Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/E3Y5OGbFosr8C9RP66igEosrwjk.roa
File: E3Y5OGbFosr8C9RP66igEosrwjk.roa (raw, json)
Hash identifier: FxKGtN9iK5Wt4rDxkeM84mnvR9vPyhCSi1G1fShzaHQ=
Subject key identifier: 13:76:39:38:66:C5:A2:CA:FC:0B:D4:4F:EB:A8:A0:12:8B:2B:C2:39
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0183B97FC4F025617D30B6D029A2592CC657
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/E3Y5OGbFosr8C9RP66igEosrwjk.roa
Signing time: Sat 08 Oct 2022 21:28:21 +0000
ROA not before: Sat 08 Oct 2022 21:28:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 163.5.95.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b9:7f:c4:f0:25:61:7d:30:b6:d0:29:a2:59:2c:c6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 8 21:28:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1376393866c5a2cafc0bd44feba8a0128b2bc239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:84:a8:eb:ec:4f:7d:89:42:00:8c:ff:ee:c0:
f3:ff:1a:15:71:51:8e:a4:a9:06:cb:6b:6a:b7:63:
60:d7:20:b0:fa:1f:d6:6c:20:f2:df:71:f6:35:9e:
8d:45:5b:be:9b:66:80:b5:0c:44:34:e9:c0:88:5a:
d3:b2:a5:29:f3:d1:5e:e9:2d:97:88:91:a3:ed:19:
73:5f:0a:04:38:18:9c:17:79:80:69:f4:e7:de:df:
2f:c5:b8:46:01:4d:f6:b1:9a:27:21:30:ec:ea:ae:
8c:32:33:7c:68:9e:2e:9f:fa:a5:37:cb:bc:18:c6:
2a:b0:9a:cf:f3:52:6d:c4:45:68:3a:7b:ab:3c:51:
14:48:16:0e:fe:57:71:3f:f0:5b:9e:68:08:eb:e5:
3b:89:5f:be:7c:28:22:9a:fd:f8:d8:a9:c6:cd:db:
74:3a:d8:b0:e0:e4:e6:8c:c5:3e:03:c2:a1:a9:78:
a3:c3:93:06:5a:c1:4f:9b:2c:3d:99:e2:79:63:6e:
01:45:b9:ab:ed:ee:38:50:b8:af:63:d6:d7:f1:73:
b9:99:41:e9:dd:a5:e3:77:19:f0:ac:b0:87:0a:6b:
97:57:b2:fe:3c:d0:b6:56:99:a5:75:18:6c:e9:a5:
88:1c:d4:2e:3d:4c:ad:af:2d:7b:6b:c2:47:5a:a9:
94:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:76:39:38:66:C5:A2:CA:FC:0B:D4:4F:EB:A8:A0:12:8B:2B:C2:39
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/E3Y5OGbFosr8C9RP66igEosrwjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.94.0/23
163.5.113.0/24
163.5.116.0/24
163.5.127.0/24
163.5.132.0/23
163.5.136.0/24
163.5.143.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:e7:12:e8:be:24:2b:af:38:ab:1e:e1:06:1d:ef:6a:02:49:
3c:68:77:67:46:a4:26:cf:a4:9f:9d:43:5a:7b:fd:b2:a8:8c:
8f:ec:f0:a6:b7:7f:53:82:f0:a5:00:51:cf:08:07:e1:f3:b8:
41:e8:0d:29:e4:f1:b2:da:27:01:c0:4e:ff:f2:b4:9b:04:55:
52:6d:68:76:a7:2e:cd:84:5a:48:79:69:bb:8c:1d:da:22:f2:
4e:13:19:2a:aa:75:77:7a:c3:4d:98:1e:34:d8:8b:05:43:1f:
26:b9:64:df:28:bc:29:9d:1e:1d:a2:d9:78:9b:3d:fe:e0:31:
0d:35:d7:13:c2:34:cc:69:1e:38:06:20:de:af:8d:ca:bd:a9:
1b:35:24:d1:3f:47:1a:31:ad:a4:14:74:cf:99:e8:9f:3b:36:
c6:4f:a8:54:ad:97:fc:cd:43:c5:ba:e2:b2:3d:9a:97:b2:30:
eb:e6:16:1f:7d:bb:a1:18:58:19:a6:b4:33:71:30:8a:62:09:
c2:f5:29:b6:16:ef:99:98:08:a8:1d:c9:6d:73:87:75:aa:51:
0c:ba:11:49:52:f3:51:b9:ea:62:bc:8e:38:a8:7c:6b:44:e7:
a8:22:9d:f0:82:d6:c5:c7:ea:f2:02:91:69:ad:b4:26:cb:1d:
67:4b:fd:a2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYO5f8TwJWF9MLbQKaJZLMZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDA4MjEyODIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzc2MzkzODY2YzVhMmNhZmMwYmQ0NGZlYmE4YTAxMjhiMmJjMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYSo6+xPfYlCAIz/7sDz/xoVcVGO
pKkGy2tqt2Ng1yCw+h/WbCDy33H2NZ6NRVu+m2aAtQxENOnAiFrTsqUp89Fe6S2X
iJGj7RlzXwoEOBicF3mAafTn3t8vxbhGAU32sZonITDs6q6MMjN8aJ4un/qlN8u8
GMYqsJrP81JtxEVoOnurPFEUSBYO/ldxP/BbnmgI6+U7iV++fCgimv342KnGzdt0
Otiw4OTmjMU+A8KhqXijw5MGWsFPmyw9meJ5Y24BRbmr7e44ULivY9bX8XO5mUHp
3aXjdxnwrLCHCmuXV7L+PNC2VpmldRhs6aWIHNQuPUytry17a8JHWqmUiwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBN2OThmxaLK/AvUT+uooBKLK8I5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRTNZNU9HYkZvc3I4QzlSUDY2aWdFb3Nyd2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBowVeAwQA
owVxAwQAowV0AwQAowV/AwQBowWEAwQAowWIAwQAowWPAwQAowXxMA0GCSqGSIb3
DQEBCwUAA4IBAQB85xLoviQrrzirHuEGHe9qAkk8aHdnRqQmz6SfnUNae/2yqIyP
7PCmt39TgvClAFHPCAfh87hB6A0p5PGy2icBwE7/8rSbBFVSbWh2py7NhFpIeWm7
jB3aIvJOExkqqnV3esNNmB402IsFQx8muWTfKLwpnR4dotl4mz3+4DENNdcTwjTM
aR44BiDer43KvakbNSTRP0caMa2kFHTPmeifOzbGT6hUrZf8zUPFuuKyPZqXsjDr
5hYffbuhGFgZprQzcTCKYgnC9Sm2Fu+ZmAioHcltc4d1qlEMuhFJUvNRuepivI44
qHxrROeoIp3wgtbFx+ryApFprbQmyx1nS/2i
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:08 2023 by rpki-client on console-ams.rpki-client.org