Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T-rhYs-k5-uzihApBDJtt4lPbsA.roa
File: T-rhYs-k5-uzihApBDJtt4lPbsA.roa (raw, json)
Hash identifier: bCFnRoIophMIqcUFEbZK15TrZTsruuyuDHVTF0wTLh0=
Subject key identifier: 4F:EA:E1:62:CF:A4:E7:EB:B3:8A:10:29:04:32:6D:B7:89:4F:6E:C0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0182E42385B63935AE8C71777BA9EE0E058D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T-rhYs-k5-uzihApBDJtt4lPbsA.roa
Signing time: Sun 28 Aug 2022 11:08:29 +0000
ROA not before: Sun 28 Aug 2022 11:08:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 163.5.232.0/24 maxlen: 24
163.5.231.0/24 maxlen: 24
163.5.234.0/24 maxlen: 24
163.5.235.0/24 maxlen: 24
163.5.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e4:23:85:b6:39:35:ae:8c:71:77:7b:a9:ee:0e:05:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 28 11:08:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4feae162cfa4e7ebb38a102904326db7894f6ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bf:6b:10:e3:d3:00:b4:91:95:de:7c:3f:80:
f6:8a:e8:f2:13:f2:77:e4:5b:74:78:d7:2e:1b:02:
ca:89:7d:f0:89:4e:c4:c8:02:75:b8:20:a9:40:45:
00:77:9b:8b:59:c2:4a:4c:64:b7:19:e7:27:29:fe:
ac:14:62:9c:2a:5b:f9:cc:37:53:b9:c3:e7:2f:7c:
b7:d7:e6:62:e2:d3:ca:5a:c4:58:8e:12:9a:9b:de:
1d:10:54:71:4b:51:f8:a9:78:9e:6d:cc:94:64:71:
e6:b2:0f:c3:6d:d5:99:d2:3a:9f:de:8b:b3:1d:2e:
71:e1:d0:32:6b:b6:39:e8:27:e1:89:7d:c5:97:8a:
3e:50:97:74:ea:3c:99:d6:bf:9a:d8:4c:a7:8a:20:
5f:88:2c:6e:b4:e6:84:83:3e:8f:ae:ad:85:e6:dc:
91:2b:97:d6:bb:30:ea:35:e0:56:a7:54:c6:ab:e6:
15:e0:e4:79:f2:21:0a:82:1a:ed:48:ad:a9:2c:be:
ae:9c:b9:d1:7e:b6:2f:64:99:32:0f:75:73:94:60:
5d:3e:98:58:fa:fb:5d:0c:48:19:54:54:01:c4:ed:
4b:1d:a1:d4:7f:5b:ba:e4:e6:78:24:e0:de:27:49:
75:bb:63:b7:d1:d9:7e:8f:8d:62:ee:d8:c9:8a:81:
f5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:EA:E1:62:CF:A4:E7:EB:B3:8A:10:29:04:32:6D:B7:89:4F:6E:C0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T-rhYs-k5-uzihApBDJtt4lPbsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.165.0/24
163.5.231.0-163.5.232.255
163.5.234.0/23
Signature Algorithm: sha256WithRSAEncryption
05:a1:c2:9d:55:a8:d9:33:e3:23:cc:f8:fd:10:99:08:ed:12:
a8:2d:cf:7b:fe:b8:e4:30:e2:ac:a5:35:fd:49:67:b9:87:9e:
cd:f5:b9:52:8c:21:cc:f8:20:53:77:bc:b6:c1:df:c7:64:e0:
71:1b:bf:d3:97:f7:f5:8d:7e:40:3c:12:d8:81:4b:dc:5c:37:
e3:63:59:37:d7:c9:c7:98:47:5a:b3:e6:d6:6b:a1:2d:f2:b6:
a5:f2:3e:42:5f:f4:07:bd:59:ec:b2:60:85:09:e6:3e:e5:74:
f2:13:b1:29:3f:82:f7:08:ad:32:e6:2d:16:72:46:80:ee:77:
f5:e3:0d:de:fb:11:76:2d:3b:bb:a6:ff:05:a6:6e:2b:fc:42:
7b:4b:0d:56:b3:69:62:57:ea:f7:a8:79:8f:2b:9d:8e:af:96:
f1:c6:dc:4c:d7:e5:81:f4:61:f1:3d:21:c0:06:1f:22:bd:72:
aa:6d:bf:d6:6c:48:53:25:e3:6f:a0:65:7a:e7:70:ac:d6:e5:
e7:d4:43:18:22:4e:5f:04:9b:96:7f:6a:00:63:7e:8e:0e:d5:
e0:b1:cd:77:8b:ea:ab:e9:cc:88:44:f5:36:6a:27:09:dc:46:
cf:44:27:f4:fa:93:52:dc:b5:a6:43:80:45:a0:f3:01:c9:26:
81:0b:99:15
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYLkI4W2OTWujHF3e6nuDgWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODI4MTEwODI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmVhZTE2MmNmYTRlN2ViYjM4YTEwMjkwNDMyNmRiNzg5NGY2ZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzr9rEOPTALSRld58P4D2iujyE/J3
5Ft0eNcuGwLKiX3wiU7EyAJ1uCCpQEUAd5uLWcJKTGS3GecnKf6sFGKcKlv5zDdT
ucPnL3y31+Zi4tPKWsRYjhKam94dEFRxS1H4qXiebcyUZHHmsg/DbdWZ0jqf3ouz
HS5x4dAya7Y56CfhiX3Fl4o+UJd06jyZ1r+a2EyniiBfiCxutOaEgz6Prq2F5tyR
K5fWuzDqNeBWp1TGq+YV4OR58iEKghrtSK2pLL6unLnRfrYvZJkyD3VzlGBdPphY
+vtdDEgZVFQBxO1LHaHUf1u65OZ4JODeJ0l1u2O30dl+j41i7tjJioH1LQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFE/q4WLPpOfrs4oQKQQybbeJT27AMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVC1yaFlzLWs1LXV6aWhBcEJESnR0NGxQYnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAowWlMAwD
BACjBecDBACjBegDBAGjBeowDQYJKoZIhvcNAQELBQADggEBAAWhwp1VqNkz4yPM
+P0QmQjtEqgtz3v+uOQw4qylNf1JZ7mHns31uVKMIcz4IFN3vLbB38dk4HEbv9OX
9/WNfkA8EtiBS9xcN+NjWTfXyceYR1qz5tZroS3ytqXyPkJf9Ae9WeyyYIUJ5j7l
dPITsSk/gvcIrTLmLRZyRoDud/XjDd77EXYtO7um/wWmbiv8QntLDVazaWJX6veo
eY8rnY6vlvHG3EzX5YH0YfE9IcAGHyK9cqptv9ZsSFMl42+gZXrncKzW5efUQxgi
Tl8Em5Z/agBjfo4O1eCxzXeL6qvpzIhE9TZqJwncRs9EJ/T6k1LctaZDgEWg8wHJ
JoELmRU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org