Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/COJqTWgkVJfrVlBGfCFj6seIN_8.roa
File: COJqTWgkVJfrVlBGfCFj6seIN_8.roa (raw, json)
Hash identifier: kVeFN7OFGHSZUrLtNcWPJjwLsNSlZLz0Apnx5Obi2Eo=
Subject key identifier: 08:E2:6A:4D:68:24:54:97:EB:56:50:46:7C:21:63:EA:C7:88:37:FF
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01842D5F4ED58380C64BF6EFDB561FC06673
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/COJqTWgkVJfrVlBGfCFj6seIN_8.roa
Signing time: Mon 31 Oct 2022 09:28:51 +0000
ROA not before: Mon 31 Oct 2022 09:28:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 163.5.95.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.184.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.197.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:5f:4e:d5:83:80:c6:4b:f6:ef:db:56:1f:c0:66:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 31 09:28:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08e26a4d68245497eb5650467c2163eac78837ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:75:2e:cd:82:26:07:c1:88:36:b9:fe:0e:aa:
e9:56:c3:0a:f3:b8:a8:11:8b:84:46:46:03:ed:3e:
0a:02:bf:fd:c2:58:89:24:08:26:20:a7:41:45:fa:
99:50:9c:4f:58:bd:3f:f4:b3:a2:5b:8d:72:90:5b:
e5:a8:da:fd:26:93:45:f6:fa:40:4d:1d:eb:fd:12:
48:d8:67:2b:47:36:32:96:a3:b1:35:ec:5b:8f:20:
16:27:bb:26:b1:57:ad:2f:c0:f7:65:c2:72:68:27:
b9:f5:99:4c:51:cb:a0:d5:7b:a1:a0:6c:91:fb:da:
25:44:ac:3b:51:31:a4:36:3f:67:ad:c5:34:fd:97:
ea:95:88:4e:0f:0e:e3:dd:20:de:64:66:20:3a:46:
73:a3:fd:bb:7b:75:ed:62:e1:65:f4:b2:2b:ea:cc:
bd:b1:27:87:65:5c:dd:01:a2:9f:44:8b:d8:9b:ef:
8f:b6:8e:6f:36:9b:f6:02:7e:cb:42:dc:cb:5c:f5:
c7:5e:d7:a6:9b:fc:d2:b6:ac:42:f1:d1:49:26:91:
a1:ce:e6:44:50:c1:08:f1:b3:bb:d9:bf:ab:e9:01:
98:45:07:01:2a:96:26:e2:ec:ea:45:0d:ae:b2:e1:
ac:27:59:d2:e0:4a:b8:a3:6a:d1:9b:6d:b7:ee:63:
35:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E2:6A:4D:68:24:54:97:EB:56:50:46:7C:21:63:EA:C7:88:37:FF
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/COJqTWgkVJfrVlBGfCFj6seIN_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.94.0/23
163.5.113.0/24
163.5.116.0/24
163.5.132.0/23
163.5.135.0-163.5.136.255
163.5.143.0/24
163.5.173.0/24
163.5.184.0/24
163.5.186.0/24
163.5.195.0-163.5.197.255
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
26:de:51:41:8b:41:44:e4:45:ae:49:89:16:05:12:ed:4e:39:
c7:e6:e5:76:b7:40:8f:06:47:30:9b:55:87:96:9a:20:3a:06:
47:cc:30:e6:70:10:25:6d:18:94:6e:cf:aa:d1:f6:61:0e:13:
fd:77:40:ae:af:0f:fe:38:9a:14:9a:9c:72:5a:a8:ce:ac:ee:
0a:93:a7:2f:b5:fd:f0:e3:66:8d:fc:9f:70:ab:df:0d:30:2e:
54:5d:63:cb:a0:74:29:f7:8d:f3:20:ea:af:b7:46:0d:2d:3f:
1d:de:2f:66:26:47:d9:8f:69:b7:7b:83:f4:3e:4b:c5:b1:0b:
8a:e7:f2:6b:e0:32:17:e1:9e:19:56:a6:8a:50:56:50:4b:80:
2b:2a:18:28:d2:b1:dc:80:b2:ca:aa:b6:c4:ff:32:14:3c:18:
e2:cf:b3:a9:df:d5:f9:d0:69:47:0f:3e:3d:ee:74:a8:8d:0a:
05:b3:24:30:bc:bd:4c:93:d7:f8:8a:39:e9:df:b9:67:ae:50:
ea:36:79:17:6c:a3:98:4f:c4:a5:18:0d:e9:3f:27:c4:50:94:
84:47:76:a8:cb:71:9e:2e:31:ac:cc:9e:28:d7:bc:ed:dc:b6:
53:a1:56:4c:03:1a:1a:5a:2d:c0:02:5f:fa:a6:40:7b:43:7b:
9e:20:ad:d1
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYQtX07Vg4DGS/bv21YfwGZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDMxMDkyODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGUyNmE0ZDY4MjQ1NDk3ZWI1NjUwNDY3YzIxNjNlYWM3ODgzN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknUuzYImB8GINrn+DqrpVsMK87io
EYuERkYD7T4KAr/9wliJJAgmIKdBRfqZUJxPWL0/9LOiW41ykFvlqNr9JpNF9vpA
TR3r/RJI2GcrRzYylqOxNexbjyAWJ7smsVetL8D3ZcJyaCe59ZlMUcug1XuhoGyR
+9olRKw7UTGkNj9nrcU0/ZfqlYhODw7j3SDeZGYgOkZzo/27e3XtYuFl9LIr6sy9
sSeHZVzdAaKfRIvYm++Pto5vNpv2An7LQtzLXPXHXtemm/zStqxC8dFJJpGhzuZE
UMEI8bO72b+r6QGYRQcBKpYm4uzqRQ2usuGsJ1nS4Eq4o2rRm2237mM1LQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFAjiak1oJFSX61ZQRnwhY+rHiDf/MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQ09KcVRXZ2tWSmZyVmxCR2ZDRmo2c2VJTl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAowUgAwQB
owVeAwQAowVxAwQAowV0AwQBowWEMAwDBACjBYcDBACjBYgDBACjBY8DBACjBa0D
BACjBbgDBACjBbowDAMEAKMFwwMEAaMFxAMEAKMF8TANBgkqhkiG9w0BAQsFAAOC
AQEAJt5RQYtBRORFrkmJFgUS7U45x+bldrdAjwZHMJtVh5aaIDoGR8ww5nAQJW0Y
lG7PqtH2YQ4T/XdArq8P/jiaFJqcclqozqzuCpOnL7X98ONmjfyfcKvfDTAuVF1j
y6B0KfeN8yDqr7dGDS0/Hd4vZiZH2Y9pt3uD9D5LxbELiufya+AyF+GeGVamilBW
UEuAKyoYKNKx3ICyyqq2xP8yFDwY4s+zqd/V+dBpRw8+Pe50qI0KBbMkMLy9TJPX
+Io56d+5Z65Q6jZ5F2yjmE/EpRgN6T8nxFCUhEd2qMtxni4xrMyeKNe87dy2U6FW
TAMaGlotwAJf+qZAe0N7niCt0Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org