Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DAPzuQ7Cvh8JrvYstK7UWO-lECY.roa
File: DAPzuQ7Cvh8JrvYstK7UWO-lECY.roa (raw, json)
Hash identifier: 5q/WQ+lDD4Kw1LmEzMhQ1jYGQSruw9vFK/If6hq7CH0=
Subject key identifier: 0C:03:F3:B9:0E:C2:BE:1F:09:AE:F6:2C:B4:AE:D4:58:EF:A5:10:26
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184F5F1E191B018649278048AC6A15B88EE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DAPzuQ7Cvh8JrvYstK7UWO-lECY.roa
Signing time: Fri 09 Dec 2022 08:13:00 +0000
ROA not before: Fri 09 Dec 2022 08:13:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43043
IP address blocks: 163.5.212.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.137.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f5:f1:e1:91:b0:18:64:92:78:04:8a:c6:a1:5b:88:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 9 08:13:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c03f3b90ec2be1f09aef62cb4aed458efa51026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:50:43:65:89:0c:f6:d7:66:2a:a6:da:49:4e:
cb:ff:9e:97:22:42:50:85:6f:47:df:91:b1:25:1b:
9a:fa:22:b4:04:e2:d3:ac:a1:a7:1f:8c:d1:08:17:
b0:80:24:86:3a:c6:de:e0:b4:d0:32:80:90:f4:89:
d2:3d:2b:ce:26:39:3b:04:22:bd:2b:54:bc:b9:33:
76:4a:20:f7:28:e1:c1:4f:8c:ce:fb:38:62:db:6c:
91:e1:c9:d0:59:59:50:89:84:a8:99:62:2e:a1:2e:
b7:71:ac:59:52:5d:81:8f:6f:a5:51:72:fa:c1:43:
c8:0a:dd:e2:d4:e1:92:1c:1d:01:0c:19:d9:ac:0b:
33:d5:fe:f5:6f:2d:6c:c3:2d:5d:8e:fc:33:3f:23:
8b:07:4a:50:a3:72:3f:8a:42:3b:c9:61:e2:c3:61:
0b:92:fd:99:69:72:af:89:31:8a:dc:9a:b5:dd:91:
e0:ae:0c:1d:a4:43:9c:c4:e1:36:9a:ed:9f:56:13:
e4:b8:a3:77:4f:a1:11:6d:4c:ad:8f:70:0e:c2:30:
2e:90:53:76:0c:a7:14:5d:aa:36:06:51:c9:2a:2b:
e8:18:98:52:87:b2:69:94:b4:14:87:15:b0:c5:7f:
77:35:f7:42:3f:4d:55:75:00:6c:ec:f2:74:53:0d:
4c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:03:F3:B9:0E:C2:BE:1F:09:AE:F6:2C:B4:AE:D4:58:EF:A5:10:26
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DAPzuQ7Cvh8JrvYstK7UWO-lECY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.121.0/24
163.5.137.0/24
163.5.143.0/24
163.5.145.0/24
163.5.212.0/24
Signature Algorithm: sha256WithRSAEncryption
14:00:d9:02:4f:23:b9:b8:f8:04:84:be:f3:55:d9:57:75:38:
76:15:84:59:6d:cd:bc:9a:eb:77:05:88:71:56:4e:6f:49:a0:
31:81:d1:97:63:a3:d6:55:36:4f:4a:ca:82:a8:f5:77:79:e8:
49:d9:fb:3f:7b:a7:ee:ac:40:49:1e:79:9d:31:06:90:d1:06:
57:fc:44:c2:d8:d9:d5:29:0f:1f:d6:1b:4b:30:e7:83:7c:9b:
4b:a0:2b:7b:b0:23:3c:cb:a0:19:ed:58:be:62:38:53:c4:ce:
48:cc:7f:e5:3b:0a:cf:c9:73:83:d2:2f:ca:0f:ff:28:9a:67:
d2:60:1a:95:6b:44:e2:3c:5c:ae:a9:9a:09:ec:4c:2f:fe:d7:
7b:70:66:f1:dc:09:cb:f0:71:68:ea:3b:27:00:c8:be:c2:f7:
8d:ad:72:81:ad:69:7e:64:77:4f:b2:15:30:50:12:02:6f:8a:
c2:73:ba:b4:58:72:d5:e6:51:27:03:86:14:9d:e0:bc:d1:79:
62:28:57:94:15:e7:57:e1:ab:c1:a5:53:58:10:40:65:d5:15:
ae:2e:41:be:79:af:ec:25:7f:1b:6a:3b:25:27:7f:01:f8:29:
18:01:40:8c:13:da:b3:29:c5:bb:25:38:f9:a9:05:a6:fd:dc:
21:63:63:d7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYT18eGRsBhkkngEisahW4juMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjA5MDgxMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzAzZjNiOTBlYzJiZTFmMDlhZWY2MmNiNGFlZDQ1OGVmYTUxMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFBDZYkM9tdmKqbaSU7L/56XIkJQ
hW9H35GxJRua+iK0BOLTrKGnH4zRCBewgCSGOsbe4LTQMoCQ9InSPSvOJjk7BCK9
K1S8uTN2SiD3KOHBT4zO+zhi22yR4cnQWVlQiYSomWIuoS63caxZUl2Bj2+lUXL6
wUPICt3i1OGSHB0BDBnZrAsz1f71by1swy1djvwzPyOLB0pQo3I/ikI7yWHiw2EL
kv2ZaXKviTGK3Jq13ZHgrgwdpEOcxOE2mu2fVhPkuKN3T6ERbUytj3AOwjAukFN2
DKcUXao2BlHJKivoGJhSh7JplLQUhxWwxX93NfdCP01VdQBs7PJ0Uw1MpQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAwD87kOwr4fCa72LLSu1FjvpRAmMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvREFQenVRN0N2aDhKcnZZc3RLN1VXTy1sRUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowV5AwQA
owWJAwQAowWPAwQAowWRAwQAowXUMA0GCSqGSIb3DQEBCwUAA4IBAQAUANkCTyO5
uPgEhL7zVdlXdTh2FYRZbc28mut3BYhxVk5vSaAxgdGXY6PWVTZPSsqCqPV3eehJ
2fs/e6furEBJHnmdMQaQ0QZX/ETC2NnVKQ8f1htLMOeDfJtLoCt7sCM8y6AZ7Vi+
YjhTxM5IzH/lOwrPyXOD0i/KD/8ommfSYBqVa0TiPFyuqZoJ7Ewv/td7cGbx3AnL
8HFo6jsnAMi+wveNrXKBrWl+ZHdPshUwUBICb4rCc7q0WHLV5lEnA4YUneC80Xli
KFeUFedX4avBpVNYEEBl1RWuLkG+ea/sJX8bajslJ38B+CkYAUCME9qzKcW7JTj5
qQWm/dwhY2PX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org