Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wA2_TV4tNxcpcCytUE1QVph9TSM.roa
File: wA2_TV4tNxcpcCytUE1QVph9TSM.roa (raw, json)
Hash identifier: R4k4etxaYBLBWKM24UYsEktSgzMIfrGnyn7lwyQE6Is=
Subject key identifier: C0:0D:BF:4D:5E:2D:37:17:29:70:2C:AD:50:4D:50:56:98:7D:4D:23
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018414A855DFACF3F4E9AD7E28AC4037D667
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wA2_TV4tNxcpcCytUE1QVph9TSM.roa
Signing time: Wed 26 Oct 2022 14:18:06 +0000
ROA not before: Wed 26 Oct 2022 14:18:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 193.233.252.0/23 maxlen: 23
193.233.192.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.193.0/24 maxlen: 24
193.233.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:14:a8:55:df:ac:f3:f4:e9:ad:7e:28:ac:40:37:d6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Oct 26 14:18:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c00dbf4d5e2d371729702cad504d5056987d4d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b4:53:63:74:7c:46:e7:6b:b4:f1:81:a0:31:
0f:c4:8a:ac:3c:0d:e4:04:04:e0:14:59:5b:84:f1:
72:c9:42:fa:f3:68:6c:0b:c0:20:8a:b0:bf:be:62:
42:36:0c:77:eb:75:9b:38:ff:65:de:88:35:58:b2:
42:ce:84:79:7b:1f:38:98:80:64:66:02:b3:91:57:
c6:68:15:9f:eb:38:e6:d6:95:40:72:52:fa:71:8c:
7d:8f:9d:1b:a4:20:23:6c:2d:24:2f:c6:d0:06:9b:
80:be:15:c9:87:aa:3f:4c:6a:44:a7:9b:84:63:ba:
46:30:31:d4:09:35:36:99:a1:a6:c9:59:71:ae:4c:
ba:3a:6c:49:13:2f:bc:89:bb:3b:73:dd:55:63:bc:
d1:21:53:a6:0d:58:3d:87:ae:2f:3e:b5:86:20:8f:
71:bf:6a:70:4f:57:17:39:9d:a5:5e:68:7e:a1:c9:
69:4c:93:60:d8:46:e1:7a:6f:54:ac:2c:8f:5c:81:
38:b6:fa:03:f6:3c:3c:0a:98:65:52:5f:e1:17:25:
99:82:35:65:76:18:ad:37:f7:82:dc:1f:ad:35:31:
db:02:2c:9e:4c:9e:e0:8b:ac:b0:37:88:bb:5a:bb:
f8:e4:49:b3:ed:29:ac:d3:79:28:cb:99:23:8c:c9:
f5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:0D:BF:4D:5E:2D:37:17:29:70:2C:AD:50:4D:50:56:98:7D:4D:23
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wA2_TV4tNxcpcCytUE1QVph9TSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.85.0/24
193.233.95.0/24
193.233.192.0/23
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:02:ad:81:d7:5c:d8:76:bb:fd:f0:94:3e:93:ac:5b:29:9b:
87:fa:a7:78:8c:fa:79:41:98:d7:98:a9:4a:aa:f0:b3:9d:50:
b6:0c:40:e3:3d:f1:bf:21:be:bb:88:d1:6f:f9:1f:cc:77:62:
c7:53:a9:e2:93:e1:63:d5:3e:af:82:bf:ae:b3:d1:b8:12:22:
e1:78:3f:07:55:ae:9f:f3:0a:c3:f2:39:c3:a4:9f:ed:33:85:
ba:1e:27:78:ae:51:93:f0:ea:1c:79:0d:25:18:1f:d7:fb:ad:
58:91:2b:29:28:4f:b3:2d:8c:68:f3:cc:de:99:d8:76:c3:78:
61:84:f6:14:15:36:66:d9:67:8e:f5:e6:0d:3c:be:14:51:09:
44:71:4f:f5:e2:4f:71:a9:23:96:13:6a:c4:03:d7:61:21:0a:
76:ff:e7:d9:91:5e:87:68:9b:3a:21:03:ab:f2:b5:5b:68:07:
9d:a1:e2:1a:33:6e:c4:2c:21:48:d3:a0:a4:cd:74:3a:10:5d:
fb:59:73:79:59:5e:15:30:9f:5e:73:7f:63:5c:5e:17:b5:63:
d6:1d:5d:2d:2f:f5:6a:63:e7:f4:dd:7c:6e:6e:fc:98:b8:85:
0b:db:88:83:9d:80:dc:5f:96:1f:65:50:6c:52:83:be:bf:c7:
dd:3d:97:23
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQUqFXfrPP06a1+KKxAN9ZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMDI2MTQxODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDBkYmY0ZDVlMmQzNzE3Mjk3MDJjYWQ1MDRkNTA1Njk4N2Q0ZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7RTY3R8RudrtPGBoDEPxIqsPA3k
BATgFFlbhPFyyUL682hsC8AgirC/vmJCNgx363WbOP9l3og1WLJCzoR5ex84mIBk
ZgKzkVfGaBWf6zjm1pVAclL6cYx9j50bpCAjbC0kL8bQBpuAvhXJh6o/TGpEp5uE
Y7pGMDHUCTU2maGmyVlxrky6OmxJEy+8ibs7c91VY7zRIVOmDVg9h64vPrWGII9x
v2pwT1cXOZ2lXmh+oclpTJNg2Ebhem9UrCyPXIE4tvoD9jw8CphlUl/hFyWZgjVl
dhitN/eC3B+tNTHbAiyeTJ7gi6ywN4i7Wrv45Emz7Sms03koy5kjjMn1GwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMANv01eLTcXKXAsrVBNUFaYfU0jMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvd0EyX1RWNHROeGNwY0N5dFVFMVFWcGg5VFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwelVAwQA
welfAwQBwenAAwQBwen8MA0GCSqGSIb3DQEBCwUAA4IBAQAfAq2B11zYdrv98JQ+
k6xbKZuH+qd4jPp5QZjXmKlKqvCznVC2DEDjPfG/Ib67iNFv+R/Md2LHU6nik+Fj
1T6vgr+us9G4EiLheD8HVa6f8wrD8jnDpJ/tM4W6Hid4rlGT8OoceQ0lGB/X+61Y
kSspKE+zLYxo88zemdh2w3hhhPYUFTZm2WeO9eYNPL4UUQlEcU/14k9xqSOWE2rE
A9dhIQp2/+fZkV6HaJs6IQOr8rVbaAedoeIaM27ELCFI06CkzXQ6EF37WXN5WV4V
MJ9ec39jXF4XtWPWHV0tL/VqY+f03XxubvyYuIUL24iDnYDcX5YfZVBsUoO+v8fd
PZcj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-ams.rpki-client.org