Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6HzEwyGhSspAcBXzj0GWRg5i35M.roa
File: 6HzEwyGhSspAcBXzj0GWRg5i35M.roa (raw, json)
Hash identifier: uGdksq3ReYw+fM9uf/rLwXyEkJ4NS1ZNkqlrqayBUjM=
Subject key identifier: E8:7C:C4:C3:21:A1:4A:CA:40:70:15:F3:8F:41:96:46:0E:62:DF:93
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01842D57FC1C017077D57FC4692683A7274A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6HzEwyGhSspAcBXzj0GWRg5i35M.roa
Signing time: Mon 31 Oct 2022 09:20:51 +0000
ROA not before: Mon 31 Oct 2022 09:20:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:57:fc:1c:01:70:77:d5:7f:c4:69:26:83:a7:27:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 31 09:20:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e87cc4c321a14aca407015f38f4196460e62df93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4b:70:65:2a:61:b1:76:36:db:ca:57:56:49:
ea:24:9a:5a:44:31:39:dc:17:86:97:d9:bb:bc:93:
86:24:4a:6a:b1:6b:1c:90:b7:c8:68:0b:f6:f6:fc:
21:c1:bd:dc:8f:97:9b:e7:74:87:a3:43:97:be:6a:
ad:d4:70:40:5c:44:e0:83:f6:04:63:9e:99:09:b4:
40:43:cc:1c:bc:8d:22:2f:83:cd:90:b8:38:22:64:
af:41:08:fb:7d:e5:23:e6:70:16:64:75:a7:76:7d:
c4:96:3a:b6:df:3e:b5:26:d5:3b:aa:75:90:f3:a6:
0e:92:c1:83:20:dd:54:d1:02:73:82:2e:f5:0f:9d:
be:1d:3b:47:eb:57:f4:57:53:60:9e:e5:e6:13:71:
3d:74:c4:ea:96:dc:d8:4f:9a:93:72:bf:99:51:d1:
4e:01:a6:f6:12:3f:f3:b6:e9:a9:30:15:ee:73:c7:
11:61:4f:61:76:b9:95:ac:69:e8:42:61:46:86:05:
f4:2e:d5:1b:17:b3:07:c7:72:8c:29:a7:11:cf:0d:
b2:36:8b:0e:dd:de:25:19:c9:7d:da:c6:fc:cf:38:
c7:a2:ab:36:2c:92:3a:12:60:ac:46:a1:0b:3d:ab:
08:3b:d8:89:78:14:e5:e1:5a:ba:e6:3b:64:47:5f:
d1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:7C:C4:C3:21:A1:4A:CA:40:70:15:F3:8F:41:96:46:0E:62:DF:93
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6HzEwyGhSspAcBXzj0GWRg5i35M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.112.0/24
163.5.130.0/24
163.5.134.0/24
163.5.153.0/24
163.5.192.0/24
Signature Algorithm: sha256WithRSAEncryption
51:1f:73:ab:80:25:5b:9f:20:f1:81:ec:2f:dc:32:3d:b8:3f:
67:e1:ad:5f:dd:cd:4b:2c:31:2a:c3:51:2f:1c:0e:27:66:dc:
cd:00:8c:0d:5a:82:18:1d:15:94:b9:69:bd:59:b0:bb:0e:68:
8e:d2:5e:40:b5:9b:a0:24:01:69:fd:82:32:4a:a0:4b:29:1e:
b4:53:e7:b0:ba:bd:80:47:e7:fb:6d:b1:7e:5b:e4:d9:3d:2e:
de:96:dd:72:dd:58:18:15:8a:0d:50:f6:63:81:e0:d8:a5:f2:
b7:f3:31:6b:4d:8c:f2:e6:14:0b:a0:e5:bd:13:d9:14:14:fa:
b5:5c:60:f6:07:ad:d9:ed:3f:cb:bb:66:bb:04:29:72:d9:64:
6c:90:cd:77:5c:19:5e:45:1f:ff:ec:29:cf:76:e7:12:83:93:
ee:d6:0d:eb:65:55:ab:1e:6f:23:a1:e6:31:8b:97:e0:60:2c:
64:86:03:a7:ad:ea:17:00:69:46:17:ea:92:d6:d6:b2:ee:b7:
a6:21:16:23:67:17:54:3f:43:1e:e6:42:d3:04:42:e2:04:3a:
c8:28:7b:1c:da:57:53:6e:44:ad:bb:e3:1c:cd:d7:ba:d5:a9:
6e:10:10:f5:0b:15:72:82:f1:5e:d9:81:64:2a:a0:ac:ae:ac:
05:4f:3e:d1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQtV/wcAXB31X/EaSaDpydKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDMxMDkyMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODdjYzRjMzIxYTE0YWNhNDA3MDE1ZjM4ZjQxOTY0NjBlNjJkZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlktwZSphsXY228pXVknqJJpaRDE5
3BeGl9m7vJOGJEpqsWsckLfIaAv29vwhwb3cj5eb53SHo0OXvmqt1HBAXETgg/YE
Y56ZCbRAQ8wcvI0iL4PNkLg4ImSvQQj7feUj5nAWZHWndn3Eljq23z61JtU7qnWQ
86YOksGDIN1U0QJzgi71D52+HTtH61f0V1NgnuXmE3E9dMTqltzYT5qTcr+ZUdFO
Aab2Ej/ztumpMBXuc8cRYU9hdrmVrGnoQmFGhgX0LtUbF7MHx3KMKacRzw2yNosO
3d4lGcl92sb8zzjHoqs2LJI6EmCsRqELPasIO9iJeBTl4Vq65jtkR1/RbQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOh8xMMhoUrKQHAV849BlkYOYt+TMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNkh6RXd5R2hTc3BBY0JYemowR1dSZzVpMzVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowVwAwQA
owWCAwQAowWGAwQAowWZAwQAowXAMA0GCSqGSIb3DQEBCwUAA4IBAQBRH3OrgCVb
nyDxgewv3DI9uD9n4a1f3c1LLDEqw1EvHA4nZtzNAIwNWoIYHRWUuWm9WbC7DmiO
0l5AtZugJAFp/YIySqBLKR60U+ewur2AR+f7bbF+W+TZPS7elt1y3VgYFYoNUPZj
geDYpfK38zFrTYzy5hQLoOW9E9kUFPq1XGD2B63Z7T/Lu2a7BCly2WRskM13XBle
RR//7CnPducSg5Pu1g3rZVWrHm8joeYxi5fgYCxkhgOnreoXAGlGF+qS1tay7rem
IRYjZxdUP0Me5kLTBELiBDrIKHsc2ldTbkStu+Mczde61aluEBD1CxVygvFe2YFk
KqCsrqwFTz7R
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:19 2023 by rpki-client on console-fra.rpki-client.org