Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/I-LEjsz1efaJWWEurMjekU9Cc6Q.roa
File: I-LEjsz1efaJWWEurMjekU9Cc6Q.roa (raw, json)
Hash identifier: bSMvz+JJVWmiKOEj/qAqssMytjq5FNr3n2/2eC4VEBk=
Subject key identifier: 23:E2:C4:8E:CC:F5:79:F6:89:59:61:2E:AC:C8:DE:91:4F:42:73:A4
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0183BCB50141320D8198E5D60489C927DE27
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/I-LEjsz1efaJWWEurMjekU9Cc6Q.roa
Signing time: Sun 09 Oct 2022 12:25:22 +0000
ROA not before: Sun 09 Oct 2022 12:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2914
IP address blocks: 163.5.199.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.207.0/24 maxlen: 24
163.5.208.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:bc:b5:01:41:32:0d:81:98:e5:d6:04:89:c9:27:de:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 9 12:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23e2c48eccf579f68959612eacc8de914f4273a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9b:66:45:b7:9c:42:3f:1f:92:d0:55:f2:74:
c3:54:7d:63:45:b2:e4:4c:69:6a:5a:92:8b:24:87:
84:60:7d:99:5f:25:44:b9:ab:89:87:48:67:ea:4d:
e9:d1:c5:0a:be:24:7e:76:45:0c:66:ff:33:01:c0:
42:cd:36:20:dd:f9:fe:04:e9:74:42:c7:43:c2:92:
12:e6:a6:f8:0a:8d:1c:0a:62:a1:83:7d:40:b6:4f:
53:c8:6f:50:08:c7:df:6f:9a:e3:12:4a:1e:e3:d9:
d6:0f:8c:35:33:5a:ef:c1:1c:a1:a4:89:5c:d7:54:
f1:5b:37:c9:f3:1e:89:ef:9a:da:88:b9:8e:af:a8:
b0:6d:3b:26:11:b8:6d:a4:36:f3:d7:42:9f:75:a2:
44:1f:79:f5:9d:53:ac:f8:7e:9f:a5:12:5b:3a:63:
02:7b:54:38:5f:40:15:dd:93:41:80:62:15:b5:11:
a5:58:ab:b2:b2:49:b9:0a:3f:51:ce:c3:c3:5b:47:
9e:1d:f7:d0:59:d7:f8:51:16:14:91:9e:4d:46:6c:
2b:26:e4:64:9f:89:8b:8f:c5:b7:6d:a9:63:31:06:
34:a8:e5:e9:94:44:35:c1:8f:ac:51:5a:08:fc:4d:
b1:20:64:1c:42:5c:d7:79:0f:da:0c:dd:53:37:a5:
45:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E2:C4:8E:CC:F5:79:F6:89:59:61:2E:AC:C8:DE:91:4F:42:73:A4
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/I-LEjsz1efaJWWEurMjekU9Cc6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.155.0-163.5.157.255
163.5.199.0-163.5.200.255
163.5.206.0-163.5.209.255
Signature Algorithm: sha256WithRSAEncryption
6c:b2:0d:70:89:02:a9:9a:ae:7e:4d:e9:41:53:d5:5f:cf:98:
67:2e:cb:80:a1:70:4a:1c:3b:28:ff:5b:ba:92:9c:b7:0f:b0:
68:39:6b:7f:ae:47:d4:99:93:5d:45:9a:87:53:fe:5d:ff:00:
6c:25:d5:f9:85:c0:f8:45:11:90:3a:41:d9:97:c0:93:f6:42:
49:be:af:24:eb:b9:47:84:f4:b1:4b:73:41:13:70:6c:5d:f8:
b7:c9:8a:bf:0f:af:00:6b:60:12:9f:a4:f4:8d:ba:19:13:f6:
cb:5c:b5:dc:93:28:fa:b6:80:76:34:d0:e4:27:57:0e:fd:1d:
35:e9:42:ae:be:bd:16:51:6d:a2:1d:75:94:e6:18:fb:0e:74:
84:c3:18:b9:6c:77:ec:1a:29:a8:d5:f6:d0:03:8a:06:c7:46:
5e:50:c5:fe:a2:b3:62:51:51:9e:7a:11:6c:23:5f:30:07:f3:
57:e5:a4:aa:8c:ff:17:58:f6:b5:45:aa:60:68:b1:3d:b2:99:
6e:41:b7:cf:f6:6b:86:f5:0f:96:79:25:4e:75:36:02:db:63:
72:d4:01:1e:f9:28:f6:ae:8d:72:27:db:9f:77:8c:2f:c1:63:
f0:7a:a3:9f:56:3d:0d:3f:e3:15:04:31:78:20:ac:7b:3f:17:
72:fb:21:36
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYO8tQFBMg2BmOXWBInJJ94nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDA5MTIyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2UyYzQ4ZWNjZjU3OWY2ODk1OTYxMmVhY2M4ZGU5MTRmNDI3M2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5tmRbecQj8fktBV8nTDVH1jRbLk
TGlqWpKLJIeEYH2ZXyVEuauJh0hn6k3p0cUKviR+dkUMZv8zAcBCzTYg3fn+BOl0
QsdDwpIS5qb4Co0cCmKhg31Atk9TyG9QCMffb5rjEkoe49nWD4w1M1rvwRyhpIlc
11TxWzfJ8x6J75raiLmOr6iwbTsmEbhtpDbz10KfdaJEH3n1nVOs+H6fpRJbOmMC
e1Q4X0AV3ZNBgGIVtRGlWKuyskm5Cj9RzsPDW0eeHffQWdf4URYUkZ5NRmwrJuRk
n4mLj8W3baljMQY0qOXplEQ1wY+sUVoI/E2xIGQcQlzXeQ/aDN1TN6VF6wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCPixI7M9Xn2iVlhLqzI3pFPQnOkMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSS1MRWpzejFlZmFKV1dFdXJNamVrVTlDYzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBACjBZsD
BAGjBZwwDAMEAKMFxwMEAKMFyDAMAwQBowXOAwQBowXQMA0GCSqGSIb3DQEBCwUA
A4IBAQBssg1wiQKpmq5+TelBU9Vfz5hnLsuAoXBKHDso/1u6kpy3D7BoOWt/rkfU
mZNdRZqHU/5d/wBsJdX5hcD4RRGQOkHZl8CT9kJJvq8k67lHhPSxS3NBE3BsXfi3
yYq/D68Aa2ASn6T0jboZE/bLXLXckyj6toB2NNDkJ1cO/R016UKuvr0WUW2iHXWU
5hj7DnSEwxi5bHfsGimo1fbQA4oGx0ZeUMX+orNiUVGeehFsI18wB/NX5aSqjP8X
WPa1RapgaLE9spluQbfP9muG9Q+WeSVOdTYC22Ny1AEe+Sj2ro1yJ9ufd4wvwWPw
eqOfVj0NP+MVBDF4IKx7Pxdy+yE2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org