Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LnXK0RjMCwRUApcgmtR8AtHqg9c.roa
File: LnXK0RjMCwRUApcgmtR8AtHqg9c.roa (raw, json)
Hash identifier: bKBfJTkHmaRTNxyXmef7Zm5KewWEU8bYv3sgVUWxVU4=
Subject key identifier: 2E:75:CA:D1:18:CC:0B:04:54:02:97:20:9A:D4:7C:02:D1:EA:83:D7
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0183E47ACD8AEB1BD47C095D10E6309D35C8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LnXK0RjMCwRUApcgmtR8AtHqg9c.roa
Signing time: Mon 17 Oct 2022 05:46:36 +0000
ROA not before: Mon 17 Oct 2022 05:46:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396356
IP address blocks: 163.5.74.0/24 maxlen: 24
163.5.75.0/24 maxlen: 24
163.5.76.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
163.5.98.0/24 maxlen: 24
163.5.96.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
163.5.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e4:7a:cd:8a:eb:1b:d4:7c:09:5d:10:e6:30:9d:35:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 17 05:46:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e75cad118cc0b04540297209ad47c02d1ea83d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:34:21:68:47:96:fd:16:45:55:17:84:76:79:
6c:4d:05:80:b4:1f:4f:ba:af:b1:95:33:1c:c5:ec:
b2:11:e6:53:3e:e2:48:43:a3:97:d7:d3:22:2a:f8:
a0:a5:dd:4f:4a:17:17:89:32:b3:bd:74:ef:3e:1e:
8d:b4:75:ff:08:51:db:72:00:cb:d7:7c:dc:92:d8:
97:c2:1f:7c:33:34:47:4f:f9:cf:4e:42:aa:71:32:
1d:01:74:1f:a1:db:6a:c2:1c:53:2a:6f:8d:2d:52:
b5:e0:a6:0a:1f:e7:f5:03:76:cc:d6:44:03:9e:73:
42:f3:d3:d1:d7:e0:3f:e2:7c:6e:41:7a:a1:8e:54:
91:ec:bf:ad:0a:09:42:e3:d9:58:e7:ca:34:29:e3:
10:70:a4:22:7a:4a:52:90:25:7a:59:f9:7d:3c:19:
d4:c9:ed:e0:2f:c1:cd:bf:92:ae:00:83:ac:92:48:
88:2f:66:27:b9:df:44:f3:a6:d7:f7:24:76:92:e2:
65:bb:5e:41:25:4e:37:ff:4e:12:c5:5c:30:32:b4:
67:8d:d5:3b:68:f9:f8:ba:85:88:0a:60:36:b6:d7:
b4:93:75:0e:08:f0:e3:34:ea:59:e4:87:45:2d:ae:
78:81:0c:27:81:88:8d:81:60:98:bd:79:71:4c:06:
c4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:75:CA:D1:18:CC:0B:04:54:02:97:20:9A:D4:7C:02:D1:EA:83:D7
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LnXK0RjMCwRUApcgmtR8AtHqg9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.74.0-163.5.76.255
163.5.92.0/23
163.5.96.0/24
163.5.98.0/24
163.5.187.0/24
163.5.243.0/24
163.5.245.0/24
Signature Algorithm: sha256WithRSAEncryption
14:b1:cf:8e:8d:03:95:25:a3:4c:bd:bc:02:c5:45:1b:f7:bd:
c6:c0:aa:12:15:6d:0d:01:38:dc:a6:f1:b9:3c:0c:ff:7e:f0:
c4:a8:cc:71:50:66:f4:49:55:06:44:0c:c8:be:a5:c4:35:79:
54:49:40:34:09:8d:4d:4d:85:a9:b1:58:b3:e4:ad:4c:fe:ed:
4f:d0:71:24:fc:30:4a:fb:8b:e5:a0:e2:8c:92:78:aa:db:91:
e1:19:1d:70:10:46:23:7b:bf:2c:a7:ad:2f:73:bb:62:ad:79:
53:37:57:78:e6:f0:bb:d9:58:99:fb:48:f0:cf:ca:bf:ae:a9:
e6:9e:2c:ce:82:45:bd:e7:9c:48:61:2e:b4:d4:c1:01:31:25:
d5:bd:81:2c:d4:2e:fb:88:b5:59:fd:e0:38:a5:ed:8b:ca:0b:
bb:17:6a:62:fc:78:f9:bf:8a:8f:d1:d0:c5:87:bf:ac:39:7a:
bc:df:29:3f:11:3d:20:74:b0:5c:1f:6e:69:05:a3:0a:f1:38:
66:2e:a5:88:e6:0b:4d:e5:97:34:aa:77:80:fb:a7:eb:df:e7:
c9:8c:cf:71:2c:2d:0b:22:0d:2e:de:cc:1e:4f:9d:c3:4f:98:
aa:21:13:5b:dc:54:ca:d0:95:5d:5a:ef:cd:2f:6e:7c:50:9b:
d2:c9:bf:72
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYPkes2K6xvUfAldEOYwnTXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDE3MDU0NjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTc1Y2FkMTE4Y2MwYjA0NTQwMjk3MjA5YWQ0N2MwMmQxZWE4M2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizQhaEeW/RZFVReEdnlsTQWAtB9P
uq+xlTMcxeyyEeZTPuJIQ6OX19MiKvigpd1PShcXiTKzvXTvPh6NtHX/CFHbcgDL
13zcktiXwh98MzRHT/nPTkKqcTIdAXQfodtqwhxTKm+NLVK14KYKH+f1A3bM1kQD
nnNC89PR1+A/4nxuQXqhjlSR7L+tCglC49lY58o0KeMQcKQiekpSkCV6Wfl9PBnU
ye3gL8HNv5KuAIOskkiIL2Ynud9E86bX9yR2kuJlu15BJU43/04SxVwwMrRnjdU7
aPn4uoWICmA2tte0k3UOCPDjNOpZ5IdFLa54gQwngYiNgWCYvXlxTAbEUQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFC51ytEYzAsEVAKXIJrUfALR6oPXMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTG5YSzBSak1Dd1JVQXBjZ210UjhBdEhxZzljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAGjBUoD
BACjBUwDBAGjBVwDBACjBWADBACjBWIDBACjBbsDBACjBfMDBACjBfUwDQYJKoZI
hvcNAQELBQADggEBABSxz46NA5Ulo0y9vALFRRv3vcbAqhIVbQ0BONym8bk8DP9+
8MSozHFQZvRJVQZEDMi+pcQ1eVRJQDQJjU1NhamxWLPkrUz+7U/QcST8MEr7i+Wg
4oySeKrbkeEZHXAQRiN7vyynrS9zu2KteVM3V3jm8LvZWJn7SPDPyr+uqeaeLM6C
Rb3nnEhhLrTUwQExJdW9gSzULvuItVn94Dil7YvKC7sXamL8ePm/io/R0MWHv6w5
erzfKT8RPSB0sFwfbmkFowrxOGYupYjmC03llzSqd4D7p+vf58mMz3EsLQsiDS7e
zB5PncNPmKohE1vcVMrQlV1a780vbnxQm9LJv3I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org