Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ul5w2mkk54l8EkR9ix921qLU02o.roa
File: Ul5w2mkk54l8EkR9ix921qLU02o.roa (raw, json)
Hash identifier: t6RSw8/JNCegYSz5jrOJPc5kmsrEq3ERNgf0g6Zvsl8=
Subject key identifier: 52:5E:70:DA:69:24:E7:89:7C:12:44:7D:8B:1F:76:D6:A2:D4:D3:6A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01825D660675D3E67575A62C7A17B856B9C0
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ul5w2mkk54l8EkR9ix921qLU02o.roa
Signing time: Tue 02 Aug 2022 07:12:23 +0000
ROA not before: Tue 02 Aug 2022 07:12:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 163.5.173.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.183.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
163.5.184.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.137.0/24 maxlen: 24
163.5.172.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5d:66:06:75:d3:e6:75:75:a6:2c:7a:17:b8:56:b9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 2 07:12:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=525e70da6924e7897c12447d8b1f76d6a2d4d36a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:42:68:76:05:d6:75:89:9b:ce:5d:7c:0b:9a:
21:61:97:29:96:fc:59:92:73:1c:3d:fd:ba:6d:9b:
cc:29:72:4f:f5:e3:4f:fc:f0:ca:fb:46:81:2f:60:
6d:ec:69:ef:89:34:09:42:eb:e9:5b:0d:4f:79:4d:
a3:58:38:dd:e9:a1:9b:6e:54:b7:d3:87:92:01:94:
64:f6:86:b2:c7:8e:11:30:8b:5f:5a:cf:3f:fd:d9:
79:88:b4:39:f2:c8:5a:c0:b6:82:6b:f9:ac:a1:dd:
01:81:fe:ae:07:23:fa:9d:93:5b:c9:32:75:8a:7f:
1f:16:1b:09:6a:b7:2b:a4:94:70:32:13:36:d4:2d:
3a:cd:e5:57:91:e7:ec:a1:21:d5:3b:f3:6d:4e:3b:
fe:df:e2:4f:16:5e:05:c4:bb:77:8c:ee:57:6e:b3:
b9:04:4a:26:f9:8f:f9:8a:bb:04:53:1f:3a:b4:de:
65:b3:fa:5a:0b:57:57:11:c6:7b:af:dc:04:81:dd:
d6:f2:7e:52:cc:f3:fd:77:85:a4:00:31:c1:f2:32:
e8:b7:f8:ec:5f:75:68:9c:b0:3e:df:d6:97:13:e8:
70:f0:76:0f:aa:8c:2d:61:cb:84:04:af:17:bb:43:
8d:1f:be:ba:1b:a7:2c:36:af:8d:b2:45:db:db:d9:
ff:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:5E:70:DA:69:24:E7:89:7C:12:44:7D:8B:1F:76:D6:A2:D4:D3:6A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ul5w2mkk54l8EkR9ix921qLU02o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.137.0/24
163.5.170.0-163.5.173.255
163.5.182.0-163.5.189.255
Signature Algorithm: sha256WithRSAEncryption
36:83:eb:2d:c6:41:0a:0c:86:45:6a:60:64:9d:50:1e:b4:07:
1a:cc:f0:2d:78:f6:fb:f4:69:3e:64:5b:92:44:b8:c6:f9:a2:
2f:4a:58:84:65:e2:57:c3:4e:1a:3e:44:9d:ca:47:83:d8:cc:
4c:63:5a:e6:82:b4:27:68:58:3a:a0:b6:eb:fd:b1:87:f0:8d:
49:b9:3a:cc:3f:7b:22:0b:1c:64:0a:7a:f9:ae:17:ab:af:c4:
d8:a3:67:7a:ca:56:31:2e:3b:75:78:42:09:1b:de:59:d7:e9:
eb:f7:c3:64:77:af:57:33:39:5c:21:b0:ff:8d:5a:ac:bc:cb:
37:76:3e:62:38:40:09:9a:a9:66:64:25:21:e9:11:4b:07:2d:
f4:24:c4:99:25:e6:e6:23:32:c1:62:28:73:b1:ba:fc:c8:4e:
41:e8:6d:7e:aa:2e:7e:de:0e:cb:bf:01:33:c7:c5:e9:ac:a4:
5f:8a:e8:c2:67:18:84:65:a7:b6:98:0a:84:3f:de:6c:45:d6:
12:57:c3:1e:95:d9:cf:89:70:88:00:44:1f:89:3e:21:1b:63:
66:05:0a:67:5c:ca:e0:03:0c:59:bf:33:d1:d5:64:0f:46:96:
94:b1:52:0c:fc:de:8c:a9:0b:5e:c6:a5:99:08:4c:74:87:6f:
f9:16:a4:2b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYJdZgZ10+Z1daYsehe4VrnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODAyMDcxMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjVlNzBkYTY5MjRlNzg5N2MxMjQ0N2Q4YjFmNzZkNmEyZDRkMzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUJodgXWdYmbzl18C5ohYZcplvxZ
knMcPf26bZvMKXJP9eNP/PDK+0aBL2Bt7GnviTQJQuvpWw1PeU2jWDjd6aGbblS3
04eSAZRk9oayx44RMItfWs8//dl5iLQ58shawLaCa/msod0Bgf6uByP6nZNbyTJ1
in8fFhsJarcrpJRwMhM21C06zeVXkefsoSHVO/NtTjv+3+JPFl4FxLt3jO5XbrO5
BEom+Y/5irsEUx86tN5ls/paC1dXEcZ7r9wEgd3W8n5SzPP9d4WkADHB8jLot/js
X3VonLA+39aXE+hw8HYPqowtYcuEBK8Xu0ONH766G6csNq+NskXb29n/zwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFJecNppJOeJfBJEfYsfdtai1NNqMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVWw1dzJta2s1NGw4RWtSOWl4OTIxcUxVMDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAowWJMAwD
BAGjBaoDBAGjBawwDAMEAaMFtgMEAaMFvDANBgkqhkiG9w0BAQsFAAOCAQEANoPr
LcZBCgyGRWpgZJ1QHrQHGszwLXj2+/RpPmRbkkS4xvmiL0pYhGXiV8NOGj5EncpH
g9jMTGNa5oK0J2hYOqC26/2xh/CNSbk6zD97IgscZAp6+a4Xq6/E2KNnespWMS47
dXhCCRveWdfp6/fDZHevVzM5XCGw/41arLzLN3Y+YjhACZqpZmQlIekRSwct9CTE
mSXm5iMywWIoc7G6/MhOQehtfqouft4Oy78BM8fF6aykX4rowmcYhGWntpgKhD/e
bEXWElfDHpXZz4lwiABEH4k+IRtjZgUKZ1zK4AMMWb8z0dVkD0aWlLFSDPzejKkL
XsalmQhMdIdv+RakKw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org