Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bCWAPxl3QjeWdWe7CzSQ39KjFhU.roa
File: bCWAPxl3QjeWdWe7CzSQ39KjFhU.roa (raw, json)
Hash identifier: kgYQa6jpsSMNBaGe+j5bQyrAYR4nMVQqOFqn/EsdsYk=
Subject key identifier: 6C:25:80:3F:19:77:42:37:96:75:67:BB:0B:34:90:DF:D2:A3:16:15
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0183D0FC430D0C86F286E9DE10C9F1248322
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bCWAPxl3QjeWdWe7CzSQ39KjFhU.roa
Signing time: Thu 13 Oct 2022 10:55:36 +0000
ROA not before: Thu 13 Oct 2022 10:55:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64267
IP address blocks: 163.5.129.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:fc:43:0d:0c:86:f2:86:e9:de:10:c9:f1:24:83:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 13 10:55:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c25803f19774237967567bb0b3490dfd2a31615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:06:7f:69:a0:c3:59:8b:11:ec:2f:38:02:61:
e6:8c:2e:4b:b8:8f:e3:71:c9:40:0c:c4:01:94:84:
7f:b7:e5:80:2e:0d:06:96:a5:bd:ff:b4:fa:07:79:
48:df:5a:66:dd:c4:a8:de:e9:b4:3a:10:f0:77:63:
c8:e6:69:9a:a0:ac:f4:1a:b8:77:1a:71:61:f8:94:
b1:75:25:d7:3a:4e:b9:05:d0:59:99:a8:51:15:ff:
7a:14:cb:fb:8d:eb:7f:12:09:17:37:0a:91:4d:71:
1c:64:7a:41:03:0f:2f:e4:58:b5:9c:be:4f:00:b5:
51:2d:74:92:fa:81:9d:6d:9a:52:0d:b8:62:6b:b7:
a3:fa:7f:39:b7:b1:20:dd:10:b8:9b:76:83:b4:38:
da:0f:4e:e8:90:ab:87:28:3e:ba:9a:ed:00:c0:00:
79:11:bd:44:d1:2e:64:62:b4:bd:9b:c9:66:45:66:
51:f9:0c:be:43:21:b0:50:57:7e:2c:12:4f:44:2b:
19:9a:ab:95:d6:8e:0a:f4:ee:3f:f9:d7:87:69:8b:
eb:de:74:53:70:60:a9:ca:a5:e0:88:9d:a7:72:db:
b9:79:3c:50:63:e5:6a:16:84:91:64:ad:42:db:e5:
e6:2d:53:d4:61:7f:db:c6:f6:cf:61:28:ac:2b:c4:
ca:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:25:80:3F:19:77:42:37:96:75:67:BB:0B:34:90:DF:D2:A3:16:15
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bCWAPxl3QjeWdWe7CzSQ39KjFhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.129.0/24
163.5.134.0/23
Signature Algorithm: sha256WithRSAEncryption
48:c6:78:9e:e2:64:ad:dd:e4:b7:d3:55:76:eb:a6:48:7e:eb:
dd:5b:05:dd:87:95:10:db:6e:2c:3e:90:eb:a0:4e:29:6c:59:
0b:40:0b:c1:74:40:51:c3:36:df:e3:d3:9a:b2:bf:d9:9d:2c:
fc:a7:60:bd:90:a9:00:c3:24:24:37:ed:06:65:1d:4b:fc:a1:
16:d9:88:25:82:b6:6f:b7:58:6e:d9:de:e7:de:77:77:fe:99:
ca:40:ad:66:ee:cc:de:1d:1f:83:7a:46:3a:e6:fb:e1:65:9a:
05:95:37:73:bb:29:4f:48:5c:d4:1f:f5:20:c0:68:d6:f2:91:
ed:a4:69:14:5d:50:00:54:9d:41:3f:8b:00:b9:42:9f:38:56:
fe:73:c2:2b:a8:7e:34:b0:57:0e:34:14:88:d9:f9:e7:df:5b:
3e:b8:7b:5f:19:21:37:dd:64:5b:4d:b1:98:f5:be:d5:80:75:
90:c3:74:31:de:77:3f:44:9f:ed:1d:91:7b:96:4e:0d:1d:ba:
9f:ec:96:2a:c8:a1:11:fc:41:d8:9b:91:5f:41:8d:fd:89:58:
60:21:4f:77:9a:c3:97:04:a8:8b:9b:7a:b0:7d:f4:b2:11:6d:
15:78:86:92:57:88:ed:e9:58:c8:ac:dc:67:6c:d4:d2:35:3a:
9f:ea:b1:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPQ/EMNDIbyhuneEMnxJIMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDEzMTA1NTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzI1ODAzZjE5Nzc0MjM3OTY3NTY3YmIwYjM0OTBkZmQyYTMxNjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwZ/aaDDWYsR7C84AmHmjC5LuI/j
cclADMQBlIR/t+WALg0GlqW9/7T6B3lI31pm3cSo3um0OhDwd2PI5mmaoKz0Grh3
GnFh+JSxdSXXOk65BdBZmahRFf96FMv7jet/EgkXNwqRTXEcZHpBAw8v5Fi1nL5P
ALVRLXSS+oGdbZpSDbhia7ej+n85t7Eg3RC4m3aDtDjaD07okKuHKD66mu0AwAB5
Eb1E0S5kYrS9m8lmRWZR+Qy+QyGwUFd+LBJPRCsZmquV1o4K9O4/+deHaYvr3nRT
cGCpyqXgiJ2nctu5eTxQY+VqFoSRZK1C2+XmLVPUYX/bxvbPYSisK8TKbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGwlgD8Zd0I3lnVnuws0kN/SoxYVMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYkNXQVB4bDNRamVXZFdlN0N6U1EzOUtqRmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWBAwQB
owWGMA0GCSqGSIb3DQEBCwUAA4IBAQBIxnie4mSt3eS301V266ZIfuvdWwXdh5UQ
224sPpDroE4pbFkLQAvBdEBRwzbf49Oasr/ZnSz8p2C9kKkAwyQkN+0GZR1L/KEW
2YglgrZvt1hu2d7n3nd3/pnKQK1m7szeHR+DekY65vvhZZoFlTdzuylPSFzUH/Ug
wGjW8pHtpGkUXVAAVJ1BP4sAuUKfOFb+c8IrqH40sFcONBSI2fnn31s+uHtfGSE3
3WRbTbGY9b7VgHWQw3Qx3nc/RJ/tHZF7lk4NHbqf7JYqyKER/EHYm5FfQY39iVhg
IU93msOXBKiLm3qwffSyEW0VeIaSV4jt6VjIrNxnbNTSNTqf6rGf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org