Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QXY24L70Jr49E7ZNpS-diYT1yL0.roa
File: QXY24L70Jr49E7ZNpS-diYT1yL0.roa (raw, json)
Hash identifier: dMycOCm3E+uGwNHYRapkaoG+7W0NszUyiYZsaFfhe+Y=
Subject key identifier: 41:76:36:E0:BE:F4:26:BE:3D:13:B6:4D:A5:2F:9D:89:84:F5:C8:BD
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184B942753792F295E49EE8E49BED4180E2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QXY24L70Jr49E7ZNpS-diYT1yL0.roa
Signing time: Sun 27 Nov 2022 13:24:11 +0000
ROA not before: Sun 27 Nov 2022 13:24:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 163.5.183.0/24 maxlen: 24
163.5.122.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b9:42:75:37:92:f2:95:e4:9e:e8:e4:9b:ed:41:80:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 27 13:24:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=417636e0bef426be3d13b64da52f9d8984f5c8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ed:d7:7c:ad:75:d1:20:f9:7a:80:1f:bf:45:
38:28:84:e1:17:ab:e6:1e:aa:a9:6c:9b:18:87:c6:
88:ab:8a:74:4d:4c:f5:1a:8a:ab:b0:e1:ac:dd:f6:
99:44:5e:80:4e:0d:5f:ef:87:8b:d7:1d:db:ab:71:
e6:f6:f5:3c:f7:4f:29:1d:fe:be:db:13:1c:76:cb:
8e:9c:78:d9:98:92:60:b5:be:bf:e3:e1:9b:0b:48:
0d:d1:e7:6d:e5:9f:1a:14:8b:a6:cf:e3:ed:0f:f2:
a5:e0:0d:0f:82:b5:c3:63:b3:17:45:8a:d8:1a:b9:
c5:e5:c3:93:04:c4:95:3f:a8:48:f4:56:0c:58:fb:
82:5b:d8:d1:99:37:71:ec:22:9d:38:04:b6:1c:27:
4b:4c:23:1b:a6:1c:8e:23:51:66:bf:f1:a4:23:d1:
9d:58:9f:02:cb:a0:07:21:8a:21:76:53:a7:98:4f:
ae:4a:92:2e:dd:f1:3d:b8:cb:b2:fd:e5:d0:95:5c:
99:e4:95:f3:53:4a:47:32:4b:25:83:8b:8e:2d:26:
94:55:41:1e:9b:16:bb:c6:b5:c9:7b:8a:b8:19:e0:
58:76:98:63:9f:fa:e7:43:94:bf:fc:98:49:eb:94:
2c:93:4e:0d:58:e3:50:0e:d6:eb:81:8e:e9:36:2f:
8b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:76:36:E0:BE:F4:26:BE:3D:13:B6:4D:A5:2F:9D:89:84:F5:C8:BD
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QXY24L70Jr49E7ZNpS-diYT1yL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.122.0/24
163.5.139.0/24
163.5.183.0/24
163.5.238.0/24
163.5.240.0/24
163.5.244.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
35:fb:bd:f7:f9:a6:67:52:88:29:27:54:cc:3a:68:c9:0a:33:
63:e8:11:03:81:2f:af:fb:3e:fa:5a:4a:d3:19:d8:bb:b1:af:
4f:2d:9f:85:49:b3:41:e1:2b:21:a2:dd:db:f6:52:46:cb:fa:
37:03:2d:b7:32:ca:64:76:99:3a:be:ab:97:8f:e7:2c:33:2e:
05:03:17:df:72:0e:6e:d9:09:59:59:59:8c:60:49:84:a2:80:
3f:e2:0d:d3:d5:b2:24:5f:32:fa:41:fa:24:e6:26:30:39:8d:
ce:34:29:3c:f1:de:03:20:e1:ee:64:35:bb:b0:07:96:0d:1d:
cf:c5:63:db:57:53:bf:e6:5a:f4:7e:70:e8:09:24:94:7e:61:
81:bf:b7:c7:eb:05:5c:42:7b:43:f0:2b:d0:24:7c:7d:f2:8e:
82:f9:a0:f4:84:f5:5a:f9:19:ac:c0:47:9b:5d:6f:bb:a0:78:
82:ef:08:c7:3b:33:a2:c5:91:30:ea:99:db:3b:fa:fe:bc:a4:
a7:1a:b4:cf:27:33:e8:5f:eb:55:11:bd:2c:d0:d5:67:77:99:
e3:44:0c:54:13:0d:07:ee:2a:fe:87:e6:82:14:1c:18:c2:50:
6d:b2:a3:85:05:bb:d7:aa:33:97:e6:ef:42:4e:d0:46:3f:24:
12:fd:07:e6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYS5QnU3kvKV5J7o5JvtQYDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTI3MTMyNDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTc2MzZlMGJlZjQyNmJlM2QxM2I2NGRhNTJmOWQ4OTg0ZjVjOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+3XfK110SD5eoAfv0U4KIThF6vm
HqqpbJsYh8aIq4p0TUz1GoqrsOGs3faZRF6ATg1f74eL1x3bq3Hm9vU8908pHf6+
2xMcdsuOnHjZmJJgtb6/4+GbC0gN0edt5Z8aFIumz+PtD/Kl4A0PgrXDY7MXRYrY
GrnF5cOTBMSVP6hI9FYMWPuCW9jRmTdx7CKdOAS2HCdLTCMbphyOI1Fmv/GkI9Gd
WJ8Cy6AHIYohdlOnmE+uSpIu3fE9uMuy/eXQlVyZ5JXzU0pHMkslg4uOLSaUVUEe
mxa7xrXJe4q4GeBYdphjn/rnQ5S//JhJ65Qsk04NWONQDtbrgY7pNi+LAwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEF2NuC+9Ca+PRO2TaUvnYmE9ci9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUVhZMjRMNzBKcjQ5RTdaTnBTLWRpWVQxeUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowV6AwQA
owWLAwQAowW3AwQAowXuAwQAowXwAwQAowX0AwQAowX/MA0GCSqGSIb3DQEBCwUA
A4IBAQA1+733+aZnUogpJ1TMOmjJCjNj6BEDgS+v+z76WkrTGdi7sa9PLZ+FSbNB
4Sshot3b9lJGy/o3Ay23Mspkdpk6vquXj+csMy4FAxffcg5u2QlZWVmMYEmEooA/
4g3T1bIkXzL6Qfok5iYwOY3ONCk88d4DIOHuZDW7sAeWDR3PxWPbV1O/5lr0fnDo
CSSUfmGBv7fH6wVcQntD8CvQJHx98o6C+aD0hPVa+RmswEebXW+7oHiC7wjHOzOi
xZEw6pnbO/r+vKSnGrTPJzPoX+tVEb0s0NVnd5njRAxUEw0H7ir+h+aCFBwYwlBt
sqOFBbvXqjOX5u9CTtBGPyQS/Qfm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org