Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HHIgH3qpyJjx1Rw6hlw_T8OlJ9o.roa
File: HHIgH3qpyJjx1Rw6hlw_T8OlJ9o.roa (raw, json)
Hash identifier: tUqjLENpC8yJfknr4c0N7pUNNQiMWTFjFU3pp6Mq3ts=
Subject key identifier: 1C:72:20:1F:7A:A9:C8:98:F1:D5:1C:3A:86:5C:3F:4F:C3:A5:27:DA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B14A40638539BA14AAC1AED3CD7528504
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HHIgH3qpyJjx1Rw6hlw_T8OlJ9o.roa
Signing time: Mon 09 Oct 2023 13:32:55 +0000
ROA not before: Mon 09 Oct 2023 13:32:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.75.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:a4:06:38:53:9b:a1:4a:ac:1a:ed:3c:d7:52:85:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 9 13:32:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c72201f7aa9c898f1d51c3a865c3f4fc3a527da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c3:de:c6:96:18:77:4a:d0:86:fb:c8:34:44:
ab:1c:2a:2e:84:01:0a:41:5f:f2:32:86:f0:48:a1:
47:ba:0e:7b:11:36:d3:a8:19:03:c9:9d:97:2f:9c:
83:4a:e9:7b:11:bb:ca:4f:0e:a9:3d:38:7e:4d:63:
01:a0:0c:56:08:24:15:e0:45:20:95:c3:b3:ca:4d:
92:2d:e8:db:40:84:e8:69:07:28:71:7e:25:b7:48:
6b:4e:43:b2:b7:89:ad:7a:a2:cc:e7:de:95:ca:4f:
a4:6a:30:f8:07:ff:b4:5c:d9:f7:0b:8e:94:e4:66:
54:c1:a3:86:0b:e2:44:5d:6c:fa:47:30:88:09:d3:
4d:7f:e4:30:91:1d:f8:7e:de:30:1a:4d:b7:ca:b7:
41:a7:35:1d:c9:cb:53:bb:0a:85:78:53:44:cb:c2:
90:2d:cb:8e:67:a4:d3:3f:0c:85:4f:ec:f8:b5:c9:
d7:8a:ba:f6:33:05:b8:ab:da:19:5d:d5:2f:f8:f7:
1f:4f:df:3e:dd:33:10:32:06:e8:0e:e7:b5:7a:42:
8e:01:f1:fc:c2:39:dd:52:6f:66:d2:d1:1c:76:f7:
f4:7d:91:73:e7:4a:e5:37:98:57:c7:9f:a5:50:12:
3c:c0:ef:be:f4:53:51:5f:06:0a:a8:53:ce:bc:8d:
e1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:72:20:1F:7A:A9:C8:98:F1:D5:1C:3A:86:5C:3F:4F:C3:A5:27:DA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HHIgH3qpyJjx1Rw6hlw_T8OlJ9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.75.0/24
163.5.97.0/24
Signature Algorithm: sha256WithRSAEncryption
11:94:67:9d:ee:0b:62:80:9e:5d:26:8f:6c:43:08:e9:59:0d:
90:29:4a:23:50:06:e6:8d:58:55:1b:50:2e:1b:a5:8f:49:46:
df:ce:fa:b2:96:53:57:3a:0d:10:c9:07:69:a2:66:d8:09:1d:
9f:49:6c:cc:31:77:96:95:e2:78:0c:35:8c:14:33:15:b6:56:
93:4a:df:d3:04:36:f8:60:24:5f:ab:cc:52:71:de:97:72:32:
83:6c:7c:33:03:59:54:cc:fb:65:ca:18:1a:48:09:57:91:e4:
9f:d8:77:91:64:6d:19:1c:95:9f:21:c7:0e:8c:05:e2:ac:f3:
43:20:f8:a2:e0:2d:fb:dc:a5:2e:15:85:c3:37:66:f5:37:57:
e3:9c:21:cf:fe:60:d5:4b:fe:93:8a:dc:df:20:80:c2:49:1e:
86:00:39:8f:4e:6b:3c:7e:3a:09:5e:66:62:81:b0:99:5e:e8:
f7:91:c3:1f:fb:b8:80:7a:ea:69:bb:82:9b:95:51:0d:7b:83:
96:20:1c:3c:81:6c:65:09:47:aa:59:a0:ce:81:ff:e7:c2:db:
98:42:72:c8:87:c1:99:81:f3:0d:97:38:b8:f7:67:d4:97:38:
87:51:d9:a9:18:0d:22:6d:98:5d:fe:91:34:7f:a8:1b:1b:bd:
9b:7f:90:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsUpAY4U5uhSqwa7TzXUoUEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDA5MTMzMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzcyMjAxZjdhYTljODk4ZjFkNTFjM2E4NjVjM2Y0ZmMzYTUyN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsPexpYYd0rQhvvINESrHCouhAEK
QV/yMobwSKFHug57ETbTqBkDyZ2XL5yDSul7EbvKTw6pPTh+TWMBoAxWCCQV4EUg
lcOzyk2SLejbQIToaQcocX4lt0hrTkOyt4mteqLM596Vyk+kajD4B/+0XNn3C46U
5GZUwaOGC+JEXWz6RzCICdNNf+QwkR34ft4wGk23yrdBpzUdyctTuwqFeFNEy8KQ
LcuOZ6TTPwyFT+z4tcnXirr2MwW4q9oZXdUv+PcfT98+3TMQMgboDue1ekKOAfH8
wjndUm9m0tEcdvf0fZFz50rlN5hXx5+lUBI8wO++9FNRXwYKqFPOvI3hlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBxyIB96qciY8dUcOoZcP0/DpSfaMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSEhJZ0gzcXB5Smp4MVJ3Nmhsd19UOE9sSjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVLAwQA
owVhMA0GCSqGSIb3DQEBCwUAA4IBAQARlGed7gtigJ5dJo9sQwjpWQ2QKUojUAbm
jVhVG1AuG6WPSUbfzvqyllNXOg0QyQdpombYCR2fSWzMMXeWleJ4DDWMFDMVtlaT
St/TBDb4YCRfq8xScd6XcjKDbHwzA1lUzPtlyhgaSAlXkeSf2HeRZG0ZHJWfIccO
jAXirPNDIPii4C373KUuFYXDN2b1N1fjnCHP/mDVS/6TitzfIIDCSR6GADmPTms8
fjoJXmZigbCZXuj3kcMf+7iAeuppu4KblVENe4OWIBw8gWxlCUeqWaDOgf/nwtuY
QnLIh8GZgfMNlzi492fUlziHUdmpGA0ibZhd/pE0f6gbG72bf5DD
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:53 2025 by rpki-client