Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AryeatW2C0QqbvgwX66dwFyyJXw.roa
File: AryeatW2C0QqbvgwX66dwFyyJXw.roa (raw, json)
Hash identifier: RwuB5rc1uKOvsyZFKsjAHWjYeYzCrpy4K02LCzNDHOM=
Subject key identifier: 02:BC:9E:6A:D5:B6:0B:44:2A:6E:F8:30:5F:AE:9D:C0:5C:B2:25:7C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01847081C2FB12EF99DAB3577FAA0A6D660B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AryeatW2C0QqbvgwX66dwFyyJXw.roa
Signing time: Sun 13 Nov 2022 10:21:03 +0000
ROA not before: Sun 13 Nov 2022 10:21:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 163.5.95.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.197.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:70:81:c2:fb:12:ef:99:da:b3:57:7f:aa:0a:6d:66:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 13 10:21:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02bc9e6ad5b60b442a6ef8305fae9dc05cb2257c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:34:51:9d:40:64:30:e0:70:2f:f1:f3:3b:33:
d8:d4:52:66:8c:ee:0f:28:3d:7d:eb:d6:3b:38:e0:
3b:23:64:9e:db:36:d4:60:47:ef:52:09:cf:1e:c1:
78:c9:f3:e8:42:35:c8:74:1f:0b:80:2d:e5:98:cb:
95:1e:52:58:41:b6:32:8e:3d:3a:96:c5:db:ba:28:
e6:fc:62:cd:66:d4:77:e6:07:6a:7f:d4:22:cf:bd:
07:b5:23:13:cd:e0:dd:53:25:c3:7b:77:9f:24:4d:
e8:c4:37:fd:25:73:bd:72:ac:aa:0f:f9:02:e6:6a:
b5:86:49:42:7b:6d:bc:5c:bf:55:fa:57:58:74:df:
cf:0a:da:18:e7:6d:44:8e:c9:fa:2d:b8:72:7a:07:
75:e4:d8:06:62:bf:a9:92:15:d5:3f:f2:32:a5:0a:
02:5f:86:ad:6b:5f:64:0f:7a:f1:a2:49:a0:c2:09:
8c:99:22:a4:84:d8:ca:c7:ca:59:04:70:c6:4c:7a:
f3:55:69:6b:c6:b3:91:24:18:9a:9e:46:90:3f:51:
17:7f:ba:a6:c4:ff:92:1d:5d:82:bf:4d:6d:d4:94:
6a:4b:65:db:98:90:bb:34:f2:ff:6a:ed:c4:8a:ca:
40:18:f2:a4:a6:2d:a5:d8:94:75:f0:30:a1:36:8d:
25:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BC:9E:6A:D5:B6:0B:44:2A:6E:F8:30:5F:AE:9D:C0:5C:B2:25:7C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AryeatW2C0QqbvgwX66dwFyyJXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.94.0/23
163.5.113.0/24
163.5.116.0/24
163.5.132.0/23
163.5.135.0-163.5.136.255
163.5.173.0/24
163.5.186.0/24
163.5.195.0-163.5.197.255
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:c5:9e:79:ad:a1:b0:4a:d5:ec:60:8b:c5:ea:e3:e5:5c:ca:
bc:30:b5:a2:d3:a9:56:fa:64:56:0b:42:5c:62:78:f0:34:f8:
75:d2:5f:8c:8d:a6:a8:41:f3:e8:1c:69:cf:99:9c:50:54:ba:
01:f5:03:70:0a:27:b6:6a:bf:0d:ce:79:37:17:4f:8b:46:06:
70:d0:62:87:d7:28:4b:97:df:b4:e1:a5:b9:e7:db:e8:e1:1e:
64:e0:c2:34:6a:d3:4e:c1:14:fd:ff:65:9c:07:3d:c0:f6:23:
6d:8d:9c:a8:9b:3e:b2:b6:7f:ed:f7:15:28:1a:72:c0:08:71:
14:b4:6a:6e:8c:80:22:58:b9:df:ec:ba:59:16:a1:6f:9d:e5:
15:5a:2d:47:1a:5a:b1:11:4e:19:9b:b8:c2:fe:f4:7b:57:f6:
36:8d:88:79:38:f5:b9:47:07:cf:d4:39:7e:38:85:a5:64:b1:
c2:aa:62:91:2c:b0:5a:16:91:ab:79:02:4e:2c:83:2f:db:a8:
d5:90:93:8b:80:41:b9:fc:41:64:71:9f:de:94:a9:d0:29:6f:
7e:a0:8e:b3:34:58:9e:48:9a:28:8d:d9:97:36:12:17:fc:89:
cf:53:63:f2:c9:4c:f2:89:d0:ce:68:94:09:36:3a:47:ab:ab:
0f:85:e9:a0
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYRwgcL7Eu+Z2rNXf6oKbWYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTEzMTAyMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmJjOWU2YWQ1YjYwYjQ0MmE2ZWY4MzA1ZmFlOWRjMDVjYjIyNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjRRnUBkMOBwL/HzOzPY1FJmjO4P
KD1969Y7OOA7I2Se2zbUYEfvUgnPHsF4yfPoQjXIdB8LgC3lmMuVHlJYQbYyjj06
lsXbuijm/GLNZtR35gdqf9Qiz70HtSMTzeDdUyXDe3efJE3oxDf9JXO9cqyqD/kC
5mq1hklCe228XL9V+ldYdN/PCtoY521Ejsn6Lbhyegd15NgGYr+pkhXVP/IypQoC
X4ata19kD3rxokmgwgmMmSKkhNjKx8pZBHDGTHrzVWlrxrORJBiankaQP1EXf7qm
xP+SHV2Cv01t1JRqS2XbmJC7NPL/au3EispAGPKkpi2l2JR18DChNo0l2wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFAK8nmrVtgtEKm74MF+uncBcsiV8MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQXJ5ZWF0VzJDMFFxYnZnd1g2NmR3Rnl5Slh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAowUgAwQB
owVeAwQAowVxAwQAowV0AwQBowWEMAwDBACjBYcDBACjBYgDBACjBa0DBACjBbow
DAMEAKMFwwMEAaMFxAMEAKMF8TANBgkqhkiG9w0BAQsFAAOCAQEAT8Weea2hsErV
7GCLxerj5VzKvDC1otOpVvpkVgtCXGJ48DT4ddJfjI2mqEHz6Bxpz5mcUFS6AfUD
cAontmq/Dc55NxdPi0YGcNBih9coS5fftOGluefb6OEeZODCNGrTTsEU/f9lnAc9
wPYjbY2cqJs+srZ/7fcVKBpywAhxFLRqboyAIli53+y6WRahb53lFVotRxpasRFO
GZu4wv70e1f2No2IeTj1uUcHz9Q5fjiFpWSxwqpikSywWhaRq3kCTiyDL9uo1ZCT
i4BBufxBZHGf3pSp0ClvfqCOszRYnkiaKI3ZlzYSF/yJz1Nj8slM8onQzmiUCTY6
R6urD4XpoA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org