:fa:57:5c:73:48:09:80:e2:22:df:88:62:43:8a:
17:39:c2:37:45:e2:df:2c:e8:5d:88:3b:fe:51:74:31:f7:67:
02:44:7f:78:c9:d0:1d:2d:4a:b3:ce:0e:2b:7e:40:29:2b:79:
5e:df:fe:d9:af:42:57:33:18:ed:b0:78:cc:35:a3:39:04:86:
84:18:11:a2:0a:ca:8d:2a:40:ad:3d:6c:5e:ea:2e:36:fe:c2:
0e:9e:2f:e8:fa:ff:58:da:bd:6f:8d:b1:96:5d:c8:9b:cd:cf:
20:3c:4d:7f:3b:16:b2:42:af:d8:20:b0:09:27:d7:d1:ce:72:
0e:ad:70:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVAdnEEiCzaEFJIxRpDbYi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMjIzMTkyOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzZkNmY4OGQ3OTYyZTA1NGRlN2UyZDlkZDlkYTIwZjk1YTgxNjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2x7NXmj8yQOB5NOKG/QNAm2H/Jb
x8/7CQTuv7njbwzeQZ/Z686kqsrPXp/lBcHD4GETOlvGozGg0vD/iuVm1YpGwNlN
V60UdiQDmxVEXH0dswt/EaK/V9zgedrbT+th/mxLmJMK3C0pjxbJH8z2nBkfhg2f
nheI6YYySxjaHwizch5015qPWEChDTgjWf1v03clkq8J3EOw4W9Fz5tAWmoDCFWy
W8i+hqEMX82hYGfFS5pEb2Hhvjf5R5WfwxhQ4fMipv9hg4ChNSE7kfT/nrfp9pKe
rGJ7JbNz81/OfihlyWnrRg23kbuOTE79X1IFxvrhG/ZdA6JWRTR8z2IkRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLdtb4jXli4FTefi2d2dog+VqBaAMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdDIxdmlOZVdMZ1ZONS1MWjNaMmlENVdvRm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwel4MA0G
CSqGSIb3DQEBCwUAA4IBAQAZQqRJ6V6plKN7f1Alk14grtBL9SWn1/Q5FfOAYow/
G2dzfXXnNdF9IwtJtrMmdda5X0sfsUwmpgVy0uNjwPPxmJRrOL8loVGup7mcuiP4
ntwj+oLZVgMqr21nkEZsV2wUnEEALlb7VNQwiRQGfck10k2xS2catFPlgX6mIWg3
qkbf+ldcc0gJgOIi34hiQ4oXOcI3ReLfLOhdiDv+UXQx92cCRH94ydAdLUqzzg4r
fkApK3le3/7Zr0JXMxjtsHjMNaM5BIaEGBGiCsqNKkCtPWxe6i42/sIOni/o+v9Y
2r1vjbGWXcibzc8gPE1/OxayQq/YILAJJ9fRznIOrXAA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:33 2024 by rpki-client on console-ams.rpki-client.org