Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KlZGWCvpytDjW3wcOoo6VD_mT6o.roa
File: KlZGWCvpytDjW3wcOoo6VD_mT6o.roa (raw, json)
Hash identifier: AkS+S8U8DGiE3yxBhgXuxfm+iu+KxzkTdOZJxqTHz+k=
Subject key identifier: 2A:56:46:58:2B:E9:CA:D0:E3:5B:7C:1C:3A:8A:3A:54:3F:E6:4F:AA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0183165D66A94D1EC249C7638795318DBD5B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KlZGWCvpytDjW3wcOoo6VD_mT6o.roa
Signing time: Wed 07 Sep 2022 05:12:43 +0000
ROA not before: Wed 07 Sep 2022 05:12:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 163.5.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:16:5d:66:a9:4d:1e:c2:49:c7:63:87:95:31:8d:bd:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 7 05:12:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a5646582be9cad0e35b7c1c3a8a3a543fe64faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c4:61:64:77:ca:ab:22:cd:9b:8e:b9:07:42:
6c:c9:78:32:fa:5f:e7:ba:75:d3:ac:96:70:ea:26:
3b:35:56:f4:86:0a:ce:7d:e3:4f:53:42:ab:ca:89:
67:29:69:12:41:86:89:46:92:de:8f:2a:ed:36:5c:
a0:ac:df:c5:73:a0:d0:2d:80:f0:23:1c:ae:2c:83:
0f:0a:ca:49:95:88:a9:68:37:63:55:13:0e:0c:bc:
e0:d2:6a:04:c7:46:01:82:f6:4c:b4:2e:a8:1d:9c:
27:24:7a:bf:32:19:2e:29:ca:ca:88:1b:51:42:4c:
c9:7d:ae:43:07:2e:af:22:58:59:7e:0a:6d:9e:cd:
07:8a:b4:54:5b:63:b5:a8:6a:15:f9:f3:d1:56:a5:
d8:56:74:ce:fe:d2:4a:35:de:1d:73:36:30:05:0a:
15:b9:87:a7:b4:f7:b2:ac:8d:85:49:cb:e6:fc:2b:
f4:f6:34:1b:69:4a:35:74:9b:42:29:a6:a5:26:29:
18:ec:bd:8b:b0:7a:2e:b8:35:f4:ad:ad:cc:a4:b6:
50:47:1b:64:e4:7f:59:ee:a1:7d:41:92:6f:80:86:
4c:7f:3a:db:e0:2b:42:f1:80:63:97:28:9a:e5:a4:
8a:f2:75:44:fb:29:05:73:a2:e4:48:77:23:76:04:
88:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:56:46:58:2B:E9:CA:D0:E3:5B:7C:1C:3A:8A:3A:54:3F:E6:4F:AA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KlZGWCvpytDjW3wcOoo6VD_mT6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.242.0/24
Signature Algorithm: sha256WithRSAEncryption
16:7a:27:d6:da:33:96:42:30:37:d9:96:2d:28:33:f4:b7:74:
b8:a3:4e:b8:6f:a8:e1:75:cc:7a:df:54:51:b9:71:17:98:0c:
21:94:06:2d:95:26:42:8b:b6:7b:25:fb:ad:89:80:a9:3d:c6:
cb:10:2a:47:12:b1:ec:c9:2b:e3:c6:21:55:3b:9d:e0:d8:5f:
3a:ce:eb:c0:2e:7a:12:0e:da:e5:ae:9b:5d:ae:09:39:94:18:
05:19:91:39:20:69:25:14:54:63:bc:fa:2a:5d:f2:75:0c:f7:
dc:4e:be:cc:29:c2:8d:d9:09:b0:a7:89:6a:3a:6d:23:1e:5a:
50:ca:f8:85:c2:38:a1:c4:95:ce:e2:e9:dc:ba:96:9d:9c:98:
78:06:0f:dc:7a:51:fe:c7:03:50:53:59:85:b3:5d:71:e1:b9:
39:52:81:c8:e0:0d:21:b8:65:8b:7b:2b:55:19:6a:60:8d:81:
bd:90:6f:ca:86:20:31:31:35:1c:ab:a4:62:8c:b5:19:d9:7f:
96:06:27:29:2c:8f:26:38:ec:ec:17:cd:d6:f0:76:7c:a4:c0:
f7:81:39:2f:a3:1c:d3:f3:e7:ba:1b:74:2c:4a:b9:c2:ab:2f:
ef:f6:96:f0:9d:79:49:b5:5e:ef:5e:25:f9:21:2e:01:45:8c:
fc:d4:43:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMWXWapTR7CScdjh5Uxjb1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTA3MDUxMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTU2NDY1ODJiZTljYWQwZTM1YjdjMWMzYThhM2E1NDNmZTY0ZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cRhZHfKqyLNm465B0JsyXgy+l/n
unXTrJZw6iY7NVb0hgrOfeNPU0KryolnKWkSQYaJRpLejyrtNlygrN/Fc6DQLYDw
IxyuLIMPCspJlYipaDdjVRMODLzg0moEx0YBgvZMtC6oHZwnJHq/MhkuKcrKiBtR
QkzJfa5DBy6vIlhZfgptns0HirRUW2O1qGoV+fPRVqXYVnTO/tJKNd4dczYwBQoV
uYentPeyrI2FScvm/Cv09jQbaUo1dJtCKaalJikY7L2LsHouuDX0ra3MpLZQRxtk
5H9Z7qF9QZJvgIZMfzrb4CtC8YBjlyia5aSK8nVE+ykFc6LkSHcjdgSIawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpWRlgr6crQ41t8HDqKOlQ/5k+qMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvS2xaR1dDdnB5dERqVzN3Y09vbzZWRF9tVDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXyMA0G
CSqGSIb3DQEBCwUAA4IBAQAWeifW2jOWQjA32ZYtKDP0t3S4o064b6jhdcx631RR
uXEXmAwhlAYtlSZCi7Z7JfutiYCpPcbLECpHErHsySvjxiFVO53g2F86zuvALnoS
Dtrlrptdrgk5lBgFGZE5IGklFFRjvPoqXfJ1DPfcTr7MKcKN2Qmwp4lqOm0jHlpQ
yviFwjihxJXO4uncupadnJh4Bg/celH+xwNQU1mFs11x4bk5UoHI4A0huGWLeytV
GWpgjYG9kG/KhiAxMTUcq6RijLUZ2X+WBicpLI8mOOzsF83W8HZ8pMD3gTkvoxzT
8+e6G3QsSrnCqy/v9pbwnXlJtV7vXiX5IS4BRYz81EPz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org