Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dSt6AX_ynCKGMEYY2jI7y9E9_JI.roa
File: dSt6AX_ynCKGMEYY2jI7y9E9_JI.roa (raw, json)
Hash identifier: r1lX6oXlVKJyZkAl/E8+lpiYK3/WtuyeJ7i3hx8Pjs8=
Subject key identifier: 75:2B:7A:01:7F:F2:9C:22:86:30:46:18:DA:32:3B:CB:D1:3D:FC:92
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018486E0678A7E60673754F5E9708F9D5A6C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dSt6AX_ynCKGMEYY2jI7y9E9_JI.roa
Signing time: Thu 17 Nov 2022 18:36:04 +0000
ROA not before: Thu 17 Nov 2022 18:36:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.187.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:e0:67:8a:7e:60:67:37:54:f5:e9:70:8f:9d:5a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 17 18:36:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=752b7a017ff29c2286304618da323bcbd13dfc92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b3:6b:2b:de:35:e7:fb:a9:5d:18:79:55:78:
54:fc:57:cb:70:28:9f:03:f7:ed:8d:0d:2a:07:f2:
b9:9e:0d:3b:de:b2:0e:98:71:5d:71:09:50:24:57:
15:15:81:7f:1d:dc:75:08:0c:20:ce:d4:46:cb:d3:
78:ca:d5:27:d7:6f:e5:44:7e:9d:b4:e9:da:9c:f1:
50:c3:b9:43:ba:e8:01:00:f7:36:ea:3f:19:73:e5:
eb:6f:2a:df:41:d6:91:ab:21:0d:3b:ac:d3:44:75:
c8:d9:ff:9e:db:af:0e:6a:1a:55:97:21:a9:b7:09:
bd:5a:90:fb:c0:8a:ad:e4:05:ed:07:48:28:7d:11:
96:ed:22:03:ba:6b:a7:d5:0f:0b:e7:5a:68:4f:23:
79:13:2e:2b:47:cb:5e:dd:ab:51:4e:05:49:4a:09:
59:9a:15:45:55:57:d9:96:81:ef:cd:d2:85:a2:94:
17:0e:0a:03:c4:cb:6b:d6:d1:b9:df:eb:9a:f3:c5:
a6:fe:5d:91:2e:51:62:9e:89:0a:57:78:2c:1e:1a:
3e:91:93:ab:49:2f:ae:dc:38:a9:81:50:22:b1:ec:
08:9c:c2:12:7d:2c:39:cd:97:1a:06:5f:f0:6d:19:
ac:5d:6a:39:e3:04:05:0b:cd:78:31:40:bd:86:cb:
91:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:2B:7A:01:7F:F2:9C:22:86:30:46:18:DA:32:3B:CB:D1:3D:FC:92
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dSt6AX_ynCKGMEYY2jI7y9E9_JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.112.0/24
163.5.130.0/24
163.5.134.0/24
163.5.153.0/24
163.5.187.0/24
163.5.192.0/24
Signature Algorithm: sha256WithRSAEncryption
01:89:73:14:d5:38:69:a0:95:e8:90:1c:b3:50:44:75:88:af:
47:73:25:de:c0:32:e2:de:f1:5e:da:ae:fc:ce:cc:d3:03:76:
e6:0b:2b:f5:47:3d:06:d8:86:20:91:78:52:5a:ec:93:ee:5e:
61:ed:6e:cc:14:25:b0:15:a4:e7:4a:58:11:12:21:9d:1a:68:
93:1d:b8:28:34:f1:e8:6b:71:8f:b0:ed:2e:e7:66:65:35:44:
24:05:99:bf:49:89:55:1b:57:54:d7:f3:61:a1:ca:00:4a:62:
c8:88:b9:c9:eb:da:19:f0:ba:2a:43:bf:11:cb:2f:11:c5:42:
12:20:04:e0:0f:26:e4:e3:b3:42:1b:ed:68:cc:77:e4:10:a7:
fa:e7:d3:87:c4:2f:e4:e7:5d:fd:c6:05:28:c4:99:a5:bc:b8:
1a:59:0a:44:ad:35:42:67:8d:9c:4c:aa:55:3a:10:99:03:41:
6c:5c:b4:1a:13:e3:1c:8d:91:47:72:46:e4:e2:51:60:36:2c:
db:e3:b9:7b:4b:b8:a9:ca:e9:5e:74:60:bb:cd:a6:ce:fe:90:
05:03:a3:0b:15:b7:e9:82:4f:e6:7d:1e:9f:be:52:7f:28:07:
91:a4:86:a1:3c:ca:43:d8:4f:14:e8:50:fb:6f:9d:0c:8b:3e:
5b:19:91:e9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYSG4GeKfmBnN1T16XCPnVpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTE3MTgzNjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTJiN2EwMTdmZjI5YzIyODYzMDQ2MThkYTMyM2JjYmQxM2RmYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLNrK9415/upXRh5VXhU/FfLcCif
A/ftjQ0qB/K5ng073rIOmHFdcQlQJFcVFYF/Hdx1CAwgztRGy9N4ytUn12/lRH6d
tOnanPFQw7lDuugBAPc26j8Zc+XrbyrfQdaRqyENO6zTRHXI2f+e268OahpVlyGp
twm9WpD7wIqt5AXtB0gofRGW7SIDumun1Q8L51poTyN5Ey4rR8te3atRTgVJSglZ
mhVFVVfZloHvzdKFopQXDgoDxMtr1tG53+ua88Wm/l2RLlFinokKV3gsHho+kZOr
SS+u3DipgVAisewInMISfSw5zZcaBl/wbRmsXWo54wQFC814MUC9hsuRnwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHUregF/8pwihjBGGNoyO8vRPfySMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZFN0NkFYX3luQ0tHTUVZWTJqSTd5OUU5X0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowVwAwQA
owWCAwQAowWGAwQAowWZAwQAowW7AwQAowXAMA0GCSqGSIb3DQEBCwUAA4IBAQAB
iXMU1ThpoJXokByzUER1iK9HcyXewDLi3vFe2q78zszTA3bmCyv1Rz0G2IYgkXhS
WuyT7l5h7W7MFCWwFaTnSlgREiGdGmiTHbgoNPHoa3GPsO0u52ZlNUQkBZm/SYlV
G1dU1/NhocoASmLIiLnJ69oZ8LoqQ78Ryy8RxUISIATgDybk47NCG+1ozHfkEKf6
59OHxC/k5139xgUoxJmlvLgaWQpErTVCZ42cTKpVOhCZA0FsXLQaE+McjZFHckbk
4lFgNizb47l7S7ipyuledGC7zabO/pAFA6MLFbfpgk/mfR6fvlJ/KAeRpIahPMpD
2E8U6FD7b50Miz5bGZHp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org