Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xmC0gtRST8D8_mMowHzVEKM3FT8.roa
File: xmC0gtRST8D8_mMowHzVEKM3FT8.roa (raw, json)
Hash identifier: wOnkpQRzIItOUmsBI4mSvaCU1fJgd07+bW/9uk6/hqE=
Subject key identifier: C6:60:B4:82:D4:52:4F:C0:FC:FE:63:28:C0:7C:D5:10:A3:37:15:3F
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0182EEBB3EEA069EEEE6FC9845AC3A289FE1
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xmC0gtRST8D8_mMowHzVEKM3FT8.roa
Signing time: Tue 30 Aug 2022 12:30:24 +0000
ROA not before: Tue 30 Aug 2022 12:30:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
193.233.197.0/24 maxlen: 24
193.233.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ee:bb:3e:ea:06:9e:ee:e6:fc:98:45:ac:3a:28:9f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Aug 30 12:30:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c660b482d4524fc0fcfe6328c07cd510a337153f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:45:9b:b9:42:e0:21:a3:0c:64:69:9e:0e:9f:
66:e1:1c:c7:ee:d9:b2:1e:45:91:3a:5e:0f:ad:ee:
9d:06:bf:b9:85:30:6f:af:7f:8e:bf:44:c2:b0:0a:
35:b0:03:fc:15:4e:9e:25:71:4b:79:a7:b3:1a:93:
42:5b:65:d3:4c:1e:a9:ac:5b:2d:73:47:d0:3f:0b:
3f:9f:39:f5:1a:c0:54:bc:17:26:c0:dc:03:85:1f:
a3:ed:91:68:b4:af:0d:aa:dc:a1:5e:13:3d:d8:cd:
ef:61:72:1e:bc:c3:c6:0c:97:d5:4f:7e:3d:d8:1a:
8d:27:d3:80:77:a7:1e:77:e5:dc:9f:88:c0:fe:b5:
3e:07:72:29:74:e7:25:f7:74:1c:2d:a4:01:12:7c:
dc:0c:55:5e:04:e9:41:3a:8c:25:65:0b:37:40:3b:
35:28:75:40:34:ae:75:7f:1d:be:16:ca:47:86:08:
fa:21:61:01:0e:3e:ef:a1:61:61:1b:e8:75:d5:33:
dd:88:07:44:c3:14:36:20:9a:7b:a0:f9:50:95:aa:
0f:5f:c5:a1:3a:db:c6:38:3c:34:e6:c5:05:09:7f:
30:e6:54:69:b8:d1:52:f9:bd:da:fd:4d:25:e5:ad:
1b:bd:58:67:d6:7c:a3:0e:c8:20:13:8a:61:ea:90:
39:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:60:B4:82:D4:52:4F:C0:FC:FE:63:28:C0:7C:D5:10:A3:37:15:3F
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xmC0gtRST8D8_mMowHzVEKM3FT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.88.0/22
193.233.171.0/24
193.233.175.0/24
193.233.197.0/24
Signature Algorithm: sha256WithRSAEncryption
75:a6:0a:3b:a7:99:72:22:c2:34:ec:50:2b:10:66:9a:8f:0e:
cd:e8:8e:ed:1c:98:81:71:df:7f:46:d8:bf:f2:96:f7:29:95:
96:a2:7c:7e:ec:3d:cb:6a:96:1f:55:cf:a3:76:13:16:e5:03:
51:10:5b:49:9a:22:45:11:23:d5:8a:f6:e3:33:ae:1d:e2:fc:
2c:34:9b:c7:e6:c7:8e:54:1a:29:1d:6f:bb:f9:55:2f:01:a7:
9c:76:1a:11:15:92:77:80:b0:1d:a2:48:8c:bb:43:2e:0e:84:
55:40:f7:23:f4:30:e0:9f:86:af:70:01:8f:bb:9a:e6:ff:a3:
02:c7:8e:b9:05:3c:a1:7f:e4:05:f9:49:31:33:02:e6:8d:41:
fc:b2:92:13:61:2e:33:75:69:ca:d1:db:6f:98:9d:36:39:84:
50:2e:43:c9:27:6b:bc:66:fc:3b:6d:65:26:ad:01:57:c9:15:
43:e6:4f:d4:4d:4a:0f:62:f9:52:84:47:cb:f2:b5:f8:93:3a:
73:a4:09:90:f3:2c:e5:b2:27:07:44:77:a6:d5:ac:48:d0:bc:
bd:64:47:0d:0f:ef:29:4c:8c:1b:ff:d0:f9:a7:96:5e:42:a5:
2e:4b:79:3c:0b:f4:89:ca:6c:22:04:7c:ac:fd:99:e8:99:8c:
80:c6:19:90
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYLuuz7qBp7u5vyYRaw6KJ/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwODMwMTIzMDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjYwYjQ4MmQ0NTI0ZmMwZmNmZTYzMjhjMDdjZDUxMGEzMzcxNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEWbuULgIaMMZGmeDp9m4RzH7tmy
HkWROl4Pre6dBr+5hTBvr3+Ov0TCsAo1sAP8FU6eJXFLeaezGpNCW2XTTB6prFst
c0fQPws/nzn1GsBUvBcmwNwDhR+j7ZFotK8NqtyhXhM92M3vYXIevMPGDJfVT349
2BqNJ9OAd6ced+Xcn4jA/rU+B3IpdOcl93QcLaQBEnzcDFVeBOlBOowlZQs3QDs1
KHVANK51fx2+FspHhgj6IWEBDj7voWFhG+h11TPdiAdEwxQ2IJp7oPlQlaoPX8Wh
OtvGODw05sUFCX8w5lRpuNFS+b3a/U0l5a0bvVhn1nyjDsggE4ph6pA5DwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMZgtILUUk/A/P5jKMB81RCjNxU/MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveG1DMGd0UlNUOEQ4X21Nb3dIelZFS00zRlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCwelYAwQA
wemrAwQAwemvAwQAwenFMA0GCSqGSIb3DQEBCwUAA4IBAQB1pgo7p5lyIsI07FAr
EGaajw7N6I7tHJiBcd9/Rti/8pb3KZWWonx+7D3LapYfVc+jdhMW5QNREFtJmiJF
ESPVivbjM64d4vwsNJvH5seOVBopHW+7+VUvAaecdhoRFZJ3gLAdokiMu0MuDoRV
QPcj9DDgn4avcAGPu5rm/6MCx465BTyhf+QF+UkxMwLmjUH8spITYS4zdWnK0dtv
mJ02OYRQLkPJJ2u8Zvw7bWUmrQFXyRVD5k/UTUoPYvlShEfL8rX4kzpzpAmQ8yzl
sicHRHem1axI0Ly9ZEcND+8pTIwb/9D5p5ZeQqUuS3k8C/SJymwiBHys/ZnomYyA
xhmQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:39 2023 by rpki-client on console-fra.rpki-client.org