Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/u8ohPyj81dlgwdPC1vvIo6jWD2c.roa
File: u8ohPyj81dlgwdPC1vvIo6jWD2c.roa (raw, json)
Hash identifier: C7/8dowcyA/ylysTQmEfOb1VdFmzHT4eCcglqW2UhyI=
Subject key identifier: BB:CA:21:3F:28:FC:D5:D9:60:C1:D3:C2:D6:FB:C8:A3:A8:D6:0F:67
Certificate issuer: /CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Certificate serial: 0184F40811AF83B64A07D6FD988054FE9658
Authority key identifier: 16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/u8ohPyj81dlgwdPC1vvIo6jWD2c.roa
Signing time: Thu 08 Dec 2022 23:18:00 +0000
ROA not before: Thu 08 Dec 2022 23:18:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201749
IP address blocks: 93.191.112.0/24 maxlen: 24
93.191.113.0/24 maxlen: 24
93.191.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f4:08:11:af:83:b6:4a:07:d6:fd:98:80:54:fe:96:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Validity
Not Before: Dec 8 23:18:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbca213f28fcd5d960c1d3c2d6fbc8a3a8d60f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bc:ba:6a:6a:06:62:ff:ea:99:5f:11:37:80:
33:5a:df:f7:74:d1:59:94:bf:e2:da:ab:68:ca:7b:
d3:60:56:66:2c:ab:0e:c4:a9:04:19:04:2e:d0:df:
40:42:a9:28:5f:f7:9d:9d:0a:a0:3c:f0:79:65:12:
d7:27:8c:6f:d5:19:47:78:b0:ad:ee:b8:0a:ac:0d:
3a:fe:8b:7f:d6:39:09:0c:5b:a4:77:99:42:a2:38:
8e:f8:19:15:f7:5b:7a:ee:b3:bd:90:68:5a:eb:d2:
37:02:45:e3:9a:1b:6a:be:32:9a:a8:9f:9e:bc:16:
b0:06:da:b0:7e:ed:0b:5f:e5:6c:15:12:d3:d1:4d:
a2:42:cb:1b:23:03:b3:d4:4c:04:0d:a7:7b:b6:75:
55:f0:e4:93:2f:b0:b0:ea:07:db:84:f9:bd:8f:69:
1a:a1:3e:1e:fd:22:0e:b8:a3:39:74:08:9e:38:53:
e8:0e:34:1f:b3:ea:d5:42:a6:26:e5:27:45:99:74:
7c:4a:ae:6d:e5:2b:49:61:6b:a1:6b:37:5a:69:f1:
97:d4:fc:39:0e:01:bd:d5:7f:8c:88:70:ca:f7:83:
c1:d4:b5:63:13:6d:c2:4b:df:9d:58:11:d2:c8:b9:
1d:64:ea:09:13:43:54:d3:1b:e9:1c:3e:9b:77:28:
86:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:CA:21:3F:28:FC:D5:D9:60:C1:D3:C2:D6:FB:C8:A3:A8:D6:0F:67
X509v3 Authority Key Identifier:
keyid:16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/u8ohPyj81dlgwdPC1vvIo6jWD2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/FpfEbq-hDsXZB7sF43EjtpKrSUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.112.0/23
93.191.115.0/24
Signature Algorithm: sha256WithRSAEncryption
32:50:01:6a:45:db:0c:87:b5:92:1a:e1:16:d5:ce:4c:53:89:
6d:dd:65:bf:a9:4e:71:6d:a9:7f:cc:72:35:4e:83:1b:3c:61:
14:1a:28:23:22:0b:e7:1e:ad:2e:87:e1:74:b5:75:c4:bf:8a:
3a:cd:8a:09:02:fe:6d:40:15:cc:bc:89:67:d3:9b:dd:f7:5d:
3d:24:95:f0:71:63:a5:32:5d:5e:2e:a3:48:94:5c:3f:fd:05:
bc:81:c4:43:5d:6e:8c:1d:dd:b5:f1:4a:c0:f6:0d:88:61:29:
35:5f:b7:14:69:f2:42:19:19:8e:cf:97:1c:b9:8c:85:97:23:
a4:36:81:26:e5:5e:d7:10:d7:f1:a7:c1:7d:f1:f8:d8:e4:89:
05:d8:b5:cd:a2:6b:48:9d:c2:94:6c:d0:8e:0f:9d:c6:66:6d:
80:3d:19:2e:eb:22:fa:c9:03:07:62:9f:0b:75:0d:2e:b7:42:
c8:1b:4b:f4:16:f3:3d:ae:67:e4:27:7e:1f:ba:81:a2:a0:80:
a0:91:a3:03:10:28:69:02:9c:37:e4:41:cc:12:04:d1:79:02:
a7:29:28:83:ca:68:f5:08:7c:5c:e0:64:fd:ad:26:98:2a:03:
65:5c:83:1c:fc:ed:b2:f1:64:bf:4d:4e:e2:0d:46:d1:2b:f4:
44:ed:b6:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYT0CBGvg7ZKB9b9mIBU/pZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTdjNDZlYWZhMTBlYzVkOTA3YmIwNWUzNzEyM2I2OTJh
YjQ5NGMwHhcNMjIxMjA4MjMxODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmNhMjEzZjI4ZmNkNWQ5NjBjMWQzYzJkNmZiYzhhM2E4ZDYwZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7y6amoGYv/qmV8RN4AzWt/3dNFZ
lL/i2qtoynvTYFZmLKsOxKkEGQQu0N9AQqkoX/ednQqgPPB5ZRLXJ4xv1RlHeLCt
7rgKrA06/ot/1jkJDFukd5lCojiO+BkV91t67rO9kGha69I3AkXjmhtqvjKaqJ+e
vBawBtqwfu0LX+VsFRLT0U2iQssbIwOz1EwEDad7tnVV8OSTL7Cw6gfbhPm9j2ka
oT4e/SIOuKM5dAieOFPoDjQfs+rVQqYm5SdFmXR8Sq5t5StJYWuhazdaafGX1Pw5
DgG91X+MiHDK94PB1LVjE23CS9+dWBHSyLkdZOoJE0NU0xvpHD6bdyiG2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLvKIT8o/NXZYMHTwtb7yKOo1g9nMB8GA1UdIwQY
MBaAFBaXxG6voQ7F2Qe7BeNxI7aSq0lMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUt
NzY1MjJjMjA3YzU1LzEvdThvaFB5ajgxZGxnd2RQQzF2dklvNmpXRDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUtNzY1MjJjMjA3YzU1
LzEvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXb9wAwQA
Xb9zMA0GCSqGSIb3DQEBCwUAA4IBAQAyUAFqRdsMh7WSGuEW1c5MU4lt3WW/qU5x
bal/zHI1ToMbPGEUGigjIgvnHq0uh+F0tXXEv4o6zYoJAv5tQBXMvIln05vd9109
JJXwcWOlMl1eLqNIlFw//QW8gcRDXW6MHd218UrA9g2IYSk1X7cUafJCGRmOz5cc
uYyFlyOkNoEm5V7XENfxp8F98fjY5IkF2LXNomtIncKUbNCOD53GZm2APRku6yL6
yQMHYp8LdQ0ut0LIG0v0FvM9rmfkJ34fuoGioICgkaMDEChpApw35EHMEgTReQKn
KSiDymj1CHxc4GT9rSaYKgNlXIMc/O2y8WS/TU7iDUbRK/RE7baB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:57 2023 by rpki-client on console-fra.rpki-client.org