Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/U9OrHm2ojA9uyc2Qdx8CBiigSBA.roa
File: U9OrHm2ojA9uyc2Qdx8CBiigSBA.roa (raw, json)
Hash identifier: lYuBTzEztW8G6EFqGnR+t5U+LnJAHokv34NX/R6t4Vc=
Subject key identifier: 53:D3:AB:1E:6D:A8:8C:0F:6E:C9:CD:90:77:1F:02:06:28:A0:48:10
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0183BCB502A50A7E4F9257637E1DF6049C44
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/U9OrHm2ojA9uyc2Qdx8CBiigSBA.roa
Signing time: Sun 09 Oct 2022 12:25:22 +0000
ROA not before: Sun 09 Oct 2022 12:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 163.5.199.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.207.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.208.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:bc:b5:02:a5:0a:7e:4f:92:57:63:7e:1d:f6:04:9c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 9 12:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53d3ab1e6da88c0f6ec9cd90771f020628a04810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:06:af:c5:7a:7c:ed:a9:d8:92:64:cf:a0:7f:
48:f4:10:48:b7:24:3c:f9:ee:97:41:97:28:2a:31:
25:ce:92:66:45:d7:58:ee:bb:cb:1a:c5:be:85:1b:
c0:43:81:19:4c:21:ef:8f:76:ab:ee:c9:e4:fd:f6:
b6:0e:01:bc:97:cf:67:00:33:d8:98:f2:0c:e2:aa:
9e:15:3d:98:e8:0c:b4:9c:5b:bd:d4:ea:8f:08:1b:
95:09:2d:d9:e8:80:10:3a:c2:e6:d4:c3:4d:be:7c:
f9:cb:42:5e:f1:97:bb:20:ea:33:5c:24:7d:d9:b1:
d6:20:8e:6d:dc:68:f7:32:14:80:31:7f:e4:e2:d1:
ec:0a:32:6a:33:3a:87:29:3a:c4:f3:c4:06:ca:e4:
4b:85:ec:52:a4:a6:61:1f:9e:89:6c:bf:52:eb:8a:
bf:ba:24:6f:97:2a:56:d3:69:68:fd:7a:d7:ea:22:
15:d3:bc:13:0e:6e:fa:c6:e9:c4:41:4d:a4:2c:a2:
3d:25:c0:d3:25:64:51:3a:8e:e0:7e:21:0b:3f:9b:
a8:8e:73:5a:e1:53:b3:e2:e7:af:68:94:17:38:fe:
dc:ad:d8:0a:e8:f9:69:7a:32:cc:bc:21:d4:17:c7:
81:9b:d6:18:c7:ca:34:d9:c7:3e:ab:da:60:12:3f:
35:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D3:AB:1E:6D:A8:8C:0F:6E:C9:CD:90:77:1F:02:06:28:A0:48:10
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/U9OrHm2ojA9uyc2Qdx8CBiigSBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.155.0-163.5.157.255
163.5.199.0-163.5.200.255
163.5.206.0-163.5.209.255
Signature Algorithm: sha256WithRSAEncryption
66:a3:a2:ff:0a:64:43:c5:01:12:d2:c7:04:d5:55:71:c9:ec:
18:84:a3:ad:2a:6d:14:7a:4e:d3:2f:1d:c1:1d:05:29:c1:cc:
9c:f9:e9:46:f4:99:41:b6:49:a1:e3:d0:c8:26:e3:e0:e1:db:
90:b4:dc:13:42:0c:f1:cd:4c:70:fb:d4:b8:96:e8:be:24:58:
68:f7:6a:57:c9:17:cc:67:3d:9e:1d:68:78:72:9f:0c:6d:14:
ed:15:c1:fe:cb:c2:2b:ee:88:35:43:b8:03:43:bb:3a:52:e5:
cd:59:68:21:09:01:38:9f:81:d5:02:b7:53:c0:78:cd:7d:74:
b2:f2:f8:55:17:2b:1c:2f:62:dd:25:c9:68:1e:78:d4:2b:8b:
da:6b:b9:dd:42:97:5b:39:ea:46:19:0e:7c:bb:64:8b:38:4f:
e0:c1:fa:78:d8:34:90:30:d0:27:76:68:0d:99:ba:81:b9:84:
7e:2b:d9:32:9e:66:69:e5:d7:81:c1:09:c7:05:66:e8:e0:70:
eb:73:cf:cd:be:5e:57:72:ae:1f:b0:f1:f3:68:b9:76:af:3f:
8c:44:c2:de:a8:32:33:f0:4b:f3:42:7b:b8:93:fa:6e:63:82:
20:ab:86:26:57:07:6c:0b:f0:09:44:82:ce:ab:5c:13:e5:dc:
1b:3c:06:32
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYO8tQKlCn5Pkldjfh32BJxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDA5MTIyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2QzYWIxZTZkYTg4YzBmNmVjOWNkOTA3NzFmMDIwNjI4YTA0ODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygavxXp87anYkmTPoH9I9BBItyQ8
+e6XQZcoKjElzpJmRddY7rvLGsW+hRvAQ4EZTCHvj3ar7snk/fa2DgG8l89nADPY
mPIM4qqeFT2Y6Ay0nFu91OqPCBuVCS3Z6IAQOsLm1MNNvnz5y0Je8Ze7IOozXCR9
2bHWII5t3Gj3MhSAMX/k4tHsCjJqMzqHKTrE88QGyuRLhexSpKZhH56JbL9S64q/
uiRvlypW02lo/XrX6iIV07wTDm76xunEQU2kLKI9JcDTJWRROo7gfiELP5uojnNa
4VOz4uevaJQXOP7crdgK6PlpejLMvCHUF8eBm9YYx8o02cc+q9pgEj81XwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFPTqx5tqIwPbsnNkHcfAgYooEgQMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVTlPckhtMm9qQTl1eWMyUWR4OENCaWlnU0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBACjBZsD
BAGjBZwwDAMEAKMFxwMEAKMFyDAMAwQBowXOAwQBowXQMA0GCSqGSIb3DQEBCwUA
A4IBAQBmo6L/CmRDxQES0scE1VVxyewYhKOtKm0Uek7TLx3BHQUpwcyc+elG9JlB
tkmh49DIJuPg4duQtNwTQgzxzUxw+9S4lui+JFho92pXyRfMZz2eHWh4cp8MbRTt
FcH+y8Ir7og1Q7gDQ7s6UuXNWWghCQE4n4HVArdTwHjNfXSy8vhVFyscL2LdJclo
HnjUK4vaa7ndQpdbOepGGQ58u2SLOE/gwfp42DSQMNAndmgNmbqBuYR+K9kynmZp
5deBwQnHBWbo4HDrc8/Nvl5Xcq4fsPHzaLl2rz+MRMLeqDIz8EvzQnu4k/puY4Ig
q4YmVwdsC/AJRILOq1wT5dwbPAYy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org