Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/86qXBuGt0amqJms33GOVUdt1rk0.roa
File: 86qXBuGt0amqJms33GOVUdt1rk0.roa (raw, json)
Hash identifier: /zQ3Jg9DX8gLagDQmQ06rF11KPQAw5q6yyF5IcGGPxs=
Subject key identifier: F3:AA:97:06:E1:AD:D1:A9:AA:26:6B:37:DC:63:95:51:DB:75:AE:4D
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018413265E69F6ED8A589F1D480108472A14
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/86qXBuGt0amqJms33GOVUdt1rk0.roa
Signing time: Wed 26 Oct 2022 07:16:32 +0000
ROA not before: Wed 26 Oct 2022 07:16:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212598
IP address blocks: 193.111.78.0/24 maxlen: 24
193.17.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:26:5e:69:f6:ed:8a:58:9f:1d:48:01:08:47:2a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Oct 26 07:16:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3aa9706e1add1a9aa266b37dc639551db75ae4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cd:1e:dc:41:a7:7e:29:b8:b8:d6:be:7a:22:
d6:74:52:a0:03:25:6a:41:8f:3c:70:34:14:53:2a:
fd:af:86:af:46:69:7a:24:ee:7b:8d:23:c0:34:b4:
32:dd:4a:95:cd:6b:e3:a2:fa:2c:cb:ff:5e:ca:02:
eb:59:c1:99:a5:9c:fd:90:6c:6c:a5:ea:77:1e:3e:
51:6e:c7:41:ce:25:83:5d:7b:f6:da:79:fd:fa:9a:
3b:41:13:5e:2b:d5:3b:16:b6:d3:e6:fb:a8:59:04:
08:87:c8:69:3b:17:09:7d:b5:91:26:9b:b6:eb:a9:
f0:0b:17:42:31:90:d4:b5:95:6c:cb:8f:7f:bf:9c:
cf:96:11:bb:ff:f9:34:04:d2:11:8c:66:ca:84:c9:
d5:bb:df:94:ed:e3:a7:e4:42:be:24:23:a0:5b:6b:
55:23:70:8f:76:d6:d5:29:60:50:e9:21:bc:67:a2:
ca:1d:36:b8:30:45:fc:b6:c6:e1:42:f5:b0:bc:8d:
f6:57:52:f2:37:13:1d:3e:93:0b:c1:f1:96:b0:8d:
e3:f1:a5:bd:99:f3:b4:65:6a:f8:2c:52:93:aa:51:
37:6f:e8:5a:a2:6d:08:b2:18:6b:fd:57:4b:3a:30:
68:de:a4:7f:d5:69:de:f6:2b:fc:f4:d2:98:95:ad:
11:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AA:97:06:E1:AD:D1:A9:AA:26:6B:37:DC:63:95:51:DB:75:AE:4D
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/86qXBuGt0amqJms33GOVUdt1rk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.6.0/24
193.111.78.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:30:4d:f6:1c:54:80:dc:e4:e9:a6:06:9f:c9:f9:36:92:04:
30:a7:e7:93:b2:8c:9a:8a:9c:85:2e:cf:25:42:72:74:37:f1:
fa:62:f8:79:21:a3:2d:9d:c5:cc:6c:8c:73:55:c9:e0:67:2c:
3a:0a:b8:b9:ae:08:f7:e2:b9:49:74:af:00:b5:4b:ae:00:8a:
32:19:77:20:06:66:f7:e3:bd:bc:82:d1:3f:a4:96:0a:09:f6:
66:5a:5b:f9:3d:d9:cb:2d:83:3b:6e:93:7a:a3:7c:95:28:9d:
38:fd:86:4b:7b:95:09:06:da:fb:0c:73:3c:ec:e4:e7:b4:8b:
26:4c:f1:09:2f:f4:1e:27:e4:c9:f0:21:50:e8:0f:9f:01:46:
a4:46:d9:64:08:01:e0:ba:fd:56:b1:8f:2b:06:93:42:af:fb:
4c:5f:da:18:e6:8a:9d:3e:84:4e:ef:97:9b:76:44:09:a8:4a:
7d:9b:b5:16:0c:66:62:ed:48:f2:e5:57:57:9e:00:b7:1c:4e:
e1:21:19:de:46:15:41:4f:ac:03:9d:91:0b:a1:ae:05:59:66:
99:40:3a:37:50:27:0d:0c:a8:9e:27:0c:71:99:f4:fb:ce:7f:
42:2a:e7:f2:ac:af:d3:d0:35:1a:50:f8:0f:5f:20:82:cb:74:
69:0d:72:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQTJl5p9u2KWJ8dSAEIRyoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjIxMDI2MDcxNjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2FhOTcwNmUxYWRkMWE5YWEyNjZiMzdkYzYzOTU1MWRiNzVhZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq80e3EGnfim4uNa+eiLWdFKgAyVq
QY88cDQUUyr9r4avRml6JO57jSPANLQy3UqVzWvjovosy/9eygLrWcGZpZz9kGxs
pep3Hj5RbsdBziWDXXv22nn9+po7QRNeK9U7FrbT5vuoWQQIh8hpOxcJfbWRJpu2
66nwCxdCMZDUtZVsy49/v5zPlhG7//k0BNIRjGbKhMnVu9+U7eOn5EK+JCOgW2tV
I3CPdtbVKWBQ6SG8Z6LKHTa4MEX8tsbhQvWwvI32V1LyNxMdPpMLwfGWsI3j8aW9
mfO0ZWr4LFKTqlE3b+haom0Ishhr/VdLOjBo3qR/1Wne9iv89NKYla0R6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPOqlwbhrdGpqiZrN9xjlVHbda5NMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvODZxWEJ1R3QwYW1xSm1zMzNHT1ZVZHQxcmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwREGAwQA
wW9OMA0GCSqGSIb3DQEBCwUAA4IBAQDHME32HFSA3OTppgafyfk2kgQwp+eTsoya
ipyFLs8lQnJ0N/H6Yvh5IaMtncXMbIxzVcngZyw6Cri5rgj34rlJdK8AtUuuAIoy
GXcgBmb34728gtE/pJYKCfZmWlv5PdnLLYM7bpN6o3yVKJ04/YZLe5UJBtr7DHM8
7OTntIsmTPEJL/QeJ+TJ8CFQ6A+fAUakRtlkCAHguv1WsY8rBpNCr/tMX9oY5oqd
PoRO75ebdkQJqEp9m7UWDGZi7Ujy5VdXngC3HE7hIRneRhVBT6wDnZELoa4FWWaZ
QDo3UCcNDKieJwxxmfT7zn9CKufyrK/T0DUaUPgPXyCCy3RpDXKE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:49 2024 by rpki-client on console-fra.rpki-client.org