Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sfOuqIZfCAS_kZCbgMs2Ogy5KqQ.roa
File: sfOuqIZfCAS_kZCbgMs2Ogy5KqQ.roa (raw, json)
Hash identifier: JZ/pV5D5/nTqDkf/mz5YM9MJ8ggX0DHlSh7zZymUnmo=
Subject key identifier: B1:F3:AE:A8:86:5F:08:04:BF:91:90:9B:80:CB:36:3A:0C:B9:2A:A4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01850AE84A4B63E67714F7F634D91F4A5AE3
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sfOuqIZfCAS_kZCbgMs2Ogy5KqQ.roa
Signing time: Tue 13 Dec 2022 09:54:33 +0000
ROA not before: Tue 13 Dec 2022 09:54:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201271
IP address blocks: 193.234.187.0/24 maxlen: 24
193.234.189.0/24 maxlen: 24
193.234.191.0/24 maxlen: 24
193.234.188.0/24 maxlen: 24
193.234.190.0/24 maxlen: 24
193.234.192.0/24 maxlen: 24
193.234.193.0/24 maxlen: 24
193.234.195.0/24 maxlen: 24
193.234.184.0/23 maxlen: 23
193.234.185.0/24 maxlen: 24
193.234.184.0/24 maxlen: 24
193.234.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:e8:4a:4b:63:e6:77:14:f7:f6:34:d9:1f:4a:5a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 13 09:54:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1f3aea8865f0804bf91909b80cb363a0cb92aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5e:98:2e:31:ce:ee:c3:05:72:8f:2a:36:ec:
94:37:67:a1:9b:63:ea:fc:0c:2f:a8:a9:93:23:9a:
82:82:5e:af:b7:53:a7:e8:38:fa:f3:cd:d4:bf:c1:
1b:b8:25:79:31:30:a3:9b:d5:a4:22:54:f5:3e:d3:
98:62:46:55:e9:33:04:7f:a3:ca:42:74:2c:90:cf:
9b:16:de:1f:96:46:35:66:61:37:a4:25:50:e2:0b:
30:60:f5:a4:c6:ff:c4:da:be:b1:2f:31:7b:41:76:
ef:c8:19:05:78:20:9b:af:29:fe:94:b8:7e:00:98:
78:d5:fa:f1:1a:95:09:0f:e9:63:7e:e2:1c:1b:51:
99:3c:0e:11:82:c5:6c:06:8d:48:1c:71:c1:fd:51:
9e:ab:8c:75:79:f5:79:86:3f:2e:44:3c:ca:18:ea:
0b:91:67:89:b1:74:b1:6d:32:27:a5:96:3a:dd:fb:
fa:8b:dd:d6:e9:19:4b:d4:a3:d8:3f:50:97:e4:59:
70:cc:a9:5c:e8:30:28:8d:f0:3e:a0:e4:9f:2d:29:
66:2b:b3:05:b9:5d:9e:e8:14:3d:15:3c:3f:af:08:
80:4b:1b:bf:75:df:d4:19:5e:1d:36:c7:a6:54:f5:
5f:48:0d:d9:21:e9:39:f9:46:e9:82:5a:6c:74:17:
9f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F3:AE:A8:86:5F:08:04:BF:91:90:9B:80:CB:36:3A:0C:B9:2A:A4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sfOuqIZfCAS_kZCbgMs2Ogy5KqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.234.184.0-193.234.193.255
193.234.195.0/24
Signature Algorithm: sha256WithRSAEncryption
93:a0:a6:e4:44:13:56:19:ba:26:90:0f:48:81:85:4c:b7:11:
8a:0b:68:88:42:0a:8e:b2:d6:bd:17:80:0e:54:6f:34:c4:3c:
01:b7:1a:88:e1:06:e6:9b:4c:d2:e3:b4:a0:60:75:38:3b:b3:
78:bf:16:a0:57:bb:d6:ab:c8:13:15:cd:8e:d0:a9:be:33:af:
63:7f:8a:0b:f0:43:f9:c9:0d:0f:da:a9:8a:7d:08:4f:95:69:
4b:89:51:80:81:9a:55:86:bd:51:c6:28:19:48:96:7c:3a:56:
3a:e0:69:22:50:a6:e3:1a:aa:d6:24:3a:53:80:9e:82:79:86:
46:86:67:5a:da:d1:dc:6e:dc:be:29:7b:7f:32:7a:35:4c:5b:
ff:3d:b6:cd:ce:0e:49:2a:8f:4c:f9:90:99:d1:e5:b2:2b:a7:
97:8c:8a:9b:9e:77:45:73:ee:98:98:e5:c9:a9:54:c9:8a:2f:
72:dc:97:da:44:ee:3a:51:7a:ad:cf:5a:2a:1d:21:29:09:e6:
84:86:84:b8:40:57:64:cc:47:8e:03:48:7a:09:b9:76:86:97:
7f:1f:d4:1c:86:02:3f:2c:eb:f0:a3:97:17:12:b0:ad:38:c1:
37:f8:3b:f6:ba:7f:92:67:32:b8:d8:5c:87:1b:94:6e:94:67:
4b:62:3f:34
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYUK6EpLY+Z3FPf2NNkfSlrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMjEzMDk1NDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWYzYWVhODg2NWYwODA0YmY5MTkwOWI4MGNiMzYzYTBjYjkyYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql6YLjHO7sMFco8qNuyUN2ehm2Pq
/AwvqKmTI5qCgl6vt1On6Dj6883Uv8EbuCV5MTCjm9WkIlT1PtOYYkZV6TMEf6PK
QnQskM+bFt4flkY1ZmE3pCVQ4gswYPWkxv/E2r6xLzF7QXbvyBkFeCCbryn+lLh+
AJh41frxGpUJD+ljfuIcG1GZPA4RgsVsBo1IHHHB/VGeq4x1efV5hj8uRDzKGOoL
kWeJsXSxbTInpZY63fv6i93W6RlL1KPYP1CX5FlwzKlc6DAojfA+oOSfLSlmK7MF
uV2e6BQ9FTw/rwiASxu/dd/UGV4dNsemVPVfSA3ZIek5+UbpglpsdBefDwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLHzrqiGXwgEv5GQm4DLNjoMuSqkMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvc2ZPdXFJWmZDQVNfa1pDYmdNczJPZ3k1S3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAPB6rgD
BAHB6sADBADB6sMwDQYJKoZIhvcNAQELBQADggEBAJOgpuREE1YZuiaQD0iBhUy3
EYoLaIhCCo6y1r0XgA5UbzTEPAG3GojhBuabTNLjtKBgdTg7s3i/FqBXu9aryBMV
zY7Qqb4zr2N/igvwQ/nJDQ/aqYp9CE+VaUuJUYCBmlWGvVHGKBlIlnw6VjrgaSJQ
puMaqtYkOlOAnoJ5hkaGZ1ra0dxu3L4pe38yejVMW/89ts3ODkkqj0z5kJnR5bIr
p5eMipued0Vz7piY5cmpVMmKL3Lcl9pE7jpReq3PWiodISkJ5oSGhLhAV2TMR44D
SHoJuXaGl38f1ByGAj8s6/CjlxcSsK04wTf4O/a6f5JnMrjYXIcblG6UZ0tiPzQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org