Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XbLH3CW5gnhzsg4VDmrjc4AITog.roa
File: XbLH3CW5gnhzsg4VDmrjc4AITog.roa (raw, json)
Hash identifier: LIvhGIwFb9YtIcUsOaRUHiPlOmZA++WNIu52qNOVYJE=
Subject key identifier: 5D:B2:C7:DC:25:B9:82:78:73:B2:0E:15:0E:6A:E3:73:80:08:4E:88
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184D81029AA1876EC1215F2BC3A51412653
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XbLH3CW5gnhzsg4VDmrjc4AITog.roa
Signing time: Sat 03 Dec 2022 12:57:28 +0000
ROA not before: Sat 03 Dec 2022 12:57:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 163.5.90.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.236.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d8:10:29:aa:18:76:ec:12:15:f2:bc:3a:51:41:26:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 3 12:57:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5db2c7dc25b9827873b20e150e6ae37380084e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ea:60:be:60:f6:b4:99:6e:15:c7:97:84:2a:
d1:2f:1c:31:7d:5c:8a:d7:2a:1b:a6:b8:63:e9:cd:
b6:cb:5b:ba:8b:fb:78:db:e5:4e:ec:63:9f:55:8e:
cb:34:cd:5c:b7:1a:07:0d:a3:97:8e:55:ea:25:8e:
a8:5b:76:15:1d:a9:08:7b:30:2d:66:08:b4:15:37:
08:e7:23:7d:7f:7d:b6:c5:fa:08:b6:b3:55:92:16:
d7:76:6f:4f:f5:cb:64:ea:3c:27:eb:1c:92:6b:c4:
63:eb:c2:41:f8:80:cc:94:8f:7e:82:dc:52:c7:5b:
b3:60:09:e9:c6:c4:e9:e2:5d:00:34:e7:67:89:22:
71:f3:6d:ec:9c:ea:7a:2c:0e:80:09:26:cf:63:47:
15:51:79:da:67:d8:22:1a:87:8d:e7:e3:bd:91:09:
42:a1:50:1c:a7:59:39:8a:08:7c:12:16:3a:96:76:
3a:8e:80:44:c3:2e:d5:7c:6d:11:a1:a2:f6:ed:24:
ac:e7:cf:30:87:82:bf:42:ef:6f:ff:58:47:b3:7f:
23:de:f0:a5:79:d0:12:fe:d6:47:54:33:a8:f6:04:
e1:3a:69:1e:51:b0:8b:8f:9a:75:fc:c1:a0:f8:cd:
c7:b0:d7:a9:08:d8:27:10:20:ec:7c:05:53:fe:d8:
ef:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B2:C7:DC:25:B9:82:78:73:B2:0E:15:0E:6A:E3:73:80:08:4E:88
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XbLH3CW5gnhzsg4VDmrjc4AITog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.90.0/24
163.5.140.0/24
163.5.233.0/24
163.5.236.0/24
163.5.247.0/24
Signature Algorithm: sha256WithRSAEncryption
47:a0:d7:08:c0:bc:8e:1b:fc:4a:0a:34:23:13:9b:cd:8a:57:
ad:71:0a:b3:ff:42:5f:ba:74:1d:a3:3a:96:dd:e7:e6:70:53:
28:b4:0e:87:4a:db:80:bc:79:9d:72:a8:ce:d0:67:5a:5c:ec:
4d:f5:4d:fe:98:59:9e:86:64:a3:2a:8b:61:94:82:6f:b4:1c:
4c:b8:23:29:ea:41:a6:1e:95:4c:de:49:b6:84:53:eb:2c:9a:
db:f2:63:fd:96:fa:9d:13:d6:ab:cc:f1:12:5b:a2:37:06:d8:
ed:d3:1e:ed:2a:9a:34:8c:26:dd:3f:ed:d5:7b:1a:b8:34:5e:
95:59:89:77:24:6d:de:6e:2f:88:e1:6d:e8:bf:62:b9:49:1c:
fc:aa:fe:98:4f:a6:7d:af:1b:f6:37:b3:0c:57:bd:7b:74:b2:
a5:7a:4a:a5:c5:f6:ab:14:54:1e:06:05:77:aa:9a:99:dd:da:
c3:0f:02:23:c5:78:9c:06:4e:ff:aa:df:2a:05:37:3b:98:29:
40:60:3b:3c:45:85:02:8c:f3:38:08:b3:d9:78:99:4a:6b:55:
52:28:94:8e:b7:4b:d5:17:14:de:bd:9b:68:be:3d:36:bd:60:
85:a8:22:57:63:51:57:b8:75:dc:81:a2:e5:fc:49:da:c4:db:
98:31:9a:61
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYTYECmqGHbsEhXyvDpRQSZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjAzMTI1NzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGIyYzdkYzI1Yjk4Mjc4NzNiMjBlMTUwZTZhZTM3MzgwMDg0ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiupgvmD2tJluFceXhCrRLxwxfVyK
1yobprhj6c22y1u6i/t42+VO7GOfVY7LNM1ctxoHDaOXjlXqJY6oW3YVHakIezAt
Zgi0FTcI5yN9f322xfoItrNVkhbXdm9P9ctk6jwn6xySa8Rj68JB+IDMlI9+gtxS
x1uzYAnpxsTp4l0ANOdniSJx823snOp6LA6ACSbPY0cVUXnaZ9giGoeN5+O9kQlC
oVAcp1k5igh8EhY6lnY6joBEwy7VfG0RoaL27SSs588wh4K/Qu9v/1hHs38j3vCl
edAS/tZHVDOo9gThOmkeUbCLj5p1/MGg+M3HsNepCNgnECDsfAVT/tjvYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF2yx9wluYJ4c7IOFQ5q43OACE6IMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWGJMSDNDVzVnbmh6c2c0VkRtcmpjNEFJVG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowVaAwQA
owWMAwQAowXpAwQAowXsAwQAowX3MA0GCSqGSIb3DQEBCwUAA4IBAQBHoNcIwLyO
G/xKCjQjE5vNiletcQqz/0JfunQdozqW3efmcFMotA6HStuAvHmdcqjO0GdaXOxN
9U3+mFmehmSjKothlIJvtBxMuCMp6kGmHpVM3km2hFPrLJrb8mP9lvqdE9arzPES
W6I3Btjt0x7tKpo0jCbdP+3Vexq4NF6VWYl3JG3ebi+I4W3ov2K5SRz8qv6YT6Z9
rxv2N7MMV717dLKlekqlxfarFFQeBgV3qpqZ3drDDwIjxXicBk7/qt8qBTc7mClA
YDs8RYUCjPM4CLPZeJlKa1VSKJSOt0vVFxTevZtovj02vWCFqCJXY1FXuHXcgaLl
/EnaxNuYMZph
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org