Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MaVE04dc2ygeMJLZrxJPd9mp1mk.roa
File: MaVE04dc2ygeMJLZrxJPd9mp1mk.roa (raw, json)
Hash identifier: DciG5p+dZB0d+XSmMNmgiaTpmt3XL6r5Eyo3cFAfErQ=
Subject key identifier: 31:A5:44:D3:87:5C:DB:28:1E:30:92:D9:AF:12:4F:77:D9:A9:D6:69
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01844C858754AA1FA0B115BC906C7D1D41FE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MaVE04dc2ygeMJLZrxJPd9mp1mk.roa
Signing time: Sun 06 Nov 2022 10:38:50 +0000
ROA not before: Sun 06 Nov 2022 10:38:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 163.5.90.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.236.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:4c:85:87:54:aa:1f:a0:b1:15:bc:90:6c:7d:1d:41:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 6 10:38:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31a544d3875cdb281e3092d9af124f77d9a9d669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:cf:50:c5:db:d8:31:da:b9:ac:6a:3f:ce:2b:
7e:ca:d4:6d:9e:34:3d:c2:28:0c:1a:65:48:fd:a2:
12:60:4a:6e:22:37:39:50:d9:f3:ba:59:d5:5f:f0:
92:b7:f3:e5:82:ed:b3:07:ea:2d:a3:ad:49:a0:a9:
bf:0a:9c:cb:ac:fa:c3:20:0a:52:00:f3:4b:a3:a4:
34:7b:e2:4f:94:0d:3e:07:ea:cd:bd:7f:99:e5:72:
5d:36:01:a1:e1:67:05:6d:a7:31:f6:e1:67:f5:00:
33:42:72:f5:68:4c:0f:b0:72:08:c4:1b:f0:d5:f0:
c2:2c:6e:5b:18:16:f2:92:f3:1e:33:8f:b8:35:b2:
45:73:ae:6a:34:bf:d8:25:7a:10:f6:a8:a8:12:1e:
e2:2f:1e:da:ac:58:df:ae:e0:9f:67:58:46:7c:75:
49:40:28:e6:e3:98:07:7e:13:0f:61:10:c2:f8:22:
f1:1e:2b:29:90:58:ca:4e:8d:a2:ae:04:0d:83:fb:
20:e8:43:c5:69:22:03:d0:d8:dc:7f:cc:ef:68:19:
96:61:18:16:f0:34:41:5a:05:93:75:ad:6b:2a:9d:
fc:b0:a4:31:88:cd:df:f1:27:7e:36:c7:30:33:8a:
da:1b:86:c5:aa:b8:ac:cb:cf:60:e1:2e:55:6a:d1:
05:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A5:44:D3:87:5C:DB:28:1E:30:92:D9:AF:12:4F:77:D9:A9:D6:69
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MaVE04dc2ygeMJLZrxJPd9mp1mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.90.0/24
163.5.140.0/24
163.5.142.0/24
163.5.233.0/24
163.5.236.0/24
163.5.247.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:28:59:96:ca:e0:2d:c5:a8:e9:e7:a0:75:aa:ba:ea:35:fa:
5d:16:26:24:08:5c:4f:fd:f7:f2:af:97:9a:e3:2c:1f:6f:e0:
91:e2:2b:60:e7:22:86:15:02:06:b6:34:45:c3:98:5b:0f:49:
6f:8d:96:d6:9b:68:73:fa:9b:99:da:b2:04:b3:53:97:58:34:
94:78:ad:2b:33:62:50:3e:53:08:90:b4:65:9a:e4:04:19:93:
dc:ef:74:ea:3f:c2:86:b3:e5:49:ed:0d:d9:0d:30:f7:a8:34:
c1:20:3a:38:cc:fb:50:e3:55:1d:8b:c2:1f:2b:22:b4:90:4c:
6d:6d:d4:db:dc:6f:ec:38:84:fb:e7:e5:e4:01:dd:1e:27:b1:
f4:48:66:95:a7:a6:c2:bb:16:be:0f:21:31:a4:0e:13:ac:65:
fa:70:dd:90:da:ae:5a:f6:88:8c:d5:49:35:52:86:8b:ef:f2:
e8:0b:4b:26:31:da:9f:34:b5:4e:d2:cb:d3:e5:94:71:f4:aa:
3d:fa:28:2f:c5:2c:64:68:f8:34:e4:93:40:74:9f:62:0c:d2:
ee:86:fd:8f:ff:5e:31:4c:ab:f8:28:b7:d8:02:51:f5:82:3a:
4d:e1:df:56:17:e9:c5:c7:fe:ff:55:05:98:88:49:24:dc:32:
29:14:65:c0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYRMhYdUqh+gsRW8kGx9HUH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTA2MTAzODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWE1NDRkMzg3NWNkYjI4MWUzMDkyZDlhZjEyNGY3N2Q5YTlkNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhc9QxdvYMdq5rGo/zit+ytRtnjQ9
wigMGmVI/aISYEpuIjc5UNnzulnVX/CSt/Plgu2zB+oto61JoKm/CpzLrPrDIApS
APNLo6Q0e+JPlA0+B+rNvX+Z5XJdNgGh4WcFbacx9uFn9QAzQnL1aEwPsHIIxBvw
1fDCLG5bGBbykvMeM4+4NbJFc65qNL/YJXoQ9qioEh7iLx7arFjfruCfZ1hGfHVJ
QCjm45gHfhMPYRDC+CLxHispkFjKTo2irgQNg/sg6EPFaSID0Njcf8zvaBmWYRgW
8DRBWgWTda1rKp38sKQxiM3f8Sd+NscwM4raG4bFqrisy89g4S5VatEF5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDGlRNOHXNsoHjCS2a8ST3fZqdZpMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTWFWRTA0ZGMyeWdlTUpMWnJ4SlBkOW1wMW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowVaAwQA
owWMAwQAowWOAwQAowXpAwQAowXsAwQAowX3MA0GCSqGSIb3DQEBCwUAA4IBAQBO
KFmWyuAtxajp56B1qrrqNfpdFiYkCFxP/ffyr5ea4ywfb+CR4itg5yKGFQIGtjRF
w5hbD0lvjZbWm2hz+puZ2rIEs1OXWDSUeK0rM2JQPlMIkLRlmuQEGZPc73TqP8KG
s+VJ7Q3ZDTD3qDTBIDo4zPtQ41Udi8IfKyK0kExtbdTb3G/sOIT75+XkAd0eJ7H0
SGaVp6bCuxa+DyExpA4TrGX6cN2Q2q5a9oiM1Uk1UoaL7/LoC0smMdqfNLVO0svT
5ZRx9Ko9+igvxSxkaPg05JNAdJ9iDNLuhv2P/14xTKv4KLfYAlH1gjpN4d9WF+nF
x/7/VQWYiEkk3DIpFGXA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org