Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4jD5S6_cjmvQ96QfPueiBAITOb8.roa
File: 4jD5S6_cjmvQ96QfPueiBAITOb8.roa (raw, json)
Hash identifier: qi39a1M+xt5s3I2HCGJviFeRfyfRoVspu5ZhoIsZ0bE=
Subject key identifier: E2:30:F9:4B:AF:DC:8E:6B:D0:F7:A4:1F:3E:E7:A2:04:02:13:39:BF
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184E25EB69C4DC68E21E401AB25483C3436
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4jD5S6_cjmvQ96QfPueiBAITOb8.roa
Signing time: Mon 05 Dec 2022 12:59:28 +0000
ROA not before: Mon 05 Dec 2022 12:59:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 163.5.183.0/24 maxlen: 24
163.5.122.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:5e:b6:9c:4d:c6:8e:21:e4:01:ab:25:48:3c:34:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 5 12:59:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e230f94bafdc8e6bd0f7a41f3ee7a204021339bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:82:b2:87:f1:47:65:5e:7b:32:db:56:8b:85:
4f:77:8a:f7:7c:20:31:d4:ac:c2:34:6a:61:fa:ca:
f6:1a:ae:9b:bd:73:40:66:50:06:be:84:a3:2b:8c:
f0:9c:27:44:ee:87:ef:e4:4e:7f:46:c5:b1:78:99:
a2:64:41:9a:a5:75:8f:c4:cd:62:65:e1:a2:23:6f:
3f:4f:d7:8f:77:61:f0:00:65:8d:fe:73:57:6e:d1:
db:12:ed:b7:51:3d:2f:07:e3:76:15:b3:91:d0:12:
2c:e1:ac:eb:60:c1:26:f2:f1:74:97:2d:3f:77:50:
57:07:2b:bd:98:aa:78:30:97:dd:e2:e4:ec:02:e5:
2a:65:d1:2d:55:71:8f:35:02:9f:de:ea:c4:52:33:
d6:68:89:4f:f4:cd:b9:1f:38:14:21:fa:e9:73:28:
05:66:31:78:8e:fe:a8:0f:ee:15:5d:02:18:60:53:
a0:71:d9:67:5e:d1:1b:14:42:4d:be:b8:2e:2b:96:
b1:19:1d:52:4c:b3:45:41:e0:a5:0c:f6:ce:1b:ab:
b1:ee:84:86:64:54:26:9a:22:f7:84:f5:5b:fe:aa:
97:5c:b8:59:7c:ed:46:8c:07:49:ae:a3:48:cb:41:
9c:fb:f6:8b:47:b4:ca:7d:1c:f1:12:5c:d4:bf:d9:
09:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:30:F9:4B:AF:DC:8E:6B:D0:F7:A4:1F:3E:E7:A2:04:02:13:39:BF
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4jD5S6_cjmvQ96QfPueiBAITOb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.122.0/24
163.5.139.0/24
163.5.183.0/24
163.5.238.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
09:57:7a:4a:09:a6:02:f5:e0:f4:b9:ab:61:ca:bd:13:69:a0:
3e:9e:97:40:25:47:bb:0b:97:36:0d:17:a4:56:2c:47:cb:1c:
92:93:26:91:b6:fe:86:80:f3:da:32:20:81:84:b2:7b:34:79:
70:ab:09:63:f4:9d:d5:38:09:4a:71:0d:d6:d3:de:f8:bd:f1:
b6:fc:5a:73:47:ba:37:9d:c8:7a:c5:28:1d:56:b3:f0:a9:d5:
26:34:96:e0:d7:5e:32:af:75:f5:65:3d:5a:45:02:91:0a:a1:
64:0a:6c:fd:9d:dc:e5:7d:b4:1d:45:76:80:ec:25:23:35:f9:
89:40:00:46:c1:f7:59:72:0e:1a:d0:b5:33:93:4b:7b:fa:9a:
50:ab:fc:96:5d:2c:9b:cb:45:79:0b:73:ff:26:92:b1:51:f1:
b1:1e:8d:90:ab:48:a5:f5:03:71:95:9f:be:ff:af:2a:6c:c7:
1e:dc:26:b4:c3:65:9c:00:50:a1:74:71:b8:c9:98:f3:f2:0b:
68:43:8a:34:86:da:8b:13:8e:a7:93:c8:76:e5:2c:85:f9:c9:
a9:ee:4f:71:b2:54:e9:b6:76:73:5d:5b:90:15:ac:b9:41:52:
e3:80:e4:69:c6:03:d5:9e:7d:16:51:e2:a2:40:f4:cd:43:45:
62:fb:ff:51
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYTiXracTcaOIeQBqyVIPDQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjA1MTI1OTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjMwZjk0YmFmZGM4ZTZiZDBmN2E0MWYzZWU3YTIwNDAyMTMzOWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoKyh/FHZV57MttWi4VPd4r3fCAx
1KzCNGph+sr2Gq6bvXNAZlAGvoSjK4zwnCdE7ofv5E5/RsWxeJmiZEGapXWPxM1i
ZeGiI28/T9ePd2HwAGWN/nNXbtHbEu23UT0vB+N2FbOR0BIs4azrYMEm8vF0ly0/
d1BXByu9mKp4MJfd4uTsAuUqZdEtVXGPNQKf3urEUjPWaIlP9M25HzgUIfrpcygF
ZjF4jv6oD+4VXQIYYFOgcdlnXtEbFEJNvrguK5axGR1STLNFQeClDPbOG6ux7oSG
ZFQmmiL3hPVb/qqXXLhZfO1GjAdJrqNIy0Gc+/aLR7TKfRzxElzUv9kJiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOIw+Uuv3I5r0PekHz7nogQCEzm/MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNGpENVM2X2NqbXZROTZRZlB1ZWlCQUlUT2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowV6AwQA
owWLAwQAowW3AwQAowXuAwQAowX/MA0GCSqGSIb3DQEBCwUAA4IBAQAJV3pKCaYC
9eD0uathyr0TaaA+npdAJUe7C5c2DRekVixHyxySkyaRtv6GgPPaMiCBhLJ7NHlw
qwlj9J3VOAlKcQ3W0974vfG2/FpzR7o3nch6xSgdVrPwqdUmNJbg114yr3X1ZT1a
RQKRCqFkCmz9ndzlfbQdRXaA7CUjNfmJQABGwfdZcg4a0LUzk0t7+ppQq/yWXSyb
y0V5C3P/JpKxUfGxHo2Qq0il9QNxlZ++/68qbMce3Ca0w2WcAFChdHG4yZjz8gto
Q4o0htqLE46nk8h25SyF+cmp7k9xslTptnZzXVuQFay5QVLjgORpxgPVnn0WUeKi
QPTNQ0Vi+/9R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org