Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RQ4o2WMgM_sn32QDh9bpKUzgVSA.roa
File: RQ4o2WMgM_sn32QDh9bpKUzgVSA.roa (raw, json)
Hash identifier: 3qbfmq6Y7cQ/CP4hfdchz27y8Q54a1qffxewA+aFX/Y=
Subject key identifier: 45:0E:28:D9:63:20:33:FB:27:DF:64:03:87:D6:E9:29:4C:E0:55:20
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 015EB5FA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RQ4o2WMgM_sn32QDh9bpKUzgVSA.roa
Signing time: Fri 01 Jul 2022 08:50:02 +0000
ROA not before: Fri 01 Jul 2022 08:50:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 163.5.125.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22984186 (0x15eb5fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 1 08:50:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=450e28d9632033fb27df640387d6e9294ce05520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b4:6a:6c:a9:06:9f:a1:53:11:a4:8c:a0:da:
b6:8b:a8:99:a4:25:a0:ce:20:aa:cc:70:24:7a:18:
01:3b:cf:7a:93:32:4e:38:96:09:5e:1a:3f:f3:52:
2d:f6:6b:df:16:37:af:45:a5:22:7e:41:de:7b:6d:
dc:4f:3c:2c:fb:64:bf:d4:14:a6:b3:e8:14:cc:25:
62:79:bc:d1:fc:06:0e:d9:9d:99:0a:93:69:a0:a1:
75:68:5a:b6:a5:b4:2b:83:52:6b:fb:61:8d:f0:1e:
9b:99:53:79:46:6e:76:5d:58:b4:e3:74:04:9e:d8:
94:42:b5:58:8c:25:34:0d:29:c4:11:94:6b:96:9b:
1a:f8:cd:f2:a8:24:99:6e:6d:b9:99:99:d1:ec:d1:
61:88:0b:2e:f2:55:e4:37:51:36:e0:b6:1a:51:24:
d0:e0:3d:7a:4d:37:6a:d0:43:3f:58:66:44:e5:9f:
7e:13:20:52:6f:d9:91:70:64:56:76:69:73:3c:0d:
51:ca:01:ce:40:da:b1:a8:a9:4e:9b:f1:41:ba:a1:
eb:00:dd:d5:4d:3c:42:5a:5d:66:3c:ee:7a:c9:e6:
70:63:8b:dc:20:08:52:4d:e9:c1:2f:8a:d8:0b:05:
2a:b2:7a:dc:7c:7d:df:56:35:5a:ef:c6:69:f7:a4:
fb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:0E:28:D9:63:20:33:FB:27:DF:64:03:87:D6:E9:29:4C:E0:55:20
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RQ4o2WMgM_sn32QDh9bpKUzgVSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.125.0/24
163.5.128.0/22
163.5.134.0/24
163.5.136.0/24
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
69:61:d6:71:d7:bb:1c:9d:60:14:05:37:61:7d:0c:f1:12:27:
a8:57:67:e7:ab:c6:5d:2d:e9:b0:50:84:81:98:89:b8:10:d6:
02:76:b0:91:b8:20:21:4d:5a:26:06:b8:7f:74:38:d2:b8:12:
3e:03:20:1d:95:8e:47:ab:4a:a9:77:e3:a7:65:c1:5b:24:bb:
2b:ef:d8:78:47:1b:61:a5:30:8d:ef:89:c6:8c:43:d0:8d:8b:
83:25:71:a8:c8:96:5e:e4:c7:e5:8f:e4:55:b3:89:27:10:47:
59:3a:f7:df:ef:63:85:fd:36:87:ac:96:12:e2:54:3e:c9:c6:
83:9c:73:50:9b:f1:70:70:35:6e:72:9e:86:3b:9e:c6:84:65:
ef:9f:d3:c4:85:88:3d:95:a7:f5:21:1c:cb:d8:eb:50:2c:79:
52:28:fd:66:51:13:06:6f:4d:c5:c3:c4:57:8b:0d:69:e7:2b:
43:1e:1a:af:14:3e:9e:30:80:85:49:e2:a9:af:cd:e8:92:c9:
5b:bf:54:1a:b3:b5:5f:c3:f2:a3:fd:ee:4e:99:78:a5:dc:93:
0b:96:bd:c6:5b:30:5c:05:72:9e:5b:4f:8e:59:86:67:81:60:
e5:17:71:47:16:97:ee:2f:2d:58:2f:6f:e0:35:92:77:38:3b:
b7:e9:09:bb
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAV61+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
Y2U4NTFiNmRkNWQzNjRlZTE5ZTBiMzgyMDFiM2U4ZGYyNjI0YmNiMB4XDTIyMDcw
MTA4NTAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDUwZTI4ZDk2MzIw
MzNmYjI3ZGY2NDAzODdkNmU5Mjk0Y2UwNTUyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI60amypBp+hUxGkjKDatouomaQloM4gqsxwJHoYATvPepMy
TjiWCV4aP/NSLfZr3xY3r0WlIn5B3ntt3E88LPtkv9QUprPoFMwlYnm80fwGDtmd
mQqTaaChdWhatqW0K4NSa/thjfAem5lTeUZudl1YtON0BJ7YlEK1WIwlNA0pxBGU
a5abGvjN8qgkmW5tuZmZ0ezRYYgLLvJV5DdRNuC2GlEk0OA9ek03atBDP1hmROWf
fhMgUm/ZkXBkVnZpczwNUcoBzkDasaipTpvxQbqh6wDd1U08QlpdZjzuesnmcGOL
3CAIUk3pwS+K2AsFKrJ63Hx931Y1Wu/Gafek+8UCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRFDijZYyAz+yffZAOH1ukpTOBVIDAfBgNVHSMEGDAWgBQM6FG23V02TuGe
CzggGz6N8mJLyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYwMS8x
L1JRNG8yV01nTV9zbjMyUURoOWJwS1V6Z1ZTQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
ZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYwMS8xL0RPaFJ0dDFkTms3
aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAKMFfQMEAqMFgAMEAKMFhgMEAKMF
iAMEALn9NjANBgkqhkiG9w0BAQsFAAOCAQEAaWHWcde7HJ1gFAU3YX0M8RInqFdn
56vGXS3psFCEgZiJuBDWAnawkbggIU1aJga4f3Q40rgSPgMgHZWOR6tKqXfjp2XB
WyS7K+/YeEcbYaUwje+JxoxD0I2LgyVxqMiWXuTH5Y/kVbOJJxBHWTr33+9jhf02
h6yWEuJUPsnGg5xzUJvxcHA1bnKehjuexoRl75/TxIWIPZWn9SEcy9jrUCx5Uij9
ZlETBm9NxcPEV4sNaecrQx4arxQ+njCAhUniqa/N6JLJW79UGrO1X8Pyo/3uTpl4
pdyTC5a9xlswXAVynltPjlmGZ4Fg5RdxRxaX7i8tWC9v4DWSdzg7t+kJuw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org