Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/oXM0P4MhVY22beF-lQm7u_diDoI.roa
File: oXM0P4MhVY22beF-lQm7u_diDoI.roa (raw, json)
Hash identifier: OT55u2gZtfI7qZF15PzrEka0MLpa5TXZZEWGkBnXWxM=
Subject key identifier: A1:73:34:3F:83:21:55:8D:B6:6D:E1:7E:95:09:BB:BB:F7:62:0E:82
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 085A889C
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/oXM0P4MhVY22beF-lQm7u_diDoI.roa
Signing time: Thu 17 Mar 2022 14:29:14 +0000
ROA not before: Thu 17 Mar 2022 14:29:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 193.202.84.0/23 maxlen: 23
193.202.84.0/22 maxlen: 22
193.202.86.0/23 maxlen: 23
193.202.8.0/23 maxlen: 23
193.202.8.0/22 maxlen: 22
193.202.10.0/23 maxlen: 23
193.202.14.0/23 maxlen: 23
193.202.12.0/22 maxlen: 22
193.202.12.0/23 maxlen: 23
193.187.94.0/23 maxlen: 23
193.187.92.0/22 maxlen: 22
193.187.92.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140150940 (0x85a889c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Mar 17 14:29:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a173343f8321558db66de17e9509bbbbf7620e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f1:ed:cf:46:70:d3:ce:0f:17:21:61:9d:30:
2f:ff:3e:12:3c:41:da:77:82:e8:1e:cc:35:43:f9:
e0:bb:17:21:d1:99:ee:bc:dc:4b:de:c4:d4:fb:6f:
af:0a:76:cc:e7:d3:92:27:2e:b2:3b:f5:e2:8c:d2:
77:a9:61:34:63:e6:5d:43:2f:71:f5:84:2b:f1:ec:
64:4a:26:86:8b:04:a7:3d:03:53:63:51:f9:51:57:
47:d9:15:e6:06:e8:27:23:ee:7a:9f:42:02:7f:35:
76:30:7c:f9:b3:59:ef:aa:00:82:8a:41:1e:2d:bc:
b6:96:9c:81:4f:5d:da:f3:e2:d2:aa:bd:73:69:f4:
0a:36:77:27:ee:49:6a:09:51:b3:d0:e5:33:7b:3c:
58:f9:53:9f:d8:5b:9f:89:bc:7d:9e:dd:f6:79:09:
6a:ad:3e:90:f7:fd:24:d8:41:a0:c5:b6:5c:81:e2:
64:ed:79:40:95:f5:08:87:67:5e:4f:e8:a5:20:ca:
8c:70:d7:53:77:5d:7c:67:9d:7c:b6:9c:2a:40:e7:
d0:ae:58:ff:59:c9:83:37:a1:ca:e9:6a:40:f3:99:
fd:06:e1:14:d3:80:d0:ef:61:69:91:9d:46:4a:b6:
1f:d2:ad:8a:8e:48:8f:78:fe:74:0c:b6:16:b1:c1:
be:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:73:34:3F:83:21:55:8D:B6:6D:E1:7E:95:09:BB:BB:F7:62:0E:82
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/oXM0P4MhVY22beF-lQm7u_diDoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.187.92.0/22
193.202.8.0/21
193.202.84.0/22
Signature Algorithm: sha256WithRSAEncryption
78:e0:c0:44:3d:a5:f0:19:d3:8f:7d:c0:15:a4:87:8b:78:6c:
a5:af:09:03:76:9e:f1:0b:88:cb:e8:3a:95:73:18:41:ca:23:
