Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/R31VYMIpu-Nhyh-QdqLnl0tyQBE.roa
File: R31VYMIpu-Nhyh-QdqLnl0tyQBE.roa (raw, json)
Hash identifier: 21bj2oQg+Rpg2+0sw8fvgAbBq3etaKhaVAW4SmEmZW4=
Subject key identifier: 47:7D:55:60:C2:29:BB:E3:61:CA:1F:90:76:A2:E7:97:4B:72:40:11
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0183D0F7B53FD2422681B60D8E252DA58EEE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/R31VYMIpu-Nhyh-QdqLnl0tyQBE.roa
Signing time: Thu 13 Oct 2022 10:50:38 +0000
ROA not before: Thu 13 Oct 2022 10:50:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 163.5.184.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:f7:b5:3f:d2:42:26:81:b6:0d:8e:25:2d:a5:8e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 13 10:50:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=477d5560c229bbe361ca1f9076a2e7974b724011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:15:33:ae:ce:85:4c:57:f3:92:3c:a8:80:35:
10:6c:cf:1c:2b:da:6c:cc:84:09:6e:92:d8:d7:3a:
94:a4:7e:43:82:2b:d8:42:05:f2:91:03:36:9d:a6:
c8:68:9b:7e:8c:1e:de:a4:f5:40:69:03:02:59:3b:
85:e6:79:e9:53:1c:e7:bb:ce:4b:be:b3:de:77:30:
54:4c:95:f9:5b:c4:61:7c:f8:78:78:9f:a0:87:4d:
30:e2:ae:c2:ae:72:36:5d:aa:3c:85:38:74:25:6c:
6b:d2:b3:7b:c4:81:81:4c:a7:db:d6:d8:f1:2b:df:
34:30:f5:aa:1e:8b:64:76:7f:db:ef:4d:df:9c:e5:
aa:52:64:15:23:5d:a4:2d:7d:14:ea:75:e8:d0:25:
1a:76:14:b8:ff:60:6b:75:a2:b3:db:e0:b0:cb:01:
85:31:f2:6e:76:ff:f0:e6:5f:7c:cc:26:6b:97:12:
9c:da:55:23:c5:a0:7d:2c:5d:16:8c:50:aa:38:69:
00:b5:07:c2:3b:ea:85:49:89:33:ca:7d:3c:37:dc:
76:00:7d:19:01:63:90:60:5c:0f:bd:93:d7:15:9e:
df:7d:d4:52:97:9a:0f:77:18:34:51:e4:18:1b:ad:
de:1d:6d:3d:5e:9b:80:ba:1e:4e:96:5f:19:84:26:
94:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7D:55:60:C2:29:BB:E3:61:CA:1F:90:76:A2:E7:97:4B:72:40:11
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/R31VYMIpu-Nhyh-QdqLnl0tyQBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.94.0/23
163.5.113.0/24
163.5.116.0/24
163.5.127.0/24
163.5.132.0/23
163.5.136.0/24
163.5.143.0/24
163.5.184.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
94:bb:3c:c5:8c:e9:cb:d8:c3:8b:d2:63:5c:5e:08:a8:ef:3d:
08:51:8b:fe:fe:f7:76:f1:31:d2:a1:c3:cd:29:8e:1d:92:ff:
17:e8:e3:91:0c:10:b7:6f:85:47:b0:2d:75:7d:c1:1a:2f:2b:
8b:b1:bf:c8:eb:7f:aa:33:74:cf:53:1a:5d:c9:df:31:87:26:
38:e6:6e:92:3d:d9:2b:54:d1:7a:98:74:41:80:99:00:77:17:
53:d3:ec:0e:96:8f:61:75:f3:17:ff:73:6f:df:fb:ff:96:ae:
64:5c:e0:42:01:ce:61:18:ef:37:ed:ab:ce:ff:ee:7e:42:20:
8c:af:26:61:2b:db:f3:ab:5e:4b:14:ea:0e:a5:19:94:79:4e:
db:87:ed:ed:ed:c7:aa:89:f2:3f:a4:a8:65:7f:d3:26:47:f5:
69:1f:cf:27:1a:ee:4f:19:c8:ee:48:12:5e:76:11:43:c1:82:
cf:33:ac:c2:5a:d8:bf:16:20:96:94:3c:6e:22:fe:58:53:30:
d8:38:6f:88:ab:ce:ed:cd:d5:8a:26:57:b7:6f:6f:b7:20:41:
e5:f2:b3:46:8d:3b:fd:f1:9b:3c:2a:d8:a8:d4:d0:db:ee:29:
0c:39:e0:66:a6:2c:0b:41:51:31:b0:44:d6:6f:b8:6c:c6:04:
ea:95:bd:69
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYPQ97U/0kImgbYNjiUtpY7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDEzMTA1MDM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzdkNTU2MGMyMjliYmUzNjFjYTFmOTA3NmEyZTc5NzRiNzI0MDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxUzrs6FTFfzkjyogDUQbM8cK9ps
zIQJbpLY1zqUpH5DgivYQgXykQM2nabIaJt+jB7epPVAaQMCWTuF5nnpUxznu85L
vrPedzBUTJX5W8RhfPh4eJ+gh00w4q7CrnI2Xao8hTh0JWxr0rN7xIGBTKfb1tjx
K980MPWqHotkdn/b703fnOWqUmQVI12kLX0U6nXo0CUadhS4/2BrdaKz2+CwywGF
MfJudv/w5l98zCZrlxKc2lUjxaB9LF0WjFCqOGkAtQfCO+qFSYkzyn08N9x2AH0Z
AWOQYFwPvZPXFZ7ffdRSl5oPdxg0UeQYG63eHW09XpuAuh5Oll8ZhCaUhwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEd9VWDCKbvjYcofkHai55dLckARMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUjMxVllNSXB1LU5oeWgtUWRxTG5sMHR5UUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAowUgAwQB
owVeAwQAowVxAwQAowV0AwQAowV/AwQBowWEAwQAowWIAwQAowWPAwQAowW4AwQA
owXxMA0GCSqGSIb3DQEBCwUAA4IBAQCUuzzFjOnL2MOL0mNcXgio7z0IUYv+/vd2
8THSocPNKY4dkv8X6OORDBC3b4VHsC11fcEaLyuLsb/I63+qM3TPUxpdyd8xhyY4
5m6SPdkrVNF6mHRBgJkAdxdT0+wOlo9hdfMX/3Nv3/v/lq5kXOBCAc5hGO837avO
/+5+QiCMryZhK9vzq15LFOoOpRmUeU7bh+3t7ceqifI/pKhlf9MmR/VpH88nGu5P
GcjuSBJedhFDwYLPM6zCWti/FiCWlDxuIv5YUzDYOG+Iq87tzdWKJle3b2+3IEHl
8rNGjTv98Zs8Ktio1NDb7ikMOeBmpiwLQVExsETWb7hsxgTqlb1p
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org