Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PBq82SwMhJ04L_aIXJXxypdg5vw.roa
File: PBq82SwMhJ04L_aIXJXxypdg5vw.roa (raw, json)
Hash identifier: eEMgxLhKkSLv1YlQWT5pz029hh0MNsoE9+WHb+hc+Xw=
Subject key identifier: 3C:1A:BC:D9:2C:0C:84:9D:38:2F:F6:88:5C:95:F1:CA:97:60:E6:FC
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01828C217FBDDE56CBB620C0A525CE82D0E7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PBq82SwMhJ04L_aIXJXxypdg5vw.roa
Signing time: Thu 11 Aug 2022 08:59:41 +0000
ROA not before: Thu 11 Aug 2022 08:59:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 163.5.216.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8c:21:7f:bd:de:56:cb:b6:20:c0:a5:25:ce:82:d0:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 11 08:59:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c1abcd92c0c849d382ff6885c95f1ca9760e6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:54:67:c8:04:26:3e:25:b0:06:ed:65:c3:43:
1e:d2:bf:8f:a8:70:23:e5:96:d1:a2:73:f5:bd:14:
f1:ed:2b:9d:5c:20:ac:7f:3d:99:ea:60:bb:e9:97:
3e:28:36:fb:b7:9e:cd:7f:d1:7d:0e:0c:fc:e3:c1:
8f:d8:17:dc:d3:8a:1d:73:e2:1b:fd:0b:da:34:db:
ad:68:50:56:17:10:85:06:2c:83:86:e8:bf:a1:8f:
ff:83:19:df:7c:f9:0a:92:80:2b:6e:e8:67:bd:78:
d3:85:95:73:91:30:95:4d:2b:b1:c5:0e:41:09:78:
a1:22:88:b2:55:9a:72:31:96:a2:e3:6a:98:56:fa:
29:9e:99:ea:78:57:4f:4b:6f:eb:f2:46:92:ce:91:
ec:8f:76:41:b7:6a:77:06:17:90:ed:8c:46:69:cc:
3c:4a:d7:cd:cc:99:57:fc:1b:e7:8d:9d:0b:a3:65:
58:d7:c8:79:a8:54:0f:3e:7a:c9:60:8a:95:1b:56:
0e:89:01:2b:35:b8:43:4d:d5:92:35:82:9a:a9:07:
6e:d8:94:e5:06:f4:e4:dc:82:c5:81:89:2c:e5:7d:
bf:18:68:ca:87:aa:4f:fe:f4:98:80:e2:9f:44:0c:
f3:36:1c:b5:f3:3c:91:dc:73:66:ad:b2:9b:a6:d7:
ab:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1A:BC:D9:2C:0C:84:9D:38:2F:F6:88:5C:95:F1:CA:97:60:E6:FC
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PBq82SwMhJ04L_aIXJXxypdg5vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.154.0/24
163.5.160.0/24
163.5.216.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ca:27:09:e7:26:4c:f6:14:ea:5e:72:b4:d3:f8:b2:58:69:
d1:43:1a:5c:2d:ad:ac:33:0e:c1:ba:d8:e8:6d:ee:44:8d:6e:
47:c5:53:b9:a3:39:14:7b:07:fb:dc:aa:17:d1:a4:17:e5:7b:
6b:c4:22:82:26:e4:09:46:46:9b:39:7f:f0:13:d2:70:2f:22:
d0:b6:2e:8f:e0:46:12:a7:84:b2:f3:63:2e:a2:a6:66:c0:a3:
57:d8:a1:f7:c7:bb:fb:53:ef:8a:a8:0f:aa:40:07:04:94:c4:
28:7a:c7:e0:34:3c:0c:cb:d1:24:36:38:21:c1:a5:6e:2a:64:
bf:08:5b:aa:83:65:9d:ef:78:96:ac:a6:2f:60:c4:2b:a1:32:
7f:73:70:64:17:5d:33:49:4a:eb:f1:ac:00:3f:d0:08:a7:87:
0f:73:0e:a5:9d:69:f0:81:5a:c3:31:b8:8f:aa:f7:08:36:3d:
94:de:b4:d3:15:b1:02:81:21:f2:e9:d8:ef:73:56:f6:4e:49:
69:9a:54:89:e1:5c:ea:00:92:6a:42:27:17:80:e0:f7:f9:c2:
c2:bd:ae:ab:b1:80:43:de:ac:0c:49:24:0c:53:9e:a8:d6:c9:
a0:ba:2a:59:a6:00:12:68:62:4d:22:c3:aa:89:e2:f9:a6:89:
0b:f3:59:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKMIX+93lbLtiDApSXOgtDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODExMDg1OTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzFhYmNkOTJjMGM4NDlkMzgyZmY2ODg1Yzk1ZjFjYTk3NjBlNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVRnyAQmPiWwBu1lw0Me0r+PqHAj
5ZbRonP1vRTx7SudXCCsfz2Z6mC76Zc+KDb7t57Nf9F9Dgz848GP2Bfc04odc+Ib
/QvaNNutaFBWFxCFBiyDhui/oY//gxnffPkKkoArbuhnvXjThZVzkTCVTSuxxQ5B
CXihIoiyVZpyMZai42qYVvopnpnqeFdPS2/r8kaSzpHsj3ZBt2p3BheQ7YxGacw8
StfNzJlX/BvnjZ0Lo2VY18h5qFQPPnrJYIqVG1YOiQErNbhDTdWSNYKaqQdu2JTl
BvTk3ILFgYks5X2/GGjKh6pP/vSYgOKfRAzzNhy18zyR3HNmrbKbpterVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDwavNksDISdOC/2iFyV8cqXYOb8MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUEJxODJTd01oSjA0TF9hSVhKWHh5cGRnNXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWaAwQA
owWgAwQAowXYMA0GCSqGSIb3DQEBCwUAA4IBAQCtyicJ5yZM9hTqXnK00/iyWGnR
QxpcLa2sMw7Butjobe5EjW5HxVO5ozkUewf73KoX0aQX5XtrxCKCJuQJRkabOX/w
E9JwLyLQti6P4EYSp4Sy82MuoqZmwKNX2KH3x7v7U++KqA+qQAcElMQoesfgNDwM
y9EkNjghwaVuKmS/CFuqg2Wd73iWrKYvYMQroTJ/c3BkF10zSUrr8awAP9AIp4cP
cw6lnWnwgVrDMbiPqvcINj2U3rTTFbECgSHy6djvc1b2TklpmlSJ4VzqAJJqQicX
gOD3+cLCva6rsYBD3qwMSSQMU56o1smguipZpgASaGJNIsOqieL5pokL81lv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org