Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aL4TNIT7sGrdewBOiiEGazs8IWg.roa
File: aL4TNIT7sGrdewBOiiEGazs8IWg.roa (raw, json)
Hash identifier: gxypiJhKf/ME/145lJZwSxqibDvUYOkeOcuyBVjwLhY=
Subject key identifier: 68:BE:13:34:84:FB:B0:6A:DD:7B:00:4E:8A:21:06:6B:3B:3C:21:68
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0183B29DED8018BA87956BB3E1A96A61BDE8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aL4TNIT7sGrdewBOiiEGazs8IWg.roa
Signing time: Fri 07 Oct 2022 13:23:57 +0000
ROA not before: Fri 07 Oct 2022 13:23:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 163.5.91.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.37.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.152.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b2:9d:ed:80:18:ba:87:95:6b:b3:e1:a9:6a:61:bd:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 7 13:23:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68be133484fbb06add7b004e8a21066b3b3c2168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:25:f5:0e:fe:92:de:b1:ce:d0:f2:54:3f:b9:
87:dd:b8:ae:64:b1:75:9f:2e:aa:40:33:ff:fc:fc:
22:7e:06:ba:08:99:bf:47:e7:ac:bf:61:eb:8f:cf:
d6:f7:80:43:c1:51:fa:1a:bf:1f:d5:d1:f8:bf:88:
37:51:ac:1f:9a:69:82:90:ea:cd:c9:55:fa:eb:b7:
45:23:76:4c:75:1e:c6:8d:72:af:0a:37:13:1b:ab:
1f:c0:bd:57:78:85:09:34:99:c2:99:ec:1f:2e:21:
bc:a5:22:18:96:6d:54:a9:99:88:aa:f1:e5:1a:15:
f2:76:ac:77:4c:d0:0d:73:7f:83:2e:bd:73:10:db:
6a:8f:5e:ce:a2:07:03:10:aa:4c:72:48:dd:2f:2c:
2d:39:48:6f:e6:89:4d:2c:40:3a:91:78:ff:1f:7e:
f2:3e:3e:99:3d:f8:aa:41:20:34:c8:96:21:dd:cb:
d8:58:0b:aa:73:d0:e3:36:6e:a8:eb:86:2d:6a:bc:
a0:fa:08:78:1b:34:2e:b1:2e:5c:ac:4f:63:f9:83:
29:21:e7:85:2b:1f:41:6a:3e:f2:3c:13:cc:5f:d6:
9a:99:71:f1:b6:f7:55:23:d6:8d:04:32:81:10:63:
40:e8:5f:43:37:99:12:f9:03:d6:35:ad:4a:4e:38:
ae:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BE:13:34:84:FB:B0:6A:DD:7B:00:4E:8A:21:06:6B:3B:3C:21:68
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aL4TNIT7sGrdewBOiiEGazs8IWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/23
163.5.37.0/24
163.5.39.0/24
163.5.91.0/24
163.5.97.0/24
163.5.99.0/24
163.5.118.0/23
163.5.124.0/24
163.5.152.0/24
163.5.158.0/24
163.5.169.0/24
163.5.179.0/24
163.5.212.0/24
163.5.214.0/24
163.5.223.0/24
163.5.249.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:0d:29:7d:2b:c5:16:95:73:18:75:8f:34:21:50:8b:15:61:
56:a7:29:22:53:ba:bf:f2:48:4b:c6:98:ca:95:02:6b:de:17:
22:11:69:f9:61:b8:1f:23:db:c5:58:88:66:c3:aa:3f:2b:93:
02:93:4a:32:8d:b2:32:b2:47:b0:1f:cc:39:54:01:52:30:5c:
26:dc:ef:fa:15:21:bc:d5:af:54:16:a5:89:b9:de:a5:53:8e:
90:89:33:17:6f:1c:8f:04:44:83:7d:59:08:c7:0b:b8:39:c7:
64:46:46:1b:47:9c:61:9a:18:98:a1:e3:24:db:e6:85:ff:fa:
b4:28:2f:1d:a9:fe:00:3a:ba:dd:0a:36:8a:b4:c1:02:73:68:
b5:1e:05:55:7e:eb:76:54:20:48:e2:ca:06:6e:74:8a:4f:fc:
45:de:47:15:aa:ab:7a:a6:d9:cc:b2:3a:ac:ca:99:94:fc:7e:
b9:e5:1f:65:79:47:a0:04:c1:44:fb:b6:d2:4f:9e:fb:d0:c8:
50:54:78:14:ed:33:dd:fe:16:ad:14:cb:5f:91:5c:b8:10:b8:
c5:da:6b:2a:b9:98:a5:7f:bd:f2:d3:94:32:3a:19:00:23:f9:
1f:b4:6b:cc:12:0c:1a:29:6b:17:a1:cf:6d:79:6f:27:4a:4e:
a0:ac:38:85
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYOyne2AGLqHlWuz4alqYb3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDA3MTMyMzU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJlMTMzNDg0ZmJiMDZhZGQ3YjAwNGU4YTIxMDY2YjNiM2MyMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiX1Dv6S3rHO0PJUP7mH3biuZLF1
ny6qQDP//Pwifga6CJm/R+esv2Hrj8/W94BDwVH6Gr8f1dH4v4g3UawfmmmCkOrN
yVX667dFI3ZMdR7GjXKvCjcTG6sfwL1XeIUJNJnCmewfLiG8pSIYlm1UqZmIqvHl
GhXydqx3TNANc3+DLr1zENtqj17OogcDEKpMckjdLywtOUhv5olNLEA6kXj/H37y
Pj6ZPfiqQSA0yJYh3cvYWAuqc9DjNm6o64Ytaryg+gh4GzQusS5crE9j+YMpIeeF
Kx9Baj7yPBPMX9aamXHxtvdVI9aNBDKBEGNA6F9DN5kS+QPWNa1KTjiuyQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFGi+EzSE+7Bq3XsAToohBms7PCFoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYUw0VE5JVDdzR3JkZXdCT2lpRUdhenM4SVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQBowUeAwQA
owUlAwQAowUnAwQAowVbAwQAowVhAwQAowVjAwQBowV2AwQAowV8AwQAowWYAwQA
owWeAwQAowWpAwQAowWzAwQAowXUAwQAowXWAwQAowXfAwQAowX5AwQAowX+MA0G
CSqGSIb3DQEBCwUAA4IBAQCqDSl9K8UWlXMYdY80IVCLFWFWpykiU7q/8khLxpjK
lQJr3hciEWn5YbgfI9vFWIhmw6o/K5MCk0oyjbIyskewH8w5VAFSMFwm3O/6FSG8
1a9UFqWJud6lU46QiTMXbxyPBESDfVkIxwu4OcdkRkYbR5xhmhiYoeMk2+aF//q0
KC8dqf4AOrrdCjaKtMECc2i1HgVVfut2VCBI4soGbnSKT/xF3kcVqqt6ptnMsjqs
ypmU/H655R9leUegBMFE+7bST5770MhQVHgU7TPd/hatFMtfkVy4ELjF2msquZil
f73y05QyOhkAI/kftGvMEgwaKWsXoc9teW8nSk6grDiF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:10 2023 by rpki-client on console-ams.rpki-client.org