Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Mq_U-2_KARv0kfJwt_TI3QMk0ds.roa
File: Mq_U-2_KARv0kfJwt_TI3QMk0ds.roa (raw, json)
Hash identifier: BD/jmNrYpw7x4zJwyMMKpLGf7yKrcoOIERfSgHm9mBc=
Subject key identifier: 32:AF:D4:FB:6F:CA:01:1B:F4:91:F2:70:B7:F4:C8:DD:03:24:D1:DB
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01835F2913665B861FF7C8C0D5046154711A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Mq_U-2_KARv0kfJwt_TI3QMk0ds.roa
Signing time: Wed 21 Sep 2022 08:27:50 +0000
ROA not before: Wed 21 Sep 2022 08:27:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5f:29:13:66:5b:86:1f:f7:c8:c0:d5:04:61:54:71:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 21 08:27:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32afd4fb6fca011bf491f270b7f4c8dd0324d1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0f:83:56:40:4b:30:03:32:24:a1:12:4b:25:
5f:a7:30:0d:64:62:85:73:1d:ef:a9:38:a1:6a:e4:
f1:32:d4:33:16:93:73:50:f9:7b:8f:d0:87:52:81:
07:cd:99:aa:75:88:6d:4e:83:0c:91:49:68:a1:db:
1f:0c:95:2f:78:8a:be:0c:25:85:a1:e5:e0:66:52:
8e:4f:86:13:2f:3d:d3:e9:6b:b1:e6:be:1a:24:04:
1a:23:ca:06:ca:d8:0d:af:f5:32:e2:01:7b:88:1f:
53:63:55:47:89:bb:80:d7:a0:9e:32:ee:61:f5:07:
61:87:90:79:4d:03:7a:ee:eb:b5:2c:5d:42:f2:ee:
e4:4d:03:7c:eb:e7:67:b8:d3:57:16:a9:f7:e4:02:
ce:1b:c2:d3:37:8f:9d:a0:e5:b3:b8:79:f8:b7:a5:
79:fd:0f:7c:34:90:96:5c:40:24:d1:c7:9f:7b:52:
bf:cf:68:18:96:bc:d7:5b:15:15:c1:21:c3:9c:f0:
2b:02:61:62:f9:5d:cf:14:b6:a2:e1:49:e8:77:a6:
8b:6e:94:27:d8:f8:e2:c6:a1:70:a8:7d:63:57:ad:
df:05:b6:57:ef:c9:a9:d4:27:4c:ee:d8:bf:27:bd:
da:24:82:52:58:ea:37:66:12:07:24:5e:a9:0c:f8:
7c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AF:D4:FB:6F:CA:01:1B:F4:91:F2:70:B7:F4:C8:DD:03:24:D1:DB
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Mq_U-2_KARv0kfJwt_TI3QMk0ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.192.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
89:b6:56:2a:5c:fe:4c:a3:d1:5a:9c:3b:15:cc:a9:c6:3f:1e:
bf:0a:b0:37:e4:13:24:0c:b4:15:e3:95:a3:1d:77:8d:7b:81:
7d:8a:cc:ba:04:34:76:20:44:c5:b7:f9:e9:0d:54:eb:01:9e:
02:8a:12:e1:80:34:cc:8e:43:57:52:ce:87:9f:83:dc:d7:6b:
f1:3b:d9:79:23:9e:1a:4f:98:e6:20:61:89:e9:76:8d:85:96:
5c:47:35:cb:d5:6e:d2:e5:86:dd:97:eb:01:e3:de:5e:c3:b3:
b5:c6:53:d7:03:56:a3:4b:b2:6b:af:6c:9c:78:95:ac:3c:13:
2d:19:5e:a2:4b:83:73:89:f5:de:27:dc:84:99:2c:f2:07:72:
03:e6:0f:c2:04:c7:8c:7d:45:df:23:1e:e1:8b:e4:d0:b4:5c:
f9:d8:f0:a5:56:ca:ae:d6:0d:8b:1b:58:b1:12:da:f2:d4:09:
0d:a2:38:48:42:cd:cb:a4:98:c9:05:2c:5b:0b:07:16:4f:74:
c9:d8:71:bb:0d:90:9b:93:a6:41:ea:53:1b:1e:b1:f1:75:9a:
c1:22:16:e8:86:bd:56:26:77:aa:ba:f2:16:06:9e:63:9f:12:
5f:34:a3:d2:e1:68:4b:cb:08:a3:44:23:5b:fe:1d:e4:6d:65:
d8:73:68:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNfKRNmW4Yf98jA1QRhVHEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTIxMDgyNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmFmZDRmYjZmY2EwMTFiZjQ5MWYyNzBiN2Y0YzhkZDAzMjRkMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw+DVkBLMAMyJKESSyVfpzANZGKF
cx3vqTihauTxMtQzFpNzUPl7j9CHUoEHzZmqdYhtToMMkUloodsfDJUveIq+DCWF
oeXgZlKOT4YTLz3T6Wux5r4aJAQaI8oGytgNr/Uy4gF7iB9TY1VHibuA16CeMu5h
9Qdhh5B5TQN67uu1LF1C8u7kTQN86+dnuNNXFqn35ALOG8LTN4+doOWzuHn4t6V5
/Q98NJCWXEAk0cefe1K/z2gYlrzXWxUVwSHDnPArAmFi+V3PFLai4Unod6aLbpQn
2PjixqFwqH1jV63fBbZX78mp1CdM7ti/J73aJIJSWOo3ZhIHJF6pDPh8bQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDKv1PtvygEb9JHycLf0yN0DJNHbMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTXFfVS0yX0tBUnYwa2ZKd3RfVEkzUU1rMGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowXAAwQA
owX8MA0GCSqGSIb3DQEBCwUAA4IBAQCJtlYqXP5Mo9FanDsVzKnGPx6/CrA35BMk
DLQV45WjHXeNe4F9isy6BDR2IETFt/npDVTrAZ4CihLhgDTMjkNXUs6Hn4Pc12vx
O9l5I54aT5jmIGGJ6XaNhZZcRzXL1W7S5Ybdl+sB495ew7O1xlPXA1ajS7Jrr2yc
eJWsPBMtGV6iS4NzifXeJ9yEmSzyB3ID5g/CBMeMfUXfIx7hi+TQtFz52PClVsqu
1g2LG1ixEtry1AkNojhIQs3LpJjJBSxbCwcWT3TJ2HG7DZCbk6ZB6lMbHrHxdZrB
Ihbohr1WJnequvIWBp5jnxJfNKPS4WhLywijRCNb/h3kbWXYc2iB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org