Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bCS2avIXW1dfzHduIDabxcC17Kc.roa
File: bCS2avIXW1dfzHduIDabxcC17Kc.roa (raw, json)
Hash identifier: NXdd/1/URhQuVkR3/HrgrTF14z9eNMEU5iNCf3givOw=
Subject key identifier: 6C:24:B6:6A:F2:17:5B:57:5F:CC:77:6E:20:36:9B:C5:C0:B5:EC:A7
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0182F949F0DCDFE93AFB6F76462F8D3375EA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bCS2avIXW1dfzHduIDabxcC17Kc.roa
Signing time: Thu 01 Sep 2022 13:42:28 +0000
ROA not before: Thu 01 Sep 2022 13:42:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39120
IP address blocks: 163.5.205.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f9:49:f0:dc:df:e9:3a:fb:6f:76:46:2f:8d:33:75:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 1 13:42:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c24b66af2175b575fcc776e20369bc5c0b5eca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:98:d4:e8:ca:e1:4d:d3:3c:76:6a:e4:7f:a1:
32:21:46:31:76:8b:d6:da:ab:b8:49:c3:c5:58:22:
bb:14:96:cf:5d:a5:e1:a5:35:16:04:8c:f6:80:b9:
7f:50:24:8b:5b:54:1b:e7:6d:f8:14:ac:b6:58:a2:
3f:1b:8e:65:f6:13:e5:b1:fd:c8:61:72:8f:6e:8a:
b4:d1:d0:3b:57:6e:8f:96:2d:0e:cb:6f:e6:04:9a:
9b:db:c3:bd:56:06:2d:61:d3:b1:75:fd:f2:d4:99:
9c:76:08:94:48:56:59:1a:5a:79:01:06:2e:69:6c:
e9:21:57:5e:83:09:f9:de:e9:4f:1c:15:0e:7d:99:
32:04:44:b7:96:16:f3:94:dd:a8:04:7f:6d:7d:50:
5d:34:b6:37:ad:6d:80:be:03:6c:3e:ea:35:f8:5e:
88:d2:c2:05:1e:a7:c9:83:e2:70:0b:59:4f:67:c6:
22:d6:7e:ee:ec:62:2c:45:52:53:fa:bc:5f:33:20:
17:4a:0b:25:5b:4a:72:05:03:3f:82:72:4f:cb:e9:
5a:05:13:4b:9c:67:5f:d2:33:a7:e2:8b:e9:bc:12:
c3:27:9c:22:c5:52:7a:ee:48:bc:3b:3b:70:0e:31:
b9:b6:51:65:01:0a:28:ed:b9:1a:5e:98:6e:60:c9:
75:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:24:B6:6A:F2:17:5B:57:5F:CC:77:6E:20:36:9B:C5:C0:B5:EC:A7
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bCS2avIXW1dfzHduIDabxcC17Kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.201.0/24
163.5.203.0-163.5.205.255
Signature Algorithm: sha256WithRSAEncryption
9b:15:e2:ed:ac:24:b9:f4:2b:27:67:f8:4a:7b:95:2f:8f:38:
06:0c:05:e9:c5:97:32:96:06:e0:68:19:68:4b:3e:99:5a:7e:
69:a9:65:0a:2d:0c:65:5b:a8:31:75:ef:7a:54:5b:9c:65:c8:
e3:6b:ae:6e:6f:68:50:b8:41:eb:ad:76:8e:c3:dd:b6:0c:fa:
94:f7:ff:47:78:2b:20:51:90:7b:ce:53:54:e6:78:7c:6f:cc:
37:de:77:e8:64:0e:5f:0b:e0:f8:ce:c4:ff:cb:0a:27:ab:77:
bb:23:92:f7:05:90:79:77:80:c7:47:41:20:c3:61:c3:b3:6a:
67:14:f6:03:0e:5d:59:ac:f6:d0:e5:85:7b:c2:72:eb:90:f7:
71:55:4b:55:64:34:b6:1d:7b:cf:9c:eb:4a:0c:32:d1:df:66:
3c:6c:d9:5c:a5:31:03:8c:89:ae:9d:c9:da:7c:2e:84:09:29:
9a:1e:9d:b9:87:9d:c4:61:50:09:9d:72:73:aa:ae:b6:33:3a:
2e:a4:f4:0f:48:34:03:f8:55:9c:ee:54:1f:33:2f:ff:e2:5c:
a9:50:a0:a0:d3:1a:28:75:2e:cb:a1:bc:e3:a0:9c:a6:76:36:
cc:de:cd:b3:94:50:76:99:26:cb:b9:18:cb:ec:1a:ae:a3:1a:
a3:0e:6c:7b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYL5SfDc3+k6+292Ri+NM3XqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTAxMTM0MjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzI0YjY2YWYyMTc1YjU3NWZjYzc3NmUyMDM2OWJjNWMwYjVlY2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5jU6MrhTdM8dmrkf6EyIUYxdovW
2qu4ScPFWCK7FJbPXaXhpTUWBIz2gLl/UCSLW1Qb5234FKy2WKI/G45l9hPlsf3I
YXKPboq00dA7V26Pli0Oy2/mBJqb28O9VgYtYdOxdf3y1JmcdgiUSFZZGlp5AQYu
aWzpIVdegwn53ulPHBUOfZkyBES3lhbzlN2oBH9tfVBdNLY3rW2AvgNsPuo1+F6I
0sIFHqfJg+JwC1lPZ8Yi1n7u7GIsRVJT+rxfMyAXSgslW0pyBQM/gnJPy+laBRNL
nGdf0jOn4ovpvBLDJ5wixVJ67ki8OztwDjG5tlFlAQoo7bkaXphuYMl11QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGwktmryF1tXX8x3biA2m8XAteynMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYkNTMmF2SVhXMWRmekhkdUlEYWJ4Y0MxN0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAowXJMAwD
BACjBcsDBAGjBcwwDQYJKoZIhvcNAQELBQADggEBAJsV4u2sJLn0Kydn+Ep7lS+P
OAYMBenFlzKWBuBoGWhLPplafmmpZQotDGVbqDF173pUW5xlyONrrm5vaFC4Qeut
do7D3bYM+pT3/0d4KyBRkHvOU1TmeHxvzDfed+hkDl8L4PjOxP/LCierd7sjkvcF
kHl3gMdHQSDDYcOzamcU9gMOXVms9tDlhXvCcuuQ93FVS1VkNLYde8+c60oMMtHf
Zjxs2VylMQOMia6dydp8LoQJKZoenbmHncRhUAmdcnOqrrYzOi6k9A9INAP4VZzu
VB8zL//iXKlQoKDTGih1LsuhvOOgnKZ2NszezbOUUHaZJsu5GMvsGq6jGqMObHs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:10 2023 by rpki-client on console-ams.rpki-client.org