Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NztUO6SYejBUKUV_DTTHMwesQzo.roa
File: NztUO6SYejBUKUV_DTTHMwesQzo.roa (raw, json)
Hash identifier: EJWo4w4iN6DHVd79aY3MbJmELOLbiNIJHLopYW/SNSQ=
Subject key identifier: 37:3B:54:3B:A4:98:7A:30:54:29:45:7F:0D:34:C7:33:07:AC:43:3A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01852514256BC9B44A5288154DB3B7FC80B5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NztUO6SYejBUKUV_DTTHMwesQzo.roa
Signing time: Sun 18 Dec 2022 11:52:35 +0000
ROA not before: Sun 18 Dec 2022 11:52:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14445
IP address blocks: 163.5.174.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
163.5.115.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
163.5.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:25:14:25:6b:c9:b4:4a:52:88:15:4d:b3:b7:fc:80:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 18 11:52:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=373b543ba4987a305429457f0d34c73307ac433a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:87:14:e8:d0:90:16:ae:7e:0c:94:41:13:3b:
b6:b6:ad:5a:c4:d8:70:ff:14:66:10:4c:19:6b:28:
c3:9c:f0:bb:ad:6d:53:ec:09:80:22:ce:95:31:a3:
5e:37:cc:91:15:28:0c:d5:5e:ed:46:ec:d6:03:94:
2b:94:e4:c8:e0:7a:53:7e:6a:76:a4:4b:36:2b:87:
7e:b3:b9:cb:c3:13:2f:dc:4d:d2:c7:36:0c:95:07:
34:b2:ca:ed:6c:06:b9:cc:53:39:a2:a1:85:a3:5a:
a0:bb:22:1e:ec:44:d1:3f:c8:e9:25:08:de:35:5c:
ec:40:63:36:5f:86:3c:70:16:99:75:63:4f:ee:00:
c0:23:7b:cc:f9:e9:a9:f5:f4:a5:c8:9f:c3:0d:34:
55:2a:c8:02:dd:9d:8c:a9:cb:63:3b:f5:15:32:27:
c6:b3:ae:0c:37:36:fc:7d:9d:40:5c:af:bd:d4:44:
71:1a:72:68:f8:6f:b1:78:24:5f:d4:5d:4b:7f:8e:
94:2b:5a:af:14:8f:d2:fb:ac:58:b8:3d:16:95:e1:
86:0c:4d:c4:eb:3e:6d:14:84:19:32:36:95:c4:c3:
6d:b5:50:96:fb:2b:10:fb:99:e8:ce:7c:ff:ad:ee:
48:20:e0:18:57:4f:45:10:e0:4c:55:1b:e8:43:6a:
af:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3B:54:3B:A4:98:7A:30:54:29:45:7F:0D:34:C7:33:07:AC:43:3A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NztUO6SYejBUKUV_DTTHMwesQzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.115.0/24
163.5.171.0-163.5.172.255
163.5.174.0/24
163.5.185.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:f0:5d:13:b7:f8:1e:88:e2:17:a7:7d:e2:d0:7f:22:dd:e4:
66:e9:61:8c:6a:e2:74:f5:ac:6f:4e:e0:82:87:e6:93:1a:e4:
38:a8:a4:12:e7:53:73:83:bd:0f:99:d1:a8:6d:ff:53:6b:1f:
68:f6:05:0b:43:56:48:5d:9a:b5:4a:f4:8e:34:bd:0c:0e:20:
a6:94:fa:98:0d:78:39:90:8b:80:50:a1:46:86:39:23:e5:1e:
a6:45:2a:51:80:8d:6b:fd:b4:31:58:dc:f0:a4:26:d1:29:a6:
18:36:44:21:3d:1a:11:bf:82:8a:ef:0f:28:71:1d:29:56:e4:
bf:8c:d3:73:24:a0:2f:9f:b8:11:e8:06:21:4c:3e:04:b5:e3:
53:8d:b9:af:06:fc:7f:f0:1c:18:8c:67:51:26:cc:dd:d6:bb:
04:c4:11:6e:21:66:76:e8:44:aa:03:56:68:7c:ce:84:83:93:
6e:1b:6e:2e:ec:7a:9e:58:47:6a:6c:30:c5:8a:20:f4:ad:37:
75:3c:83:10:29:03:f7:1a:49:90:2d:cf:38:6d:a2:2d:9c:e2:
a0:85:d9:74:98:2d:d3:01:af:cc:16:02:50:8d:a1:9f:d0:11:
1d:b5:ea:36:6c:46:4f:81:69:9f:d5:17:65:68:fc:ca:3b:13:
46:e7:56:3d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYUlFCVrybRKUogVTbO3/IC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjE4MTE1MjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzNiNTQzYmE0OTg3YTMwNTQyOTQ1N2YwZDM0YzczMzA3YWM0MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYcU6NCQFq5+DJRBEzu2tq1axNhw
/xRmEEwZayjDnPC7rW1T7AmAIs6VMaNeN8yRFSgM1V7tRuzWA5QrlOTI4HpTfmp2
pEs2K4d+s7nLwxMv3E3SxzYMlQc0ssrtbAa5zFM5oqGFo1qguyIe7ETRP8jpJQje
NVzsQGM2X4Y8cBaZdWNP7gDAI3vM+emp9fSlyJ/DDTRVKsgC3Z2MqctjO/UVMifG
s64MNzb8fZ1AXK+91ERxGnJo+G+xeCRf1F1Lf46UK1qvFI/S+6xYuD0WleGGDE3E
6z5tFIQZMjaVxMNttVCW+ysQ+5noznz/re5IIOAYV09FEOBMVRvoQ2qvTQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDc7VDukmHowVClFfw00xzMHrEM6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTnp0VU82U1llakJVS1VWX0RUVEhNd2VzUXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowVzMAwD
BACjBasDBACjBawDBACjBa4DBACjBbkwDQYJKoZIhvcNAQELBQADggEBAJ3wXRO3
+B6I4henfeLQfyLd5GbpYYxq4nT1rG9O4IKH5pMa5DiopBLnU3ODvQ+Z0aht/1Nr
H2j2BQtDVkhdmrVK9I40vQwOIKaU+pgNeDmQi4BQoUaGOSPlHqZFKlGAjWv9tDFY
3PCkJtEpphg2RCE9GhG/gorvDyhxHSlW5L+M03MkoC+fuBHoBiFMPgS141ONua8G
/H/wHBiMZ1EmzN3WuwTEEW4hZnboRKoDVmh8zoSDk24bbi7sep5YR2psMMWKIPSt
N3U8gxApA/caSZAtzzhtoi2c4qCF2XSYLdMBr8wWAlCNoZ/QER216jZsRk+BaZ/V
F2Vo/Mo7E0bnVj0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org