Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1Yf0nEH9U5NY9Ze8PbfreP6UT_0.roa
File: 1Yf0nEH9U5NY9Ze8PbfreP6UT_0.roa (raw, json)
Hash identifier: g7xKvhNuzAeZYXAw1p/bAjYBadVeYhrKDhrmOue7n6s=
Subject key identifier: D5:87:F4:9C:41:FD:53:93:58:F5:97:BC:3D:B7:EB:78:FE:94:4F:FD
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01842D5C8EEFFC542AC0FC4E2106495CAE54
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1Yf0nEH9U5NY9Ze8PbfreP6UT_0.roa
Signing time: Mon 31 Oct 2022 09:25:51 +0000
ROA not before: Mon 31 Oct 2022 09:25:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 163.5.91.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
163.5.37.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.152.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:5c:8e:ef:fc:54:2a:c0:fc:4e:21:06:49:5c:ae:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 31 09:25:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d587f49c41fd539358f597bc3db7eb78fe944ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:17:cf:c1:74:86:d6:9a:05:99:d1:87:c7:4b:
00:78:c3:94:3a:fe:c1:68:df:18:d0:94:96:8c:30:
d3:58:76:6e:05:bf:a3:c1:a5:64:87:29:a2:62:70:
db:23:30:4b:8b:c1:03:f2:dd:52:30:2c:56:69:4d:
3b:af:ca:91:47:a0:c4:18:04:05:85:9a:d0:20:2a:
0e:38:dc:bf:b0:69:6d:90:5b:c4:a5:72:12:63:c0:
1b:50:55:9e:2a:19:71:39:ab:3c:6c:7b:95:d7:f6:
a4:70:29:48:34:08:b4:aa:3c:c7:49:7e:11:55:90:
26:a1:fd:98:43:6e:5d:c8:97:4a:6f:02:40:15:99:
b0:30:d8:0d:59:7e:12:fd:3a:93:21:14:f2:d2:33:
8c:6b:c2:f5:00:f5:59:22:31:bc:6d:c9:0f:49:c0:
f8:72:cb:22:6e:f7:95:a2:ac:56:a5:1a:0b:2c:41:
5d:9f:de:86:c1:8c:1c:89:d1:21:08:1b:3e:93:59:
f5:a3:af:2e:56:8b:f1:c2:74:9b:54:a6:15:3b:fb:
47:f9:76:22:9d:66:36:0c:9d:1d:53:9c:dd:f9:1a:
aa:a9:2d:a4:2a:c2:e1:39:79:c7:fc:11:cd:dc:fe:
72:77:fe:92:28:68:35:8f:1b:5b:c0:f2:d8:d4:95:
83:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:87:F4:9C:41:FD:53:93:58:F5:97:BC:3D:B7:EB:78:FE:94:4F:FD
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1Yf0nEH9U5NY9Ze8PbfreP6UT_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/23
163.5.33.0-163.5.34.255
163.5.37.0-163.5.39.255
163.5.91.0/24
163.5.97.0/24
163.5.99.0/24
163.5.114.0/24
163.5.118.0/23
163.5.124.0/24
163.5.152.0/24
163.5.158.0/24
163.5.169.0/24
163.5.179.0/24
163.5.212.0/24
163.5.214.0/24
163.5.223.0/24
163.5.249.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
41:55:51:94:43:42:02:22:2a:b5:c0:be:ca:a3:e9:46:cd:72:
17:4a:4c:d9:f9:f7:26:4c:d9:48:96:c0:c9:34:74:9f:a3:c1:
96:41:48:97:97:81:ba:a6:e2:00:21:56:3f:59:22:9d:ad:54:
b7:15:0f:01:1f:51:b1:0b:16:f1:85:21:a2:e4:0d:ce:25:c3:
22:e2:1c:91:54:50:06:20:59:97:44:c9:70:97:3b:4c:f4:93:
f3:50:73:a4:e7:40:f0:ba:f0:1d:7e:5c:22:97:e6:6e:f8:9f:
b7:e1:cf:f0:a6:27:d9:37:90:c7:a2:59:7a:df:83:c8:95:1a:
67:d3:8b:33:8d:36:f3:6c:b5:cc:89:d7:50:38:64:c3:93:d8:
c9:a0:42:bb:71:55:5d:31:22:00:e7:8f:60:9f:c1:3d:b4:fa:
23:79:2b:67:8f:a4:a0:97:d7:44:71:10:d8:e3:2e:d7:6a:e2:
f3:d6:b1:0f:86:b3:04:3c:11:24:85:ea:0c:cf:9e:46:52:0d:
34:e7:eb:75:96:87:37:fe:b9:7c:57:d5:45:09:73:17:d9:bf:
47:a5:c2:a4:e7:05:77:1f:70:c9:dd:af:ba:57:38:2a:48:1a:
05:b8:1e:22:d2:0a:92:21:0c:a0:37:db:19:78:f3:40:22:70:
02:ab:85:b2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYQtXI7v/FQqwPxOIQZJXK5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDMxMDkyNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg3ZjQ5YzQxZmQ1MzkzNThmNTk3YmMzZGI3ZWI3OGZlOTQ0ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBfPwXSG1poFmdGHx0sAeMOUOv7B
aN8Y0JSWjDDTWHZuBb+jwaVkhymiYnDbIzBLi8ED8t1SMCxWaU07r8qRR6DEGAQF
hZrQICoOONy/sGltkFvEpXISY8AbUFWeKhlxOas8bHuV1/akcClINAi0qjzHSX4R
VZAmof2YQ25dyJdKbwJAFZmwMNgNWX4S/TqTIRTy0jOMa8L1APVZIjG8bckPScD4
cssibveVoqxWpRoLLEFdn96GwYwcidEhCBs+k1n1o68uVovxwnSbVKYVO/tH+XYi
nWY2DJ0dU5zd+RqqqS2kKsLhOXnH/BHN3P5yd/6SKGg1jxtbwPLY1JWDQQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFNWH9JxB/VOTWPWXvD2363j+lE/9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMVlmMG5FSDlVNU5ZOVplOFBiZnJlUDZVVF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAaMF
HjAMAwQAowUhAwQAowUiMAwDBACjBSUDBAOjBSADBACjBVsDBACjBWEDBACjBWMD
BACjBXIDBAGjBXYDBACjBXwDBACjBZgDBACjBZ4DBACjBakDBACjBbMDBACjBdQD
BACjBdYDBACjBd8DBACjBfkDBACjBf4wDQYJKoZIhvcNAQELBQADggEBAEFVUZRD
QgIiKrXAvsqj6UbNchdKTNn59yZM2UiWwMk0dJ+jwZZBSJeXgbqm4gAhVj9ZIp2t
VLcVDwEfUbELFvGFIaLkDc4lwyLiHJFUUAYgWZdEyXCXO0z0k/NQc6TnQPC68B1+
XCKX5m74n7fhz/CmJ9k3kMeiWXrfg8iVGmfTizONNvNstcyJ11A4ZMOT2MmgQrtx
VV0xIgDnj2CfwT20+iN5K2ePpKCX10RxENjjLtdq4vPWsQ+GswQ8ESSF6gzPnkZS
DTTn63WWhzf+uXxX1UUJcxfZv0elwqTnBXcfcMndr7pXOCpIGgW4HiLSCpIhDKA3
2xl480AicAKrhbI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:00 2024 by rpki-client on console-fra.rpki-client.org