Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Husb-DBeAx9DtJRnDXOMWI9RE54.roa
File: Husb-DBeAx9DtJRnDXOMWI9RE54.roa (raw, json)
Hash identifier: 3YqNNhOI/Jrb0ZUEF6upuHnGrf6LG/kPhJSTqgP9qSQ=
Subject key identifier: 1E:EB:1B:F8:30:5E:03:1F:43:B4:94:67:0D:73:8C:58:8F:51:13:9E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018525107B1608A0E0382535477737BCC938
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Husb-DBeAx9DtJRnDXOMWI9RE54.roa
Signing time: Sun 18 Dec 2022 11:48:35 +0000
ROA not before: Sun 18 Dec 2022 11:48:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.215.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:25:10:7b:16:08:a0:e0:38:25:35:47:77:37:bc:c9:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 18 11:48:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1eeb1bf8305e031f43b494670d738c588f51139e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:86:6a:91:82:f8:20:64:15:1b:0b:2f:55:77:
01:c5:30:9a:3e:5e:20:9e:71:d5:b8:56:e6:5b:d3:
2f:af:da:44:0f:4f:59:d5:9e:f3:be:34:c6:6c:96:
52:58:36:91:7e:cc:33:b4:f6:f2:fe:94:6c:67:6e:
ad:d7:17:d2:72:31:1f:da:8a:02:cc:39:c4:66:61:
6e:5c:72:c1:66:aa:45:d4:05:fa:1d:66:9c:e1:e5:
40:7d:8b:b9:54:a0:8a:e9:63:81:ee:3f:5f:51:14:
81:a7:da:db:51:be:1f:02:75:29:20:9e:01:ca:41:
9b:48:cf:88:95:f4:96:5e:29:3d:b4:23:a7:1e:9d:
21:18:72:f4:7c:89:df:ff:b1:74:f8:ce:1d:f0:31:
68:95:7c:27:e3:3a:75:a1:39:69:c4:24:13:ac:6a:
69:de:9b:81:56:8c:5d:39:5b:a1:3c:8e:cf:3b:19:
b1:9d:06:59:c0:4c:3b:8e:8c:3e:9d:d2:5a:28:22:
9b:46:dc:ea:87:00:74:67:df:4f:3d:fc:3d:c6:be:
62:7a:4e:59:36:5e:6c:44:db:0f:59:b0:b0:15:14:
76:d9:18:df:1a:c7:7c:44:fb:b7:62:8b:cf:71:9d:
e5:aa:77:f3:80:6f:52:3b:91:f2:21:46:88:68:7d:
b5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:EB:1B:F8:30:5E:03:1F:43:B4:94:67:0D:73:8C:58:8F:51:13:9E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Husb-DBeAx9DtJRnDXOMWI9RE54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.106.0/24
163.5.118.0/23
163.5.121.0/24
163.5.159.0/24
163.5.215.0/24
163.5.225.0/24
163.5.229.0/24
Signature Algorithm: sha256WithRSAEncryption
37:6e:42:1f:b7:01:a5:d4:c6:82:74:18:a9:70:e1:94:bc:80:
52:4d:28:1e:e8:5f:ec:41:dd:f6:ed:23:89:81:91:94:cd:53:
13:04:9b:d3:40:e8:d2:5b:1d:f3:f7:38:b4:f1:6f:f7:07:e3:
34:5d:0c:30:d5:77:b8:08:e2:44:0f:51:b4:91:e3:3a:16:3b:
63:67:00:f9:68:48:d9:77:9b:c9:a6:43:cc:9b:35:69:67:48:
8f:4e:d4:83:af:e6:56:05:f3:6a:8f:2a:dc:4e:e7:c6:01:60:
fc:2a:07:f3:f2:da:7b:0b:83:92:3a:84:d6:3c:a1:98:c8:92:
c2:b6:60:d4:e1:cc:38:0a:5f:c2:4a:0c:f6:cc:42:71:fe:8f:
52:84:69:6d:1e:bc:da:52:05:08:03:5b:9c:cf:76:8f:9b:f0:
32:eb:f6:dc:d6:00:b5:0f:1e:98:e4:b0:e9:66:60:73:e9:14:
c7:b2:29:94:c9:e6:0d:97:01:99:aa:7a:b1:12:da:95:53:0e:
ad:89:7b:62:e1:b0:8c:ba:7e:de:3c:d5:f5:05:fa:ef:df:a3:
53:f0:5b:fb:a0:7a:22:39:10:7b:79:8d:ac:96:bf:1f:28:2a:
5f:1c:2c:58:95:7f:9b:ab:32:29:ea:1e:fa:3c:3d:70:49:c9:
e6:05:4a:21
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYUlEHsWCKDgOCU1R3c3vMk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjE4MTE0ODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWViMWJmODMwNWUwMzFmNDNiNDk0NjcwZDczOGM1ODhmNTExMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4ZqkYL4IGQVGwsvVXcBxTCaPl4g
nnHVuFbmW9Mvr9pED09Z1Z7zvjTGbJZSWDaRfswztPby/pRsZ26t1xfScjEf2ooC
zDnEZmFuXHLBZqpF1AX6HWac4eVAfYu5VKCK6WOB7j9fURSBp9rbUb4fAnUpIJ4B
ykGbSM+IlfSWXik9tCOnHp0hGHL0fInf/7F0+M4d8DFolXwn4zp1oTlpxCQTrGpp
3puBVoxdOVuhPI7POxmxnQZZwEw7jow+ndJaKCKbRtzqhwB0Z99PPfw9xr5iek5Z
Nl5sRNsPWbCwFRR22RjfGsd8RPu3YovPcZ3lqnfzgG9SO5HyIUaIaH21qwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFB7rG/gwXgMfQ7SUZw1zjFiPUROeMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSHVzYi1EQmVBeDlEdEpSbkRYT01XSTlSRTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowVqAwQB
owV2AwQAowV5AwQAowWfAwQAowXXAwQAowXhAwQAowXlMA0GCSqGSIb3DQEBCwUA
A4IBAQA3bkIftwGl1MaCdBipcOGUvIBSTSge6F/sQd327SOJgZGUzVMTBJvTQOjS
Wx3z9zi08W/3B+M0XQww1Xe4COJED1G0keM6FjtjZwD5aEjZd5vJpkPMmzVpZ0iP
TtSDr+ZWBfNqjyrcTufGAWD8Kgfz8tp7C4OSOoTWPKGYyJLCtmDU4cw4Cl/CSgz2
zEJx/o9ShGltHrzaUgUIA1ucz3aPm/Ay6/bc1gC1Dx6Y5LDpZmBz6RTHsimUyeYN
lwGZqnqxEtqVUw6tiXti4bCMun7ePNX1Bfrv36NT8Fv7oHoiORB7eY2slr8fKCpf
HCxYlX+bqzIp6h76PD1wScnmBUoh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:30 2024 by rpki-client on console-ams.rpki-client.org