Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QDq0dVsGbEUYhnkjU4AFyPQz2zg.roa
File: QDq0dVsGbEUYhnkjU4AFyPQz2zg.roa (raw, json)
Hash identifier: vCJF7ZaXRA377yLFD7iEPq71hJx/o5w2fIY6C+G3ys4=
Subject key identifier: 40:3A:B4:75:5B:06:6C:45:18:86:79:23:53:80:05:C8:F4:33:DB:38
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01845700D775E047B4D913DF769D58D7F795
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QDq0dVsGbEUYhnkjU4AFyPQz2zg.roa
Signing time: Tue 08 Nov 2022 11:29:43 +0000
ROA not before: Tue 08 Nov 2022 11:29:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212669
IP address blocks: 163.5.141.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:57:00:d7:75:e0:47:b4:d9:13:df:76:9d:58:d7:f7:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 8 11:29:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=403ab4755b066c4518867923538005c8f433db38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:13:85:ee:85:24:c5:a1:4f:6d:f8:75:d8:32:
89:c5:59:01:c6:38:a4:b6:a3:df:91:22:53:dd:3a:
4b:8c:1d:fe:89:dc:80:48:45:2e:bd:a7:c5:57:4a:
3b:94:35:f5:09:0a:b1:65:d8:c4:d1:67:7f:2b:51:
1c:14:38:48:2d:46:a0:df:94:27:ea:a7:c7:bc:ab:
dc:57:bf:bd:3f:92:22:c0:f2:12:e6:52:ed:b6:3d:
1e:9b:29:54:2c:c8:2f:fc:33:b0:81:a0:af:a1:29:
46:84:c7:46:7f:db:82:82:25:22:d2:27:9e:e2:65:
b2:e9:bb:26:90:03:09:b0:f1:aa:03:9b:cb:9f:a9:
aa:ac:62:40:75:0a:eb:bb:aa:87:0e:86:49:c2:f6:
dc:76:3d:2e:a3:c6:e6:d1:62:a6:d4:bb:ce:2e:cb:
7b:8b:c0:51:15:4d:e8:f3:6c:4b:6b:db:4e:b0:10:
19:7c:03:8e:3d:58:cc:18:b4:93:c7:fc:ac:db:04:
1c:86:37:aa:d0:11:8c:1b:e1:f7:00:05:1d:a6:55:
95:54:9d:f0:8d:84:65:5f:29:08:a3:ca:73:58:17:
93:55:25:d4:20:a1:1b:46:68:91:7e:04:b9:b5:28:
84:b7:45:85:8c:9a:85:45:ec:f6:0b:1f:85:7f:ef:
fa:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3A:B4:75:5B:06:6C:45:18:86:79:23:53:80:05:C8:F4:33:DB:38
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QDq0dVsGbEUYhnkjU4AFyPQz2zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.141.0/24
163.5.146.0/24
163.5.162.0/24
Signature Algorithm: sha256WithRSAEncryption
af:d8:84:b5:a3:d1:a0:78:6c:59:87:3b:91:1b:07:21:cb:03:
9d:0b:8b:5d:97:42:3f:18:f9:ad:06:07:6e:b5:ae:a3:9a:c8:
98:0e:48:3c:d1:d9:c4:4a:ac:d7:dc:d6:a9:4c:5a:01:1e:c9:
b9:11:79:68:25:1c:7a:eb:9b:2a:05:85:7d:34:d4:8e:a8:7e:
30:fd:7f:0b:ea:10:e8:f8:66:1f:af:27:cb:df:cc:39:4b:b2:
b4:16:a7:2a:c1:16:25:32:c3:99:8b:c4:ea:e0:e6:82:1d:21:
cb:44:17:1f:d8:f0:38:66:96:fe:2c:43:0d:c4:2d:03:cf:3c:
18:c9:84:3d:e9:f8:98:30:c1:65:0d:3e:a6:05:f9:c7:44:21:
a6:de:52:62:86:fa:58:11:0a:c3:c3:37:91:58:e6:59:0f:9c:
6e:3c:3a:32:97:0c:71:8e:23:2c:43:4c:df:59:10:9d:c8:f9:
cb:82:18:14:c7:9a:50:1b:36:55:c1:4f:ea:c5:89:4d:c9:41:
c2:ca:8b:28:62:61:79:2b:65:a6:1c:d7:55:64:da:3a:a4:17:
22:e5:53:f9:e4:52:6c:13:5b:82:8d:11:c8:07:d4:58:8c:e0:
e2:5f:e0:a5:a7:94:03:e4:a3:e9:23:69:ba:f0:09:10:a7:fa:
ae:72:cc:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRXANd14Ee02RPfdp1Y1/eVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTA4MTEyOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDNhYjQ3NTViMDY2YzQ1MTg4Njc5MjM1MzgwMDVjOGY0MzNkYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphOF7oUkxaFPbfh12DKJxVkBxjik
tqPfkSJT3TpLjB3+idyASEUuvafFV0o7lDX1CQqxZdjE0Wd/K1EcFDhILUag35Qn
6qfHvKvcV7+9P5IiwPIS5lLttj0emylULMgv/DOwgaCvoSlGhMdGf9uCgiUi0iee
4mWy6bsmkAMJsPGqA5vLn6mqrGJAdQrru6qHDoZJwvbcdj0uo8bm0WKm1LvOLst7
i8BRFU3o82xLa9tOsBAZfAOOPVjMGLSTx/ys2wQchjeq0BGMG+H3AAUdplWVVJ3w
jYRlXykIo8pzWBeTVSXUIKEbRmiRfgS5tSiEt0WFjJqFRez2Cx+Ff+/6rwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEA6tHVbBmxFGIZ5I1OABcj0M9s4MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUURxMGRWc0diRVVZaG5ralU0QUZ5UFF6MnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWNAwQA
owWSAwQAowWiMA0GCSqGSIb3DQEBCwUAA4IBAQCv2IS1o9GgeGxZhzuRGwchywOd
C4tdl0I/GPmtBgduta6jmsiYDkg80dnESqzX3NapTFoBHsm5EXloJRx665sqBYV9
NNSOqH4w/X8L6hDo+GYfryfL38w5S7K0FqcqwRYlMsOZi8Tq4OaCHSHLRBcf2PA4
Zpb+LEMNxC0DzzwYyYQ96fiYMMFlDT6mBfnHRCGm3lJihvpYEQrDwzeRWOZZD5xu
PDoylwxxjiMsQ0zfWRCdyPnLghgUx5pQGzZVwU/qxYlNyUHCyosoYmF5K2WmHNdV
ZNo6pBci5VP55FJsE1uCjRHIB9RYjODiX+Clp5QD5KPpI2m68AkQp/qucsxZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org