Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/C_AFHtYq1qbYNzEeuVc9XP2oN58.roa
File: C_AFHtYq1qbYNzEeuVc9XP2oN58.roa (raw, json)
Hash identifier: oZcoJ9yKLJI6hrfrskR/J2jFy1dQo2qylonoHjIA/3g=
Subject key identifier: 0B:F0:05:1E:D6:2A:D6:A6:D8:37:31:1E:B9:57:3D:5C:FD:A8:37:9F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0183268F51FB2B478842E422EA8FFF2FCAD5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/C_AFHtYq1qbYNzEeuVc9XP2oN58.roa
Signing time: Sat 10 Sep 2022 08:41:10 +0000
ROA not before: Sat 10 Sep 2022 08:41:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 163.5.190.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:26:8f:51:fb:2b:47:88:42:e4:22:ea:8f:ff:2f:ca:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 10 08:41:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bf0051ed62ad6a6d837311eb9573d5cfda8379f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:71:fa:18:d4:76:0e:32:49:8a:14:84:be:fa:
ac:e6:d0:3d:f5:47:33:3a:4c:31:77:61:61:7c:fb:
80:0b:06:2c:1a:32:b3:14:b6:a4:47:ac:8f:6e:e4:
79:24:5d:2e:db:51:fd:72:85:df:82:57:c7:43:32:
4a:17:f9:3b:81:5c:3d:ca:ba:eb:51:cb:28:cb:17:
eb:6b:38:ef:82:38:fb:33:e7:b7:51:10:10:7d:26:
a7:5b:64:e0:22:17:bd:f6:0d:f5:29:d4:81:4e:2a:
cc:61:61:f9:3b:3d:34:97:60:ec:83:82:5a:4d:28:
89:cb:f8:ba:4d:00:1e:21:0c:d3:ad:74:4c:bb:0a:
e7:ea:fa:c2:cd:84:1f:b0:f5:85:e8:98:e1:fa:7a:
6a:06:bc:e7:2a:16:5a:06:a2:17:b2:a3:f9:17:c7:
1f:d9:d5:f7:9f:f1:99:87:1a:be:27:81:b7:66:b4:
a0:a0:a3:c1:6b:ee:16:a5:e1:0f:aa:99:f3:ea:5e:
cb:81:77:22:dd:b0:b1:e7:33:3f:a9:8c:a7:66:51:
c6:f1:5b:e0:7e:c3:b7:2f:af:55:34:99:50:17:4a:
0b:c4:74:03:39:ec:b1:77:2b:11:aa:f5:60:48:66:
fd:11:f3:bc:ea:21:87:49:2f:14:df:ff:cc:0c:aa:
e1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F0:05:1E:D6:2A:D6:A6:D8:37:31:1E:B9:57:3D:5C:FD:A8:37:9F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/C_AFHtYq1qbYNzEeuVc9XP2oN58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.136.0/24
163.5.190.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
43:5c:f0:bc:8b:f6:e3:f8:44:df:f4:8f:a9:3f:40:d4:cb:d7:
81:6b:d3:7a:4e:9b:86:c7:a0:21:8b:29:dc:26:cc:2c:70:d3:
09:0f:46:86:b8:99:d9:74:cf:22:80:d2:b6:5a:e7:e0:c1:84:
09:da:c8:9b:7b:22:d7:a1:51:9e:d5:01:fe:5e:b2:49:d5:47:
eb:3c:04:9a:0d:43:4e:c1:61:8b:56:e0:e1:d0:2c:b1:50:95:
bc:5d:44:7e:ea:9c:43:81:c1:14:71:95:1a:da:92:0e:a3:f5:
4c:b1:b6:71:01:58:cc:5e:70:07:46:38:f1:3f:3e:97:8b:77:
64:91:ea:cf:ba:61:96:56:44:cf:15:6b:e8:1a:7b:ac:d3:38:
1c:64:f9:07:25:61:59:fe:aa:bf:79:74:e0:25:13:35:d7:ff:
b4:8c:0c:d4:f1:06:99:da:43:e3:66:30:6d:b1:0e:1a:dc:13:
92:3a:a7:22:d3:d5:eb:c0:46:86:ac:75:56:e0:e3:16:7f:0d:
63:14:c1:2f:a0:8e:c0:61:c6:56:7e:f1:b5:ab:4f:8a:25:3d:
4a:fa:61:2c:ba:57:c9:31:d7:98:a5:f7:51:17:82:ce:06:60:
63:3e:1b:9c:d0:ea:64:84:e8:24:0d:ba:bb:de:58:b0:75:86:
8b:24:25:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMmj1H7K0eIQuQi6o//L8rVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTEwMDg0MTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmYwMDUxZWQ2MmFkNmE2ZDgzNzMxMWViOTU3M2Q1Y2ZkYTgzNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3H6GNR2DjJJihSEvvqs5tA99Ucz
Okwxd2FhfPuACwYsGjKzFLakR6yPbuR5JF0u21H9coXfglfHQzJKF/k7gVw9yrrr
Ucsoyxfrazjvgjj7M+e3URAQfSanW2TgIhe99g31KdSBTirMYWH5Oz00l2Dsg4Ja
TSiJy/i6TQAeIQzTrXRMuwrn6vrCzYQfsPWF6Jjh+npqBrznKhZaBqIXsqP5F8cf
2dX3n/GZhxq+J4G3ZrSgoKPBa+4WpeEPqpnz6l7LgXci3bCx5zM/qYynZlHG8Vvg
fsO3L69VNJlQF0oLxHQDOeyxdysRqvVgSGb9EfO86iGHSS8U3//MDKrhFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAvwBR7WKtam2DcxHrlXPVz9qDefMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQ19BRkh0WXExcWJZTnpFZXVWYzlYUDJvTjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWIAwQA
owW+AwQAowX8MA0GCSqGSIb3DQEBCwUAA4IBAQBDXPC8i/bj+ETf9I+pP0DUy9eB
a9N6TpuGx6AhiyncJswscNMJD0aGuJnZdM8igNK2WufgwYQJ2sibeyLXoVGe1QH+
XrJJ1UfrPASaDUNOwWGLVuDh0CyxUJW8XUR+6pxDgcEUcZUa2pIOo/VMsbZxAVjM
XnAHRjjxPz6Xi3dkkerPumGWVkTPFWvoGnus0zgcZPkHJWFZ/qq/eXTgJRM11/+0
jAzU8QaZ2kPjZjBtsQ4a3BOSOqci09XrwEaGrHVW4OMWfw1jFMEvoI7AYcZWfvG1
q0+KJT1K+mEsulfJMdeYpfdRF4LOBmBjPhuc0OpkhOgkDbq73liwdYaLJCX8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org