Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QtqbYlt-4-i5gHRvLrj-eBrvN0c.roa
File: QtqbYlt-4-i5gHRvLrj-eBrvN0c.roa (raw, json)
Hash identifier: he4NlqNgG+1HXkDfu55ox85a6GCSTT1tAUhlCLMjw64=
Subject key identifier: 42:DA:9B:62:5B:7E:E3:E8:B9:80:74:6F:2E:B8:FE:78:1A:EF:37:47
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0151934C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QtqbYlt-4-i5gHRvLrj-eBrvN0c.roa
Signing time: Tue 28 Jun 2022 13:32:02 +0000
ROA not before: Tue 28 Jun 2022 13:32:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 163.5.125.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22123340 (0x151934c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 28 13:32:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42da9b625b7ee3e8b980746f2eb8fe781aef3747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:da:24:94:dc:30:e0:14:28:c1:a8:f9:ec:fc:
85:95:77:b9:f2:d9:94:58:03:a2:44:f3:ba:73:44:
16:61:f4:dd:b8:67:4a:b1:ba:cb:80:d3:13:34:a4:
24:78:27:78:33:51:a3:9c:37:fa:06:71:1a:60:42:
fb:51:77:32:7c:47:f8:f2:cc:4e:b0:ef:d3:34:32:
27:1d:57:6f:e9:82:ec:de:d7:84:f6:d9:9e:1b:81:
23:c2:93:a0:ed:47:ce:7a:4a:a7:d8:cd:78:9f:37:
e7:ea:75:95:1a:d7:da:b7:d2:d8:bf:46:ad:dd:4d:
a6:5e:46:8a:7d:90:64:d9:7c:c3:e2:5a:01:ca:8a:
6a:fb:6e:cc:3d:dd:00:90:16:44:38:eb:66:33:4a:
26:6f:a4:a7:11:a3:b1:b8:5c:7c:71:ee:a6:81:8d:
31:91:ae:04:eb:0d:62:98:37:4d:9a:fd:1b:58:10:
cb:dc:10:0f:e7:27:55:d0:6d:be:0b:95:b6:d9:ef:
c3:ae:83:ee:64:50:4b:f6:b9:d3:4a:0b:ae:35:98:
71:11:9a:71:69:64:c0:3a:38:6c:f3:16:f7:4f:40:
e5:bd:c3:5b:ff:d0:a0:4c:0c:a1:16:1b:cf:5a:bd:
98:62:95:67:c9:c0:d0:4d:75:8f:1b:33:91:df:e3:
f7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:DA:9B:62:5B:7E:E3:E8:B9:80:74:6F:2E:B8:FE:78:1A:EF:37:47
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QtqbYlt-4-i5gHRvLrj-eBrvN0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.125.0/24
163.5.127.0-163.5.131.255
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
68:b8:a2:e0:8e:47:ae:ed:b1:d5:ea:50:88:ba:16:1b:2e:78:
23:5b:ea:2f:0b:40:03:05:51:b6:8a:ca:a5:e8:ab:6c:de:ba:
84:e6:45:c5:4e:3f:90:8e:fd:2d:a6:0f:09:b7:48:2d:a8:a6:
1c:86:46:0a:dc:06:a8:15:6a:68:ad:49:8c:e0:0a:38:3a:eb:
22:5b:54:ea:c2:f7:42:06:e7:8d:0e:05:3b:59:26:56:78:99:
77:19:5d:ef:21:46:c5:15:c1:26:fc:98:17:44:f8:31:57:dd:
ff:c4:50:df:62:71:20:a1:83:8f:40:ae:d2:21:91:b2:d3:5c:
19:59:a1:a1:43:f0:4b:90:eb:ea:17:a6:ef:28:62:41:f5:41:
2d:07:35:35:f5:69:1d:81:47:55:9f:03:8c:6d:f1:44:1d:a6:
b6:f5:59:07:18:9d:fe:9c:90:41:04:3b:19:17:b4:58:be:ea:
56:96:47:7b:7a:70:0b:06:7a:e0:cf:82:0d:94:52:46:7a:2f:
d8:7c:c7:d0:b8:f9:3a:d6:7d:35:62:67:00:2a:56:94:84:05:
a1:3e:a7:82:7b:93:c4:b0:3e:3d:68:f2:46:26:fc:38:fd:f6:
0a:d8:60:8a:99:5d:99:5c:d9:aa:8d:4c:59:16:76:db:d0:54:
a9:bb:8e:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEAVGTTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
Y2U4NTFiNmRkNWQzNjRlZTE5ZTBiMzgyMDFiM2U4ZGYyNjI0YmNiMB4XDTIyMDYy
ODEzMzIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDJkYTliNjI1Yjdl
ZTNlOGI5ODA3NDZmMmViOGZlNzgxYWVmMzc0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIzaJJTcMOAUKMGo+ez8hZV3ufLZlFgDokTzunNEFmH03bhn
SrG6y4DTEzSkJHgneDNRo5w3+gZxGmBC+1F3MnxH+PLMTrDv0zQyJx1Xb+mC7N7X
hPbZnhuBI8KToO1HznpKp9jNeJ835+p1lRrX2rfS2L9Grd1Npl5Gin2QZNl8w+Ja
AcqKavtuzD3dAJAWRDjrZjNKJm+kpxGjsbhcfHHupoGNMZGuBOsNYpg3TZr9G1gQ
y9wQD+cnVdBtvguVttnvw66D7mRQS/a500oLrjWYcRGacWlkwDo4bPMW909A5b3D
W//QoEwMoRYbz1q9mGKVZ8nA0E11jxszkd/j9wsCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRC2ptiW37j6LmAdG8uuP54Gu83RzAfBgNVHSMEGDAWgBQM6FG23V02TuGe
CzggGz6N8mJLyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYwMS8x
L1F0cWJZbHQtNC1pNWdIUnZMcmotZUJydk4wYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
ZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYwMS8xL0RPaFJ0dDFkTms3
aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAKMFfTAMAwQAowV/AwQCowWAAwQA
uf02MA0GCSqGSIb3DQEBCwUAA4IBAQBouKLgjkeu7bHV6lCIuhYbLngjW+ovC0AD
BVG2isql6Kts3rqE5kXFTj+Qjv0tpg8Jt0gtqKYchkYK3AaoFWporUmM4Ao4Ousi
W1TqwvdCBueNDgU7WSZWeJl3GV3vIUbFFcEm/JgXRPgxV93/xFDfYnEgoYOPQK7S
IZGy01wZWaGhQ/BLkOvqF6bvKGJB9UEtBzU19WkdgUdVnwOMbfFEHaa29VkHGJ3+
nJBBBDsZF7RYvupWlkd7enALBnrgz4INlFJGei/YfMfQuPk61n01YmcAKlaUhAWh
PqeCe5PEsD49aPJGJvw4/fYK2GCKmV2ZXNmqjUxZFnbb0FSpu44i
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org