Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UcNxE373Ig_h7-yhb9tXsWF07I0.roa
File: UcNxE373Ig_h7-yhb9tXsWF07I0.roa (raw, json)
Hash identifier: +jhi3uguDuumLsHH68A52r2jL++1JsVEKVILDwVh+ZQ=
Subject key identifier: 51:C3:71:13:7E:F7:22:0F:E1:EF:EC:A1:6F:DB:57:B1:61:74:EC:8D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184D807028D0BDA1F87E274E20D0975EB8B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UcNxE373Ig_h7-yhb9tXsWF07I0.roa
Signing time: Sat 03 Dec 2022 12:47:28 +0000
ROA not before: Sat 03 Dec 2022 12:47:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.187.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.237.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d8:07:02:8d:0b:da:1f:87:e2:74:e2:0d:09:75:eb:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 3 12:47:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51c371137ef7220fe1efeca16fdb57b16174ec8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bb:fc:a3:a9:f3:88:77:6c:a7:24:60:a1:a1:
34:37:e0:f9:9a:49:dd:13:27:56:c4:e8:4c:3f:c6:
64:3e:70:cb:8e:d3:49:84:24:29:6f:f2:8a:29:c7:
a7:b4:5f:16:f1:a1:30:f9:cd:40:07:e2:e6:a6:da:
9d:2f:1d:47:e5:6e:11:39:88:81:a3:ec:60:a9:e3:
c9:1f:73:fe:c1:d9:f4:5f:6c:d0:9b:15:33:e2:1b:
4b:3b:94:f1:0a:1c:25:63:80:42:a7:df:0b:42:73:
4a:2c:e3:4d:45:92:38:7d:21:5e:65:c8:02:49:17:
7a:83:cb:fd:5a:60:71:fc:56:4e:47:15:6e:79:8b:
d2:87:e6:29:60:d2:ac:1a:0f:30:a7:71:1d:24:3e:
e2:3b:2c:3b:6a:08:57:87:15:b4:91:57:a7:21:05:
d4:d3:15:0d:ae:5a:08:bf:ab:30:81:a0:0c:55:0f:
dd:20:3b:84:7e:7a:8b:b2:95:b0:1c:cf:e6:00:e5:
ab:ed:0b:73:76:18:56:a7:83:be:11:ad:7f:5b:b2:
fb:b7:5e:fb:3f:09:18:df:d1:ca:22:49:e8:8c:2a:
97:10:8c:6d:20:8f:44:bd:41:03:78:9c:d9:cf:64:
6d:b9:40:05:a2:4b:6e:57:c1:17:dd:11:5c:89:9c:
fc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C3:71:13:7E:F7:22:0F:E1:EF:EC:A1:6F:DB:57:B1:61:74:EC:8D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UcNxE373Ig_h7-yhb9tXsWF07I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.112.0/24
163.5.130.0/24
163.5.134.0/24
163.5.153.0/24
163.5.187.0/24
163.5.192.0/24
163.5.220.0/24
163.5.228.0/24
163.5.237.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:b7:62:40:b5:c6:49:aa:a4:de:50:d8:b2:b5:21:06:83:3a:
00:0d:b7:50:95:0f:58:f8:01:f1:da:76:66:12:73:ad:4b:76:
5f:f4:e6:de:a9:3c:ce:6b:54:90:b7:75:54:ea:8b:57:8c:1e:
dc:07:08:e1:1a:e3:26:2f:15:b0:6c:ee:df:0a:c4:19:b8:66:
eb:dc:1e:fe:62:cf:13:1b:ab:33:43:8b:d7:ce:cf:b3:31:76:
83:03:87:c3:17:fc:f7:70:c9:9f:2b:a7:d6:82:d3:f2:d8:2c:
da:67:4c:43:b4:22:97:d2:d7:68:86:e0:1f:04:54:10:c4:48:
0a:43:18:59:8f:2b:63:c0:ed:6e:fd:89:1a:40:51:bb:87:49:
32:4b:6c:13:3a:f1:64:30:fa:0c:7b:78:5e:ee:a9:e1:4c:32:
e1:24:87:87:0c:04:6f:52:0a:cb:6f:0b:bf:13:66:29:e5:24:
1a:d3:ac:e0:8f:48:15:5e:d8:21:e1:80:b4:db:2a:d7:b9:34:
73:84:e6:b6:eb:6e:ef:c3:78:78:fd:7c:f9:98:9a:89:fa:05:
f8:09:b9:de:6c:5c:07:00:e7:0f:78:81:54:40:a5:0a:d9:1c:
f7:3b:99:14:76:c9:11:9e:42:f5:6a:aa:06:d7:5f:3d:12:2b:
11:32:cc:65
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYTYBwKNC9ofh+J04g0JdeuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjAzMTI0NzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWMzNzExMzdlZjcyMjBmZTFlZmVjYTE2ZmRiNTdiMTYxNzRlYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLv8o6nziHdspyRgoaE0N+D5mknd
EydWxOhMP8ZkPnDLjtNJhCQpb/KKKcentF8W8aEw+c1AB+LmptqdLx1H5W4ROYiB
o+xgqePJH3P+wdn0X2zQmxUz4htLO5TxChwlY4BCp98LQnNKLONNRZI4fSFeZcgC
SRd6g8v9WmBx/FZORxVueYvSh+YpYNKsGg8wp3EdJD7iOyw7aghXhxW0kVenIQXU
0xUNrloIv6swgaAMVQ/dIDuEfnqLspWwHM/mAOWr7QtzdhhWp4O+Ea1/W7L7t177
PwkY39HKIknojCqXEIxtII9EvUEDeJzZz2RtuUAFoktuV8EX3RFciZz8cQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFHDcRN+9yIP4e/soW/bV7FhdOyNMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVWNOeEUzNzNJZ19oNy15aGI5dFhzV0YwN0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAowVwAwQA
owWCAwQAowWGAwQAowWZAwQAowW7AwQAowXAAwQAowXcAwQAowXkAwQAowXtMA0G
CSqGSIb3DQEBCwUAA4IBAQCqt2JAtcZJqqTeUNiytSEGgzoADbdQlQ9Y+AHx2nZm
EnOtS3Zf9ObeqTzOa1SQt3VU6otXjB7cBwjhGuMmLxWwbO7fCsQZuGbr3B7+Ys8T
G6szQ4vXzs+zMXaDA4fDF/z3cMmfK6fWgtPy2CzaZ0xDtCKX0tdohuAfBFQQxEgK
QxhZjytjwO1u/YkaQFG7h0kyS2wTOvFkMPoMe3he7qnhTDLhJIeHDARvUgrLbwu/
E2Yp5SQa06zgj0gVXtgh4YC02yrXuTRzhOa2627vw3h4/Xz5mJqJ+gX4CbnebFwH
AOcPeIFUQKUK2Rz3O5kUdskRnkL1aqoG1189EisRMsxl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org