Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TBYzr3Jk13cBFiG0ixztyX-srmw.roa
File: TBYzr3Jk13cBFiG0ixztyX-srmw.roa (raw, json)
Hash identifier: GjQjuONvtxuNBCZPkqPMY/L28e0cNtdtOkAbMD8JU20=
Subject key identifier: 4C:16:33:AF:72:64:D7:77:01:16:21:B4:8B:1C:ED:C9:7F:AC:AE:6C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184C3957A3D6E1B69BF706A0C74134D8645
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TBYzr3Jk13cBFiG0ixztyX-srmw.roa
Signing time: Tue 29 Nov 2022 13:31:03 +0000
ROA not before: Tue 29 Nov 2022 13:31:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 163.5.199.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.208.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.207.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:95:7a:3d:6e:1b:69:bf:70:6a:0c:74:13:4d:86:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 29 13:31:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c1633af7264d777011621b48b1cedc97facae6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3b:c5:43:f1:94:4c:9b:94:db:a8:5f:43:e8:
cd:18:f5:5c:23:65:10:a5:be:07:1b:31:b7:05:29:
c0:f8:86:34:46:bd:4f:91:0c:93:17:15:a0:24:e8:
89:6d:0b:f7:04:ea:0e:f4:4b:45:c0:f8:f2:34:55:
58:e8:84:15:2e:f6:17:35:09:25:75:3f:37:51:7c:
57:f3:d7:cb:4e:47:3f:e0:9d:32:29:ff:5b:78:88:
f9:2b:ce:8a:e5:fb:e1:15:e4:e6:da:1b:e3:cf:48:
9e:1e:05:29:2a:5f:14:50:35:df:cd:10:14:73:ef:
bb:eb:38:18:5c:04:59:50:0e:1b:09:b4:22:8a:03:
84:eb:df:04:5a:ad:15:67:ef:af:75:2f:c5:ef:83:
17:01:86:90:5c:1e:4c:18:1e:96:a0:87:63:3c:da:
22:98:b8:6c:81:da:d9:d8:83:95:33:4e:7d:8a:93:
65:60:d0:48:00:7a:6d:ae:40:2e:60:ed:f6:06:76:
4c:14:c4:ba:15:d8:2a:26:0d:18:bd:e9:5c:0f:aa:
4e:53:5a:5b:60:6a:59:cc:e5:0e:19:f6:d0:0f:4e:
9c:e5:a6:bf:9d:d4:ee:cc:7a:5c:54:08:bb:00:d5:
07:76:55:b6:37:75:4d:8d:ae:d7:70:01:20:3a:1b:
35:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:16:33:AF:72:64:D7:77:01:16:21:B4:8B:1C:ED:C9:7F:AC:AE:6C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TBYzr3Jk13cBFiG0ixztyX-srmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.155.0-163.5.157.255
163.5.199.0/24
163.5.206.0-163.5.209.255
Signature Algorithm: sha256WithRSAEncryption
78:42:54:2f:99:61:09:45:fa:0b:e8:36:3e:3e:e0:f7:a3:b7:
af:53:a7:3e:8d:2e:4e:29:6b:e7:67:0e:e9:e5:cb:d3:10:d8:
91:eb:53:10:3d:72:ee:b2:fe:12:d1:e1:b8:11:e7:41:15:8e:
e9:12:d5:04:55:3e:c0:0a:41:b2:8d:df:70:bd:30:36:b7:d3:
73:36:d8:9d:2b:23:78:e6:1e:21:f7:8f:90:a0:f2:dd:07:42:
f7:81:b1:2d:ab:7b:f2:20:95:20:de:b7:8c:6e:ca:5e:d5:a5:
c1:3a:ce:5f:50:75:76:ec:bf:2f:8d:c0:23:3b:3c:40:b6:3a:
8e:a8:ff:df:38:67:b1:d1:11:7f:2f:f4:5f:c3:9c:bc:b5:66:
9a:23:03:92:b1:cd:56:51:e3:aa:71:53:00:78:5f:3f:7d:71:
a0:79:e1:6e:5c:6d:88:ac:31:5b:7a:24:33:7a:1e:ad:9d:f1:
da:86:97:ba:e5:24:bb:b6:d5:99:74:47:06:5d:e3:c3:6d:f5:
20:d5:1d:35:c5:b1:18:5c:de:9d:f3:45:af:8e:ad:a6:93:e2:
ef:ea:ed:a1:25:cb:53:e2:11:25:cd:3d:4d:2c:d0:f8:ee:af:
2d:35:e2:d8:21:7d:e2:4d:dd:4e:60:14:95:1f:bf:f4:fd:74:
b1:bf:89:75
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYTDlXo9bhtpv3BqDHQTTYZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTI5MTMzMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE2MzNhZjcyNjRkNzc3MDExNjIxYjQ4YjFjZWRjOTdmYWNhZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjvFQ/GUTJuU26hfQ+jNGPVcI2UQ
pb4HGzG3BSnA+IY0Rr1PkQyTFxWgJOiJbQv3BOoO9EtFwPjyNFVY6IQVLvYXNQkl
dT83UXxX89fLTkc/4J0yKf9beIj5K86K5fvhFeTm2hvjz0ieHgUpKl8UUDXfzRAU
c++76zgYXARZUA4bCbQiigOE698EWq0VZ++vdS/F74MXAYaQXB5MGB6WoIdjPNoi
mLhsgdrZ2IOVM059ipNlYNBIAHptrkAuYO32BnZMFMS6FdgqJg0YvelcD6pOU1pb
YGpZzOUOGfbQD06c5aa/ndTuzHpcVAi7ANUHdlW2N3VNja7XcAEgOhs1qQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEwWM69yZNd3ARYhtIsc7cl/rK5sMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVEJZenIzSmsxM2NCRmlHMGl4enR5WC1zcm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBACjBZsD
BAGjBZwDBACjBccwDAMEAaMFzgMEAaMF0DANBgkqhkiG9w0BAQsFAAOCAQEAeEJU
L5lhCUX6C+g2Pj7g96O3r1OnPo0uTilr52cO6eXL0xDYketTED1y7rL+EtHhuBHn
QRWO6RLVBFU+wApBso3fcL0wNrfTczbYnSsjeOYeIfePkKDy3QdC94GxLat78iCV
IN63jG7KXtWlwTrOX1B1duy/L43AIzs8QLY6jqj/3zhnsdERfy/0X8OcvLVmmiMD
krHNVlHjqnFTAHhfP31xoHnhblxtiKwxW3okM3oerZ3x2oaXuuUku7bVmXRHBl3j
w231INUdNcWxGFzenfNFr46tppPi7+rtoSXLU+IRJc09TSzQ+O6vLTXi2CF94k3d
TmAUlR+/9P10sb+JdQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:10 2023 by rpki-client on console-ams.rpki-client.org