Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/G9_ykbUCtOnHha91DebPoeV2EPk.roa
File: G9_ykbUCtOnHha91DebPoeV2EPk.roa (raw, json)
Hash identifier: VHlieQ0O4HHKDdJ9V674YTPbr8p/udPihnZY7jP6H2U=
Subject key identifier: 1B:DF:F2:91:B5:02:B4:E9:C7:85:AF:75:0D:E6:CF:A1:E5:76:10:F9
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0185158C000733588E20908DD01580968EEB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/G9_ykbUCtOnHha91DebPoeV2EPk.roa
Signing time: Thu 15 Dec 2022 11:29:34 +0000
ROA not before: Thu 15 Dec 2022 11:29:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.215.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:15:8c:00:07:33:58:8e:20:90:8d:d0:15:80:96:8e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 15 11:29:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bdff291b502b4e9c785af750de6cfa1e57610f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:95:6d:c5:76:3c:fb:77:f1:47:19:78:7c:67:
b5:3f:ce:f5:51:ba:e1:5a:00:54:3b:34:d6:75:53:
9d:ea:ea:9d:13:20:2b:5f:ab:80:fd:14:95:27:72:
51:3f:80:7a:da:81:07:08:6d:3f:5c:56:81:8e:4a:
e4:a8:82:f7:f7:54:c6:d2:5a:15:56:ed:dd:3c:d7:
5d:eb:b0:6f:24:06:31:b3:0d:5f:15:db:bd:f6:8d:
57:d9:3a:b1:84:d8:33:f2:04:81:70:f5:a6:61:84:
18:ce:13:3f:63:c6:20:f8:79:53:ed:32:4e:5c:48:
1f:e8:be:66:22:b8:64:d0:19:14:7a:7e:9e:cb:d8:
f0:5e:50:4c:52:2a:6f:33:8f:02:9a:c4:b6:64:67:
ec:d9:d5:7d:4f:74:dc:a8:22:97:fe:df:08:aa:df:
72:db:a7:f4:74:a3:c0:14:e3:dc:db:82:7b:ef:6b:
ad:bd:d6:17:cb:86:28:36:e9:39:06:72:65:47:bb:
64:2c:85:e3:f2:bc:9d:a5:0f:88:9b:3b:4a:ae:cd:
29:2e:7c:0d:96:9f:fe:37:b8:6b:5e:29:9e:73:35:
0f:dc:77:3a:54:74:d9:63:0e:17:64:e7:2e:0c:48:
44:ff:1c:92:71:40:a8:1a:b1:65:11:da:42:7e:96:
fb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DF:F2:91:B5:02:B4:E9:C7:85:AF:75:0D:E6:CF:A1:E5:76:10:F9
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/G9_ykbUCtOnHha91DebPoeV2EPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.106.0/24
163.5.118.0/23
163.5.159.0/24
163.5.215.0/24
163.5.225.0/24
163.5.229.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:29:fb:19:d1:76:8d:17:84:1a:71:61:33:22:b2:13:17:e6:
36:3b:bb:7a:3b:7f:74:44:ca:3f:2f:1e:f6:67:2e:67:ef:02:
1a:fd:93:4d:53:66:05:36:82:e1:ce:6a:b4:2a:d1:01:ef:84:
38:36:85:9b:c2:47:01:f5:0b:bd:55:a5:81:81:f9:8f:68:f4:
a8:97:43:d3:70:ef:3c:9b:24:5e:99:5c:00:a1:95:74:77:0d:
e5:ed:82:c5:31:6a:22:24:f8:7b:26:92:5a:98:17:db:b8:2a:
ff:7c:d4:fc:79:e5:f3:86:e6:dc:09:42:6a:4c:ff:c5:ae:b8:
3f:5d:47:d7:77:86:49:5e:ca:59:8a:d2:0a:4c:91:58:a6:b1:
6a:ba:04:26:e1:59:be:63:15:be:a0:3c:90:6f:5f:a7:46:99:
e3:f6:27:40:2e:fd:5e:b2:79:46:70:10:be:f8:77:d3:34:0c:
1d:35:31:3f:30:23:2b:7b:df:5b:c2:c9:09:b2:04:bb:ac:fc:
79:f2:2b:ea:24:37:12:d1:b1:6b:37:3d:6f:00:6a:e4:5f:45:
e3:61:03:8e:98:03:b5:60:b0:c9:3b:0e:88:7a:b9:4e:55:95:
05:16:8f:e2:53:e2:5e:3f:78:7b:0c:37:f3:d6:fb:45:c1:38:
6d:97:19:2e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYUVjAAHM1iOIJCN0BWAlo7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjE1MTEyOTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRmZjI5MWI1MDJiNGU5Yzc4NWFmNzUwZGU2Y2ZhMWU1NzYxMGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJVtxXY8+3fxRxl4fGe1P871Ubrh
WgBUOzTWdVOd6uqdEyArX6uA/RSVJ3JRP4B62oEHCG0/XFaBjkrkqIL391TG0loV
Vu3dPNdd67BvJAYxsw1fFdu99o1X2TqxhNgz8gSBcPWmYYQYzhM/Y8Yg+HlT7TJO
XEgf6L5mIrhk0BkUen6ey9jwXlBMUipvM48CmsS2ZGfs2dV9T3TcqCKX/t8Iqt9y
26f0dKPAFOPc24J772utvdYXy4YoNuk5BnJlR7tkLIXj8rydpQ+ImztKrs0pLnwN
lp/+N7hrXimeczUP3Hc6VHTZYw4XZOcuDEhE/xyScUCoGrFlEdpCfpb7ywIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBvf8pG1ArTpx4WvdQ3mz6HldhD5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRzlfeWtiVUN0T25IaGE5MURlYlBvZVYyRVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowVqAwQB
owV2AwQAowWfAwQAowXXAwQAowXhAwQAowXlMA0GCSqGSIb3DQEBCwUAA4IBAQCq
KfsZ0XaNF4QacWEzIrITF+Y2O7t6O390RMo/Lx72Zy5n7wIa/ZNNU2YFNoLhzmq0
KtEB74Q4NoWbwkcB9Qu9VaWBgfmPaPSol0PTcO88myRemVwAoZV0dw3l7YLFMWoi
JPh7JpJamBfbuCr/fNT8eeXzhubcCUJqTP/Frrg/XUfXd4ZJXspZitIKTJFYprFq
ugQm4Vm+YxW+oDyQb1+nRpnj9idALv1esnlGcBC++HfTNAwdNTE/MCMre99bwskJ
sgS7rPx58ivqJDcS0bFrNz1vAGrkX0XjYQOOmAO1YLDJOw6IerlOVZUFFo/iU+Je
P3h7DDfz1vtFwThtlxku
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org