Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UelsxMOX7sQXsxv0n8M74F1xeqA.roa
File: UelsxMOX7sQXsxv0n8M74F1xeqA.roa (raw, json)
Hash identifier: 1d8YA8SMTnbwXToGCg6kuXc8/5OEjUIKVLmw+Eb1ifw=
Subject key identifier: 51:E9:6C:C4:C3:97:EE:C4:17:B3:1B:F4:9F:C3:3B:E0:5D:71:7A:A0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0182FE1A26691C0F99381BD4DD3A873F9DC8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UelsxMOX7sQXsxv0n8M74F1xeqA.roa
Signing time: Fri 02 Sep 2022 12:08:22 +0000
ROA not before: Fri 02 Sep 2022 12:08:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 163.5.215.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fe:1a:26:69:1c:0f:99:38:1b:d4:dd:3a:87:3f:9d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 2 12:08:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51e96cc4c397eec417b31bf49fc33be05d717aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a1:15:3a:28:bf:08:4e:9a:4e:54:b0:c2:75:
b1:d5:f1:02:71:eb:ab:6c:29:a5:e0:eb:ce:8a:ea:
71:83:99:22:a3:cf:11:fd:dd:c5:22:50:d1:d6:9e:
87:2b:98:ce:64:26:0d:1e:69:93:0e:f1:d3:07:92:
ad:94:9e:d5:f7:78:6f:c5:a0:f7:b2:f9:b0:bd:b1:
a4:13:b9:7e:c3:81:24:fe:05:72:4e:f5:8f:bf:ae:
f9:06:57:a8:d7:5c:53:51:30:6e:0c:c2:32:91:71:
a3:11:e3:53:46:f7:54:51:06:5d:1b:bd:66:85:c8:
c2:27:33:3a:77:5b:cd:e2:15:6d:13:a4:0a:e2:fd:
ac:09:73:38:6a:5d:25:4b:70:68:d8:28:3a:56:9c:
a5:e9:12:8a:eb:70:78:11:9a:1b:47:c8:c4:8e:ad:
a3:b4:26:56:aa:c9:60:23:93:d1:28:b6:7b:00:4f:
b1:77:33:b5:2a:83:aa:90:90:04:13:ab:2c:bf:20:
d8:76:b4:26:b8:62:f4:88:c5:0b:3e:f2:53:b3:ea:
ec:44:e8:d7:dc:bf:46:04:27:d0:ef:85:5c:ea:12:
74:2b:46:62:9d:d8:07:6a:15:29:1c:4e:2f:31:d2:
58:41:b0:5a:a2:10:95:f5:40:ba:c8:62:b5:9c:a0:
94:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:E9:6C:C4:C3:97:EE:C4:17:B3:1B:F4:9F:C3:3B:E0:5D:71:7A:A0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UelsxMOX7sQXsxv0n8M74F1xeqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.128.0/24
163.5.163.0/24
163.5.168.0/24
163.5.215.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:74:46:90:16:a1:a5:f6:de:d7:b3:1a:cc:de:78:25:39:21:
28:b2:e5:f6:40:f9:77:90:8d:b8:d0:78:03:48:87:9c:3e:d4:
67:a2:38:84:45:9c:2d:a9:83:9b:4a:17:9a:79:13:4e:17:76:
3c:19:1e:57:94:1a:37:cc:0a:98:d7:15:97:2a:27:55:f0:f8:
12:ff:1e:9a:59:62:61:fd:5e:90:92:b0:6d:4b:79:ac:5d:2c:
11:a0:35:1a:d7:28:05:12:fa:dd:3b:d1:14:5d:9f:3e:e2:4f:
36:85:30:74:88:5a:86:ed:2b:7a:1c:32:3d:33:d9:96:b8:c9:
67:a4:6b:7e:91:b8:9f:f6:89:77:05:cd:1a:db:68:ef:e5:86:
c2:2f:94:40:00:eb:e6:69:b0:fb:c3:69:73:66:e6:7f:43:84:
b3:86:f4:b7:95:d6:c0:0c:f5:85:32:ff:17:dd:9f:ed:73:5e:
df:d9:8d:ae:eb:69:35:b5:99:bb:4d:9a:02:09:b9:4d:1c:a0:
c7:55:a5:4c:83:89:ef:98:3e:ba:e6:d7:0e:7f:6f:13:77:b2:
8c:02:98:fe:6f:e6:18:dc:93:40:7f:e8:0d:60:41:d6:dd:9e:
db:f7:22:30:14:6b:7a:e9:e7:ea:e4:aa:ca:c0:bd:2f:8d:36:
93:61:84:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYL+GiZpHA+ZOBvU3TqHP53IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTAyMTIwODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWU5NmNjNGMzOTdlZWM0MTdiMzFiZjQ5ZmMzM2JlMDVkNzE3YWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6EVOii/CE6aTlSwwnWx1fECceur
bCml4OvOiupxg5kio88R/d3FIlDR1p6HK5jOZCYNHmmTDvHTB5KtlJ7V93hvxaD3
svmwvbGkE7l+w4Ek/gVyTvWPv675Bleo11xTUTBuDMIykXGjEeNTRvdUUQZdG71m
hcjCJzM6d1vN4hVtE6QK4v2sCXM4al0lS3Bo2Cg6Vpyl6RKK63B4EZobR8jEjq2j
tCZWqslgI5PRKLZ7AE+xdzO1KoOqkJAEE6ssvyDYdrQmuGL0iMULPvJTs+rsROjX
3L9GBCfQ74Vc6hJ0K0ZindgHahUpHE4vMdJYQbBaohCV9UC6yGK1nKCUawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFHpbMTDl+7EF7Mb9J/DO+BdcXqgMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVWVsc3hNT1g3c1FYc3h2MG44TTc0RjF4ZXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowWAAwQA
owWjAwQAowWoAwQAowXXMA0GCSqGSIb3DQEBCwUAA4IBAQCndEaQFqGl9t7XsxrM
3nglOSEosuX2QPl3kI240HgDSIecPtRnojiERZwtqYObSheaeRNOF3Y8GR5XlBo3
zAqY1xWXKidV8PgS/x6aWWJh/V6QkrBtS3msXSwRoDUa1ygFEvrdO9EUXZ8+4k82
hTB0iFqG7St6HDI9M9mWuMlnpGt+kbif9ol3Bc0a22jv5YbCL5RAAOvmabD7w2lz
ZuZ/Q4SzhvS3ldbADPWFMv8X3Z/tc17f2Y2u62k1tZm7TZoCCblNHKDHVaVMg4nv
mD665tcOf28Td7KMApj+b+YY3JNAf+gNYEHW3Z7b9yIwFGt66efq5KrKwL0vjTaT
YYTw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org