Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Xi4lAt1tfTfDqDiVHjaAwMp8i3o.roa
File: Xi4lAt1tfTfDqDiVHjaAwMp8i3o.roa (raw, json)
Hash identifier: EyOu/7UmuBeCrfUgasyMzeYfCeQc3IswEKi/wbP+0i0=
Subject key identifier: 5E:2E:25:02:DD:6D:7D:37:C3:A8:38:95:1E:36:80:C0:CA:7C:8B:7A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0185158C004FADEE236F62A0CF05EC6C8072
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Xi4lAt1tfTfDqDiVHjaAwMp8i3o.roa
Signing time: Thu 15 Dec 2022 11:29:34 +0000
ROA not before: Thu 15 Dec 2022 11:29:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211936
IP address blocks: 163.5.215.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:15:8c:00:4f:ad:ee:23:6f:62:a0:cf:05:ec:6c:80:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 15 11:29:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e2e2502dd6d7d37c3a838951e3680c0ca7c8b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7c:24:81:67:e9:fa:d6:36:d2:de:9f:ed:98:
38:f9:9c:c8:50:50:f8:0e:c2:8f:60:72:40:6c:f4:
64:d1:15:27:47:15:aa:f9:a6:ff:93:0f:66:d6:28:
53:6c:6a:02:6c:6f:8f:74:18:cc:9b:61:40:b6:31:
21:11:ee:53:1b:29:a1:b4:d1:16:85:9c:cb:94:21:
8c:fc:ba:cb:6a:b7:a2:67:56:83:41:1a:3b:26:12:
d7:04:39:7d:91:fc:cf:a7:9d:22:42:d8:93:34:dc:
b5:1b:1a:f4:1e:01:bc:de:17:f2:fb:45:91:09:0c:
69:64:97:3d:f4:d1:4f:e8:11:2c:18:02:a5:c2:fa:
7f:69:8e:4e:79:1d:29:61:a2:19:5c:a4:55:d1:9e:
f8:35:ee:7c:98:cd:13:da:41:3b:fa:7c:78:7b:af:
36:bc:95:ae:cf:3a:11:5c:5e:39:64:df:66:e8:00:
e9:29:bc:08:43:78:6d:53:d8:7f:fc:2a:b8:6f:13:
39:23:e1:4f:af:e3:5a:bc:c9:39:6f:31:34:9b:9a:
eb:d1:9a:e6:84:cb:26:1c:93:58:38:e0:11:44:fe:
9e:1e:0d:7c:46:82:65:0f:b4:4f:06:03:ad:cd:98:
d5:ed:7b:eb:03:18:0c:f8:e0:5e:dd:56:ca:a2:71:
27:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:2E:25:02:DD:6D:7D:37:C3:A8:38:95:1E:36:80:C0:CA:7C:8B:7A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Xi4lAt1tfTfDqDiVHjaAwMp8i3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.106.0/24
163.5.118.0/23
163.5.159.0/24
163.5.215.0/24
163.5.225.0/24
163.5.229.0/24
Signature Algorithm: sha256WithRSAEncryption
06:13:de:b2:09:4e:73:a9:ba:b2:83:a6:2b:2d:85:ff:5e:47:
0a:1a:2f:2f:f7:3b:38:50:41:c8:15:ce:00:af:9d:a6:dd:b8:
78:21:fd:2d:45:53:20:4f:4c:a4:4e:2d:ac:1d:05:8b:0a:5a:
ce:ff:e7:86:1f:63:da:59:e4:92:07:10:8d:e5:6d:12:b1:a9:
57:b5:06:a2:61:f5:3e:bd:e3:65:37:5d:e3:14:87:27:52:4f:
28:fa:8b:06:cb:88:3f:92:6d:ba:3d:c4:49:75:50:83:60:10:
b8:43:88:a8:28:74:c2:25:ab:cd:48:86:88:e5:88:0f:7c:9b:
9d:40:02:70:07:35:f1:63:e2:ee:1c:2f:69:6b:78:30:af:23:
ab:93:ff:32:2c:96:62:d6:36:f1:03:f6:86:96:ae:cf:5d:ad:
95:c5:73:07:e8:5a:7a:c5:ba:2b:fe:ed:20:60:9b:42:71:0a:
b4:54:fa:a0:89:23:4c:75:f9:e5:42:b7:61:0e:f0:27:27:0e:
eb:07:5c:5f:c4:f7:53:8a:9d:dc:5a:de:fc:4b:59:d5:dd:43:
53:83:ae:26:be:a4:f2:31:84:87:02:7e:5c:76:dc:e8:d0:94:
52:cc:b7:9a:72:f8:ee:cd:5a:a7:67:ca:2d:cc:12:46:38:f1:
94:e9:73:b6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYUVjABPre4jb2KgzwXsbIByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjE1MTEyOTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTJlMjUwMmRkNmQ3ZDM3YzNhODM4OTUxZTM2ODBjMGNhN2M4YjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXwkgWfp+tY20t6f7Zg4+ZzIUFD4
DsKPYHJAbPRk0RUnRxWq+ab/kw9m1ihTbGoCbG+PdBjMm2FAtjEhEe5TGymhtNEW
hZzLlCGM/LrLareiZ1aDQRo7JhLXBDl9kfzPp50iQtiTNNy1Gxr0HgG83hfy+0WR
CQxpZJc99NFP6BEsGAKlwvp/aY5OeR0pYaIZXKRV0Z74Ne58mM0T2kE7+nx4e682
vJWuzzoRXF45ZN9m6ADpKbwIQ3htU9h//Cq4bxM5I+FPr+NavMk5bzE0m5rr0Zrm
hMsmHJNYOOARRP6eHg18RoJlD7RPBgOtzZjV7XvrAxgM+OBe3VbKonEnhwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF4uJQLdbX03w6g4lR42gMDKfIt6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWGk0bEF0MXRmVGZEcURpVkhqYUF3TXA4aTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowVqAwQB
owV2AwQAowWfAwQAowXXAwQAowXhAwQAowXlMA0GCSqGSIb3DQEBCwUAA4IBAQAG
E96yCU5zqbqyg6YrLYX/XkcKGi8v9zs4UEHIFc4Ar52m3bh4If0tRVMgT0ykTi2s
HQWLClrO/+eGH2PaWeSSBxCN5W0SsalXtQaiYfU+veNlN13jFIcnUk8o+osGy4g/
km26PcRJdVCDYBC4Q4ioKHTCJavNSIaI5YgPfJudQAJwBzXxY+LuHC9pa3gwryOr
k/8yLJZi1jbxA/aGlq7PXa2VxXMH6Fp6xbor/u0gYJtCcQq0VPqgiSNMdfnlQrdh
DvAnJw7rB1xfxPdTip3cWt78S1nV3UNTg64mvqTyMYSHAn5cdtzo0JRSzLeacvju
zVqnZ8otzBJGOPGU6XO2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:10 2023 by rpki-client on console-ams.rpki-client.org