17:53:5a:10:ef:97:1c:a8:04:4b:fc:e4:f2:1b:3e:17:9a:29:
1a:27:aa:08:1b:16:78:5b:f7:35:10:02:67:90:68:67:54:96:
2c:6f:ed:55:19:b9:a4:ff:55:2c:c6:a8:ac:06:ae:68:2d:87:
e9:80:47:3d:b7:c8:c1:3e:83:9d:7e:93:b6:b5:54:01:af:cb:
06:0f:d5:13:58:82:61:0b:c6:b4:2c:cb:f3:c4:c0:30:d9:b9:
38:c0:80:4f:94:27:3f:e1:e3:a1:83:22:d7:02:77:09:bd:0d:
2a:0d:2c:fd:73:04:2e:68:c4:22:76:cf:b6:70:9a:57:93:b0:
54:33:28:79:97:5d:3b:d3:a3:c1:df:81:d0:b4:d0:88:5c:75:
b6:3e:e7:73:0c:03:fc:29:5a:5a:24:ce:ac:f0:6b:f8:d6:58:
64:e8:48:49:ea:4e:50:d9:40:b8:58:3f:30:b4:80:3a:88:f2:
88:10:de:55:5f:a9:6d:cd:59:70:ca:4b:34:d7:8b:88:09:55:
48:fe:46:1b:8b:af:e4:72:5b:ac:f1:74:51:f0:17:35:fc:b4:
c7:87:40:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIECFqInDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODY1MWIxMTk0ZjEyZTk4ZTcwZDNkYTc4ZWZlNGRkMjQ2N2NkNDIzMB4XDTIyMDMx
NzE0MjkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE3MzM0M2Y4MzIx
NTU4ZGI2NmRlMTdlOTUwOWJiYmJmNzYyMGU4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7x7c9GcNPODxchYZ0wL/8+EjxB2neC6B7MNUP54LsXIdGZ
7rzcS97E1Ptvrwp2zOfTkicusjv14ozSd6lhNGPmXUMvcfWEK/HsZEomhosEpz0D
U2NR+VFXR9kV5gboJyPuep9CAn81djB8+bNZ76oAgopBHi28tpacgU9d2vPi0qq9
c2n0CjZ3J+5JaglRs9DlM3s8WPlTn9hbn4m8fZ7d9nkJaq0+kPf9JNhBoMW2XIHi
ZO15QJX1CIdnXk/opSDKjHDXU3ddfGedfLacKkDn0K5Y/1nJgzehyulqQPOZ/Qbh
FNOA0O9haZGdRkq2H9Ktio5Ij3j+dAy2FrHBvvkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBShczQ/gyFVjbZt4X6VCbu792IOgjAfBgNVHSMEGDAWgBT4ZRsRlPEumOcN
PaeO/k3SRnzUIzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzRlLzgyMjQwMC0zMjQ4LTQ3MDItYjI5Yi1hMWI3Y2VlZmExNmMv
MS9vWE0wUDRNaFZZMjJiZUYtbFFtN3VfZGlEb0kucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRl
LzgyMjQwMC0zMjQ4LTQ3MDItYjI5Yi1hMWI3Y2VlZmExNmMvMS8xLUdVYkVaVHhM
cGpuRFQybmp2NU4wa1o4MUNNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCwbtcAwQDwcoIAwQCwcpUMA0G
CSqGSIb3DQEBCwUAA4IBAQB44MBEPaXwGdOPfcAVpIeLeGylrwkDdp7xC4jL6DqV
cxhByiMXU1oQ75ccqARL/OTyGz4XmikaJ6oIGxZ4W/c1EAJnkGhnVJYsb+1VGbmk
/1UsxqisBq5oLYfpgEc9t8jBPoOdfpO2tVQBr8sGD9UTWIJhC8a0LMvzxMAw2bk4
wIBPlCc/4eOhgyLXAncJvQ0qDSz9cwQuaMQids+2cJpXk7BUMyh5l10706PB34HQ
tNCIXHW2PudzDAP8KVpaJM6s8Gv41lhk6EhJ6k5Q2UC4WD8wtIA6iPKIEN5VX6lt
zVlwyks014uICVVI/kYbi6/kclus8XRR8Bc1/LTHh0Bo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:59 2023 by rpki-client on console-fra.rpki-client.org