Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ks34RbdcIpAZAcgxzEQel0JCh9E.roa
File: Ks34RbdcIpAZAcgxzEQel0JCh9E.roa (raw, json)
Hash identifier: JNxEvlTXRU2aG4ELlIrTzX0zZ9VBOAm4Spym8DmJntA=
Subject key identifier: 2A:CD:F8:45:B7:5C:22:90:19:01:C8:31:CC:44:1E:97:42:42:87:D1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01826D4E49971D76A253CB0C708E714D46E9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ks34RbdcIpAZAcgxzEQel0JCh9E.roa
Signing time: Fri 05 Aug 2022 09:20:23 +0000
ROA not before: Fri 05 Aug 2022 09:20:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 163.5.194.0/24 maxlen: 24
163.5.197.0/24 maxlen: 24
163.5.198.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6d:4e:49:97:1d:76:a2:53:cb:0c:70:8e:71:4d:46:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 5 09:20:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2acdf845b75c22901901c831cc441e97424287d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c3:9e:e5:4a:a9:58:55:0f:73:15:12:67:19:
13:18:5f:46:30:26:27:37:1c:f2:76:8e:ec:c7:37:
90:d3:bf:49:ca:92:e5:22:00:5c:dd:38:4e:5f:70:
9a:c3:b1:55:6f:52:e3:d9:a9:47:fe:2c:1d:69:db:
0c:a3:8d:18:8c:e8:b1:0f:04:de:01:7a:79:14:43:
c1:3f:2a:96:2e:41:28:a6:80:a3:d5:93:de:7c:d0:
4b:d7:5f:05:ed:8c:45:b7:a6:e2:83:3a:92:8e:6e:
be:a2:1a:6a:17:99:92:c6:3e:79:7a:69:5b:de:dc:
81:da:57:b4:27:4f:ac:e4:99:28:a7:12:89:dd:01:
5e:c4:b2:7c:d2:3a:a0:90:22:01:71:2b:2d:c3:98:
56:05:e7:d5:61:0a:bc:d4:c3:66:6e:88:93:39:fd:
c6:0d:c7:94:a4:42:05:60:04:34:5d:92:19:3a:fe:
86:70:50:f5:f4:12:7c:8e:3c:9c:57:86:25:fe:69:
2b:b1:fc:a5:b5:76:cf:df:83:7e:a4:30:a9:03:fb:
dd:8c:8e:14:92:83:69:83:e6:46:df:63:5f:af:f4:
6a:35:0a:df:2b:1d:76:ed:60:d3:2c:20:33:6e:94:
71:4b:52:76:2a:36:48:07:1a:b5:fd:63:af:a2:f3:
53:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CD:F8:45:B7:5C:22:90:19:01:C8:31:CC:44:1E:97:42:42:87:D1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ks34RbdcIpAZAcgxzEQel0JCh9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.164.0/24
163.5.194.0-163.5.199.255
Signature Algorithm: sha256WithRSAEncryption
11:35:6b:38:c5:0c:a8:79:7d:87:89:b1:fb:24:6e:7d:26:e6:
3d:6b:1a:4a:27:61:26:36:42:1d:50:62:16:cb:ec:40:1e:84:
0c:39:5f:68:a0:b5:72:8a:b9:07:36:ed:df:05:b9:39:7c:09:
84:3c:5a:db:3f:49:42:be:1c:f4:a4:c0:bb:f5:cb:43:bc:57:
03:dd:20:7c:20:0b:98:60:d7:74:a7:80:dc:9a:32:25:a0:95:
69:ab:b6:a2:aa:51:7d:31:7d:1f:7a:53:da:71:1e:aa:b8:bf:
cb:00:ff:9d:01:74:5d:be:b3:dc:d5:4c:59:b1:26:63:38:d4:
79:f0:c1:6c:00:67:ff:75:92:b3:e6:dd:c5:3d:56:2d:c9:25:
15:de:56:db:e4:15:8d:14:73:17:c8:12:b5:32:52:dd:0f:50:
dc:b0:1a:2f:fe:68:19:71:7b:bb:01:9f:8e:ce:96:c3:f0:d8:
b6:43:75:d9:cd:dc:d7:da:92:ec:88:52:7c:49:d0:e3:39:d9:
0c:78:58:23:85:5d:bc:5d:62:e8:cf:8e:0f:4d:a7:59:0e:22:
fd:24:b2:8f:e3:28:da:6e:a2:ba:91:43:ea:34:c3:e4:a9:ca:
09:eb:e7:5b:f0:98:ec:09:5f:da:da:03:dd:17:cf:5c:fd:4f:
cd:fc:d2:51
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYJtTkmXHXaiU8sMcI5xTUbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODA1MDkyMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWNkZjg0NWI3NWMyMjkwMTkwMWM4MzFjYzQ0MWU5NzQyNDI4N2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsOe5UqpWFUPcxUSZxkTGF9GMCYn
Nxzydo7sxzeQ079JypLlIgBc3ThOX3Caw7FVb1Lj2alH/iwdadsMo40YjOixDwTe
AXp5FEPBPyqWLkEopoCj1ZPefNBL118F7YxFt6bigzqSjm6+ohpqF5mSxj55emlb
3tyB2le0J0+s5JkopxKJ3QFexLJ80jqgkCIBcSstw5hWBefVYQq81MNmboiTOf3G
DceUpEIFYAQ0XZIZOv6GcFD19BJ8jjycV4Yl/mkrsfyltXbP34N+pDCpA/vdjI4U
koNpg+ZG32Nfr/RqNQrfKx127WDTLCAzbpRxS1J2KjZIBxq1/WOvovNTdQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCrN+EW3XCKQGQHIMcxEHpdCQofRMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvS3MzNFJiZGNJcEFaQWNneHpFUWVsMEpDaDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAowWkMAwD
BAGjBcIDBAOjBcAwDQYJKoZIhvcNAQELBQADggEBABE1azjFDKh5fYeJsfskbn0m
5j1rGkonYSY2Qh1QYhbL7EAehAw5X2igtXKKuQc27d8FuTl8CYQ8Wts/SUK+HPSk
wLv1y0O8VwPdIHwgC5hg13SngNyaMiWglWmrtqKqUX0xfR96U9pxHqq4v8sA/50B
dF2+s9zVTFmxJmM41HnwwWwAZ/91krPm3cU9Vi3JJRXeVtvkFY0UcxfIErUyUt0P
UNywGi/+aBlxe7sBn47OlsPw2LZDddnN3NfakuyIUnxJ0OM52Qx4WCOFXbxdYujP
jg9Np1kOIv0kso/jKNpuorqRQ+o0w+Spygnr51vwmOwJX9raA90Xz1z9T8380lE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org