Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MKMYhGF_Fx0X4uZBTy6zRsKQBgc.roa
File: MKMYhGF_Fx0X4uZBTy6zRsKQBgc.roa (raw, json)
Hash identifier: Gs0BJRLhad43Fj+tofxHEsj7HdrjZdongOlIhLxSq74=
Subject key identifier: 30:A3:18:84:61:7F:17:1D:17:E2:E6:41:4F:2E:B3:46:C2:90:06:07
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0183F4DD1150DD363D4D3EC017DC86F4B966
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MKMYhGF_Fx0X4uZBTy6zRsKQBgc.roa
Signing time: Thu 20 Oct 2022 10:07:52 +0000
ROA not before: Thu 20 Oct 2022 10:07:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14445
IP address blocks: 163.5.174.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
163.5.198.0/24 maxlen: 24
163.5.194.0/24 maxlen: 24
163.5.115.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f4:dd:11:50:dd:36:3d:4d:3e:c0:17:dc:86:f4:b9:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 20 10:07:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30a31884617f171d17e2e6414f2eb346c2900607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e4:26:fe:3f:9b:2a:b7:1c:bc:e9:ba:a9:55:
d9:d4:d0:77:9e:d9:cf:ef:4a:3e:5b:21:0c:df:bb:
00:75:8b:1c:ee:df:e6:7c:97:22:fc:b7:6b:67:4e:
75:8f:d5:40:5b:e9:5e:36:09:67:fb:2b:2b:05:a0:
1f:47:25:fd:41:84:88:02:48:95:73:4a:df:09:32:
77:59:2d:09:6a:a5:4d:7b:da:8f:81:21:24:d0:ca:
fb:91:b6:fe:ae:5c:82:ae:40:5c:c0:6a:99:b5:ca:
4e:5d:7e:ef:0c:a9:58:c2:0a:5d:d2:5e:3e:46:52:
4b:af:41:ee:57:02:37:5e:ad:74:7b:8c:e8:5e:a7:
72:a3:c1:db:e1:46:a6:c9:70:a5:b2:be:50:cb:f7:
00:62:c2:80:f9:38:08:28:e5:09:bf:b9:de:e2:1d:
73:51:d0:18:fa:6d:78:5c:3a:d9:7b:27:06:68:17:
0f:94:c3:bb:20:ac:ed:90:0d:2e:19:b7:f0:70:48:
e1:ba:a1:eb:0d:42:3a:ab:3d:34:92:cf:16:f5:98:
86:a7:75:b9:f6:d8:97:c3:ce:09:00:42:95:53:7e:
4a:93:9a:7f:07:8c:54:b3:76:af:f9:3e:82:fa:03:
22:92:cf:6e:fc:92:3e:b5:4c:80:d5:3b:4f:61:d1:
ac:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A3:18:84:61:7F:17:1D:17:E2:E6:41:4F:2E:B3:46:C2:90:06:07
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MKMYhGF_Fx0X4uZBTy6zRsKQBgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.115.0/24
163.5.170.0/23
163.5.174.0/24
163.5.185.0/24
163.5.194.0/24
163.5.198.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:ab:a6:df:30:79:de:ea:7b:2b:f5:44:64:aa:d6:69:8d:1d:
22:13:f0:70:fb:fc:c6:d5:52:e5:8f:bc:c0:47:83:d4:35:34:
7d:9e:39:6b:86:6c:92:32:c6:00:82:ff:aa:c3:e6:ae:38:20:
a9:e2:73:45:a4:a9:3c:af:e7:20:8f:91:dc:4c:99:8b:82:cb:
3d:2b:33:30:d4:1f:2c:e5:c1:86:5f:e6:e6:c4:0a:54:b5:67:
d5:bd:9a:3c:d5:78:a2:22:a8:09:3d:46:0b:9d:88:a0:17:0e:
25:cb:ef:b1:7a:a1:38:f2:f0:e4:bb:23:6c:eb:a6:e8:24:60:
cc:91:3a:1d:73:75:8d:81:b5:1d:e9:f9:d9:ac:84:a0:b7:25:
42:c3:8c:4c:66:eb:f1:7e:41:76:8b:74:ef:ac:b3:41:61:1b:
b7:86:e0:f1:ae:c7:7c:73:42:98:38:6e:3a:1a:69:7c:d9:6a:
98:99:ab:8f:d8:f1:fa:c4:e8:b2:78:50:47:3b:b1:52:30:4e:
88:07:58:17:81:ab:ad:84:31:46:3b:3c:bd:3e:ef:d0:3c:69:
2b:6c:00:95:30:11:54:09:ec:4a:af:b1:68:65:8e:ba:8b:e2:
b2:05:ce:e3:8c:01:af:88:f1:7f:2a:d5:fe:dd:5f:c4:df:14:
19:44:84:4e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYP03RFQ3TY9TT7AF9yG9LlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDIwMTAwNzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGEzMTg4NDYxN2YxNzFkMTdlMmU2NDE0ZjJlYjM0NmMyOTAwNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+Qm/j+bKrccvOm6qVXZ1NB3ntnP
70o+WyEM37sAdYsc7t/mfJci/LdrZ051j9VAW+leNgln+ysrBaAfRyX9QYSIAkiV
c0rfCTJ3WS0JaqVNe9qPgSEk0Mr7kbb+rlyCrkBcwGqZtcpOXX7vDKlYwgpd0l4+
RlJLr0HuVwI3Xq10e4zoXqdyo8Hb4UamyXClsr5Qy/cAYsKA+TgIKOUJv7ne4h1z
UdAY+m14XDrZeycGaBcPlMO7IKztkA0uGbfwcEjhuqHrDUI6qz00ks8W9ZiGp3W5
9tiXw84JAEKVU35Kk5p/B4xUs3av+T6C+gMiks9u/JI+tUyA1TtPYdGsbQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDCjGIRhfxcdF+LmQU8us0bCkAYHMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTUtNWWhHRl9GeDBYNHVaQlR5NnpSc0tRQmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowVzAwQB
owWqAwQAowWuAwQAowW5AwQAowXCAwQAowXGMA0GCSqGSIb3DQEBCwUAA4IBAQCN
q6bfMHne6nsr9URkqtZpjR0iE/Bw+/zG1VLlj7zAR4PUNTR9njlrhmySMsYAgv+q
w+auOCCp4nNFpKk8r+cgj5HcTJmLgss9KzMw1B8s5cGGX+bmxApUtWfVvZo81Xii
IqgJPUYLnYigFw4ly++xeqE48vDkuyNs66boJGDMkTodc3WNgbUd6fnZrISgtyVC
w4xMZuvxfkF2i3TvrLNBYRu3huDxrsd8c0KYOG46Gml82WqYmauP2PH6xOiyeFBH
O7FSME6IB1gXgauthDFGOzy9Pu/QPGkrbACVMBFUCexKr7FoZY66i+KyBc7jjAGv
iPF/KtX+3V/E3xQZRIRO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org