Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4GPk3g3_B6f71D6oM5It4avjwoI.roa
File: 4GPk3g3_B6f71D6oM5It4avjwoI.roa (raw, json)
Hash identifier: Gbg8iNO/TL14F6hv8TzxUJlB7ms9Rg9Pp+6RlzQd2pE=
Subject key identifier: E0:63:E4:DE:0D:FF:07:A7:FB:D4:3E:A8:33:92:2D:E1:AB:E3:C2:82
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018500EE61F7BD983D05B6E4C45F7E53DBE4
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4GPk3g3_B6f71D6oM5It4avjwoI.roa
Signing time: Sun 11 Dec 2022 11:25:00 +0000
ROA not before: Sun 11 Dec 2022 11:25:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211936
IP address blocks: 163.5.106.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:00:ee:61:f7:bd:98:3d:05:b6:e4:c4:5f:7e:53:db:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 11 11:25:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e063e4de0dff07a7fbd43ea833922de1abe3c282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:33:27:01:bf:7d:9f:55:eb:de:8e:19:b0:c3:
26:3f:3b:f4:d8:e3:47:a0:fa:3f:ed:16:9f:7d:5a:
b3:8b:30:df:fb:f8:19:8b:58:ba:2c:9e:8e:6a:46:
34:b5:a3:99:67:1c:48:b2:c5:2a:7e:72:14:c5:36:
35:5e:55:eb:e7:25:12:52:cb:a4:b2:43:1d:60:a6:
e1:dc:20:c2:85:46:8b:9f:ec:90:cd:f2:be:b1:68:
15:53:6b:2e:58:31:43:da:fe:c7:de:f7:80:2e:58:
60:ac:1b:fe:a7:8d:64:ed:5e:84:27:dc:fa:5c:07:
ec:64:6d:10:f1:24:14:89:2e:78:3e:5b:39:f3:56:
ad:a6:d1:d0:92:bd:2e:cd:10:7f:55:e5:0c:bb:d4:
86:33:1a:c6:68:2a:ab:e7:a8:5d:30:2b:f4:d9:19:
8f:1b:90:fc:f9:d4:90:c0:a6:a1:6c:55:87:ea:30:
6a:f3:e9:39:fc:0f:83:42:61:67:64:73:42:09:89:
df:ec:7c:ca:d8:71:9b:b2:df:e7:1f:ed:b4:59:e8:
51:58:08:50:bd:f1:90:e5:3a:52:a4:21:c0:0c:1a:
43:a2:a1:67:8c:16:6f:da:20:2d:48:63:c1:ed:3f:
e8:4f:fb:db:e2:b6:b8:dc:77:ba:b4:5d:7b:d1:b3:
65:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:63:E4:DE:0D:FF:07:A7:FB:D4:3E:A8:33:92:2D:E1:AB:E3:C2:82
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4GPk3g3_B6f71D6oM5It4avjwoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.106.0/24
163.5.118.0/23
163.5.159.0/24
163.5.225.0/24
163.5.229.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:2c:f9:c2:8e:a0:13:fd:18:48:54:77:c9:41:f4:98:b8:24:
ac:8d:b5:59:08:66:2d:36:21:89:c0:8d:b1:30:de:17:df:85:
b4:1a:ed:c0:26:ac:0b:f7:d8:d0:77:87:54:d9:cc:e7:ba:04:
f2:c4:8a:fe:46:b0:aa:af:26:ca:f3:41:27:85:0d:ac:f4:26:
62:c0:17:94:9e:39:61:4f:a8:f7:06:73:49:2a:ca:6a:18:17:
7e:9e:68:b9:eb:09:df:17:7b:af:3d:0e:78:2f:6a:ba:9d:77:
47:8d:d7:f8:58:d8:8d:40:2b:24:16:66:ab:dd:15:8b:40:e5:
ca:88:cc:24:e6:3c:f8:2b:46:29:27:97:43:ca:b3:a5:7b:fb:
7e:01:3c:5c:2b:fb:db:3e:07:45:65:57:aa:04:ca:ce:b7:fa:
0b:dd:59:4c:9d:34:fa:04:13:45:8b:ec:d8:dd:34:8f:37:69:
2d:7f:86:ea:17:66:30:84:ec:2e:e4:5e:37:a8:60:70:87:18:
e4:35:36:0a:2c:a3:d0:f9:69:9c:eb:7d:d1:41:76:9f:59:24:
5e:3c:0d:45:35:f1:f1:18:63:9e:0e:19:1e:af:5b:b3:e6:87:
89:6d:40:ce:bb:48:c0:66:48:a8:54:04:2b:b7:98:a0:5b:46:
ed:f7:ce:b7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYUA7mH3vZg9BbbkxF9+U9vkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjExMTEyNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDYzZTRkZTBkZmYwN2E3ZmJkNDNlYTgzMzkyMmRlMWFiZTNjMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDMnAb99n1Xr3o4ZsMMmPzv02ONH
oPo/7RaffVqzizDf+/gZi1i6LJ6OakY0taOZZxxIssUqfnIUxTY1XlXr5yUSUsuk
skMdYKbh3CDChUaLn+yQzfK+sWgVU2suWDFD2v7H3veALlhgrBv+p41k7V6EJ9z6
XAfsZG0Q8SQUiS54Pls581atptHQkr0uzRB/VeUMu9SGMxrGaCqr56hdMCv02RmP
G5D8+dSQwKahbFWH6jBq8+k5/A+DQmFnZHNCCYnf7HzK2HGbst/nH+20WehRWAhQ
vfGQ5TpSpCHADBpDoqFnjBZv2iAtSGPB7T/oT/vb4ra43He6tF170bNlhwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOBj5N4N/wen+9Q+qDOSLeGr48KCMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNEdQazNnM19CNmY3MUQ2b001SXQ0YXZqd29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowVqAwQB
owV2AwQAowWfAwQAowXhAwQAowXlMA0GCSqGSIb3DQEBCwUAA4IBAQBPLPnCjqAT
/RhIVHfJQfSYuCSsjbVZCGYtNiGJwI2xMN4X34W0Gu3AJqwL99jQd4dU2cznugTy
xIr+RrCqrybK80EnhQ2s9CZiwBeUnjlhT6j3BnNJKspqGBd+nmi56wnfF3uvPQ54
L2q6nXdHjdf4WNiNQCskFmar3RWLQOXKiMwk5jz4K0YpJ5dDyrOle/t+ATxcK/vb
PgdFZVeqBMrOt/oL3VlMnTT6BBNFi+zY3TSPN2ktf4bqF2YwhOwu5F43qGBwhxjk
NTYKLKPQ+Wmc633RQXafWSRePA1FNfHxGGOeDhker1uz5oeJbUDOu0jAZkioVAQr
t5igW0bt9863
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:19 2023 by rpki-client on console-fra.rpki-client.org