Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EgbAmsDR6ca9XBAV6DPjl94hKPk.roa
File: EgbAmsDR6ca9XBAV6DPjl94hKPk.roa (raw, json)
Hash identifier: wM0WBPS5FPXlduwK/tbHYn7VO5bEC+kKx++cpsRVhT8=
Subject key identifier: 12:06:C0:9A:C0:D1:E9:C6:BD:5C:10:15:E8:33:E3:97:DE:21:28:F9
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184E25B0D1E57EDA11553DD6501C8C8ECF6
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EgbAmsDR6ca9XBAV6DPjl94hKPk.roa
Signing time: Mon 05 Dec 2022 12:55:28 +0000
ROA not before: Mon 05 Dec 2022 12:55:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:5b:0d:1e:57:ed:a1:15:53:dd:65:01:c8:c8:ec:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 5 12:55:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1206c09ac0d1e9c6bd5c1015e833e397de2128f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0d:d5:53:f4:97:d5:d4:65:72:74:86:7e:23:
bb:c7:90:71:d8:a1:49:62:10:98:3e:99:96:14:6b:
ca:8c:ef:31:4e:12:5b:91:05:68:e1:25:16:50:b8:
d0:3d:23:f7:b9:bd:3c:4f:24:13:21:fe:84:ea:ff:
4e:fb:dd:d8:7e:b2:c4:2e:24:80:ea:79:15:e6:c7:
61:1b:d5:d7:2c:ed:48:e8:9d:4d:f3:38:fc:5f:e0:
ee:3e:21:af:bc:57:d8:8f:92:f8:ca:1c:34:b5:30:
d6:ad:31:25:dd:a3:c8:51:b5:2b:6f:b9:5f:54:42:
9f:74:ab:a3:c8:25:74:8b:83:ab:82:14:29:63:37:
ec:12:83:1d:49:77:23:14:f8:f3:ba:a6:8c:08:4b:
96:c1:46:66:a8:40:49:77:7d:8c:12:9a:6f:8c:15:
47:a3:05:ae:ce:67:91:4e:46:bf:dc:da:ec:05:0d:
f0:c5:44:9e:7c:e0:85:75:cd:a9:d1:61:4a:03:a3:
de:a2:09:6b:6c:ef:39:70:aa:0b:b4:7e:49:c0:2a:
20:a9:6f:d7:8d:4f:f4:77:ed:20:e5:f8:aa:c8:0e:
98:3e:29:4a:f3:0a:fa:8b:fd:0c:3c:23:4c:e4:fc:
51:f0:20:55:d9:fd:0e:62:5a:30:42:d4:ca:b2:e9:
94:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:06:C0:9A:C0:D1:E9:C6:BD:5C:10:15:E8:33:E3:97:DE:21:28:F9
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EgbAmsDR6ca9XBAV6DPjl94hKPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.120.0/24
163.5.154.0/24
163.5.192.0/24
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
08:1e:42:e4:24:a6:87:6f:4c:a4:5c:bc:ba:f3:a2:82:7d:27:
8b:15:e2:ec:95:8e:85:fe:da:24:0f:b6:d6:75:42:b3:33:46:
23:fd:e7:ff:13:92:1f:27:d9:4a:d8:00:5c:53:67:65:30:1e:
df:7f:55:45:ce:a0:5b:49:b3:6f:58:63:7f:39:e9:38:26:be:
3e:9e:6c:7e:89:d4:66:8f:aa:e7:5f:ef:bf:03:73:8f:26:36:
30:e4:12:db:74:e4:11:b8:e8:0a:58:0a:8e:6f:62:90:a7:fb:
49:24:06:7d:96:3b:e2:ce:26:0e:4d:d3:c1:31:25:6e:a4:04:
73:50:34:0c:fc:a6:af:f5:e3:03:dd:be:03:b7:1b:af:65:37:
f5:25:a5:e6:66:99:3b:c4:d6:b1:69:65:50:00:64:5c:45:2d:
ba:cf:9a:a9:95:22:02:43:43:14:4f:39:6a:a8:18:78:c2:a5:
13:96:59:fc:2d:f5:ce:27:b3:36:b9:48:0a:b3:2e:b3:75:da:
88:be:1e:6e:ea:28:1f:99:d7:d4:56:93:f4:c5:f9:da:60:1a:
72:8c:84:ce:b5:09:58:94:0a:3b:3b:b5:e6:ae:6e:9d:f4:90:
6a:83:be:30:33:e0:61:3b:60:99:92:91:ea:72:2b:92:df:1d:
c5:42:b6:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTiWw0eV+2hFVPdZQHIyOz2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjA1MTI1NTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjA2YzA5YWMwZDFlOWM2YmQ1YzEwMTVlODMzZTM5N2RlMjEyOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1w3VU/SX1dRlcnSGfiO7x5Bx2KFJ
YhCYPpmWFGvKjO8xThJbkQVo4SUWULjQPSP3ub08TyQTIf6E6v9O+93YfrLELiSA
6nkV5sdhG9XXLO1I6J1N8zj8X+DuPiGvvFfYj5L4yhw0tTDWrTEl3aPIUbUrb7lf
VEKfdKujyCV0i4OrghQpYzfsEoMdSXcjFPjzuqaMCEuWwUZmqEBJd32MEppvjBVH
owWuzmeRTka/3NrsBQ3wxUSefOCFdc2p0WFKA6PeoglrbO85cKoLtH5JwCogqW/X
jU/0d+0g5fiqyA6YPilK8wr6i/0MPCNM5PxR8CBV2f0OYlowQtTKsumUxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBIGwJrA0enGvVwQFegz45feISj5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRWdiQW1zRFI2Y2E5WEJBVjZEUGpsOTRoS1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowV4AwQA
owWaAwQAowXAAwQAuf02MA0GCSqGSIb3DQEBCwUAA4IBAQAIHkLkJKaHb0ykXLy6
86KCfSeLFeLslY6F/tokD7bWdUKzM0Yj/ef/E5IfJ9lK2ABcU2dlMB7ff1VFzqBb
SbNvWGN/Oek4Jr4+nmx+idRmj6rnX++/A3OPJjYw5BLbdOQRuOgKWAqOb2KQp/tJ
JAZ9ljviziYOTdPBMSVupARzUDQM/Kav9eMD3b4DtxuvZTf1JaXmZpk7xNaxaWVQ
AGRcRS26z5qplSICQ0MUTzlqqBh4wqUTlln8LfXOJ7M2uUgKsy6zddqIvh5u6igf
mdfUVpP0xfnaYBpyjITOtQlYlAo7O7Xmrm6d9JBqg74wM+BhO2CZkpHqciuS3x3F
Qrac
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org