Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QygzJK9SJaBq0Ob0nyXDfg02wIU.roa
File: QygzJK9SJaBq0Ob0nyXDfg02wIU.roa (raw, json)
Hash identifier: stCVsvMKoIsajfXZIlI4To+U32O7eVGv+zvMkLDzlhE=
Subject key identifier: 43:28:33:24:AF:52:25:A0:6A:D0:E6:F4:9F:25:C3:7E:0D:36:C0:85
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01853A5964E12ECA6CEC793601392ED77066
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QygzJK9SJaBq0Ob0nyXDfg02wIU.roa
Signing time: Thu 22 Dec 2022 15:00:15 +0000
ROA not before: Thu 22 Dec 2022 15:00:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 163.5.173.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3a:59:64:e1:2e:ca:6c:ec:79:36:01:39:2e:d7:70:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 22 15:00:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43283324af5225a06ad0e6f49f25c37e0d36c085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6c:af:16:b3:a3:65:27:9d:9f:f7:3e:05:b0:
d2:0e:80:2f:c7:f3:94:4f:a5:e1:fc:1f:0e:03:91:
ba:03:ca:25:17:d2:4c:c7:9e:ba:6b:52:36:02:9b:
4a:0a:d9:31:2d:e8:0c:d7:93:02:5c:69:27:ec:5e:
24:f2:f4:6c:ff:dd:40:6e:5f:29:b4:6e:66:4c:37:
89:ff:6c:dc:93:be:26:43:94:cd:9e:33:37:54:aa:
4b:5b:b1:d9:18:eb:5b:a6:4c:1a:c6:5d:a1:8c:76:
ce:83:78:42:23:1b:57:54:30:db:7f:26:46:37:66:
97:e0:d5:ba:7e:ef:f4:e7:b9:49:3d:f0:14:d1:7f:
ef:fc:57:28:f4:63:7e:ae:86:bb:26:04:21:e5:38:
78:fe:9f:99:1a:ce:a3:c1:30:ff:c9:b4:f8:5b:18:
e5:34:cb:39:d1:e4:52:54:da:98:b5:63:b6:d3:85:
c0:7b:2f:f1:a3:5b:ed:96:cd:20:ac:08:d0:10:28:
0f:1c:8c:4d:e5:38:98:30:56:94:59:1d:0a:24:03:
ba:c7:43:c4:6e:64:75:cb:5d:96:87:26:25:99:35:
fc:e7:7c:1a:ef:a3:79:ce:1a:7e:f7:93:73:ea:6a:
23:2a:ac:70:be:59:9c:bc:98:7c:bf:4e:31:56:e9:
3d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:28:33:24:AF:52:25:A0:6A:D0:E6:F4:9F:25:C3:7E:0D:36:C0:85
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QygzJK9SJaBq0Ob0nyXDfg02wIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.94.0/23
163.5.113.0/24
163.5.116.0/24
163.5.135.0/24
163.5.142.0/24
163.5.173.0/24
163.5.186.0/24
Signature Algorithm: sha256WithRSAEncryption
43:1a:86:22:cb:c6:fb:16:25:f4:66:e3:65:46:22:85:53:11:
5d:50:ba:6f:9e:1a:d6:c8:da:a7:20:ba:bd:e8:e7:cd:bf:4d:
97:37:36:90:fc:31:b5:b0:bf:91:70:11:c2:43:0b:0a:51:66:
9a:97:84:3d:3a:1d:b6:4a:7c:6e:1b:14:aa:48:1f:16:c8:46:
98:4a:eb:d9:8b:6b:7d:02:ff:32:65:d1:a9:be:2e:7c:f9:70:
11:0b:87:e7:f9:74:34:69:ee:2e:43:fb:a9:e2:8f:6a:4c:17:
83:e8:e1:a5:73:aa:48:7c:9a:c5:e8:58:40:12:ae:52:ba:ce:
9c:12:73:54:1b:36:85:bc:39:af:5b:d7:21:6e:26:ca:c0:1b:
ee:9c:64:c0:da:f9:96:ce:bb:ea:05:1f:e4:e3:f3:a2:db:ab:
49:e9:32:14:46:b4:c0:0d:57:52:87:bb:fd:3b:ca:94:ac:d6:
85:d8:1a:56:ab:0b:b9:24:bf:a2:17:df:96:b3:97:d1:ac:49:
b3:99:72:64:27:a9:b4:73:f1:b3:52:1c:e1:54:64:31:3f:5b:
7d:ee:df:85:b9:74:e2:bc:09:07:27:64:ce:51:35:6e:13:80:
fc:a5:5e:ff:6d:ac:9f:a6:07:77:5f:14:9c:61:a3:93:8d:86:
28:f5:54:94
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYU6WWThLsps7Hk2ATku13BmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjIyMTUwMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzI4MzMyNGFmNTIyNWEwNmFkMGU2ZjQ5ZjI1YzM3ZTBkMzZjMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGyvFrOjZSedn/c+BbDSDoAvx/OU
T6Xh/B8OA5G6A8olF9JMx566a1I2AptKCtkxLegM15MCXGkn7F4k8vRs/91Abl8p
tG5mTDeJ/2zck74mQ5TNnjM3VKpLW7HZGOtbpkwaxl2hjHbOg3hCIxtXVDDbfyZG
N2aX4NW6fu/057lJPfAU0X/v/Fco9GN+roa7JgQh5Th4/p+ZGs6jwTD/ybT4Wxjl
NMs50eRSVNqYtWO204XAey/xo1vtls0grAjQECgPHIxN5TiYMFaUWR0KJAO6x0PE
bmR1y12WhyYlmTX853wa76N5zhp+95Nz6mojKqxwvlmcvJh8v04xVuk9bwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEMoMySvUiWgatDm9J8lw34NNsCFMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUXlnekpLOVNKYUJxME9iMG55WERmZzAyd0lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAowUgAwQB
owVeAwQAowVxAwQAowV0AwQAowWHAwQAowWOAwQAowWtAwQAowW6MA0GCSqGSIb3
DQEBCwUAA4IBAQBDGoYiy8b7FiX0ZuNlRiKFUxFdULpvnhrWyNqnILq96OfNv02X
NzaQ/DG1sL+RcBHCQwsKUWaal4Q9Oh22SnxuGxSqSB8WyEaYSuvZi2t9Av8yZdGp
vi58+XARC4fn+XQ0ae4uQ/up4o9qTBeD6OGlc6pIfJrF6FhAEq5Sus6cEnNUGzaF
vDmvW9chbibKwBvunGTA2vmWzrvqBR/k4/Oi26tJ6TIURrTADVdSh7v9O8qUrNaF
2BpWqwu5JL+iF9+Ws5fRrEmzmXJkJ6m0c/GzUhzhVGQxP1t97t+FuXTivAkHJ2TO
UTVuE4D8pV7/bayfpgd3XxScYaOTjYYo9VSU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org