Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fAlpnZHtiVbsxxupyAQ3CdSbRdY.roa
File: fAlpnZHtiVbsxxupyAQ3CdSbRdY.roa (raw, json)
Hash identifier: EODigiq7hVWzUTJp8sMfnUnT35jZBkph+8thj5h1CAw=
Subject key identifier: 7C:09:69:9D:91:ED:89:56:EC:C7:1B:A9:C8:04:37:09:D4:9B:45:D6
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018558F458C83F377C7DF3F15C6BEFC7DE6F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fAlpnZHtiVbsxxupyAQ3CdSbRdY.roa
Signing time: Wed 28 Dec 2022 13:38:06 +0000
ROA not before: Wed 28 Dec 2022 13:38:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 163.5.79.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:58:f4:58:c8:3f:37:7c:7d:f3:f1:5c:6b:ef:c7:de:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 28 13:38:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c09699d91ed8956ecc71ba9c8043709d49b45d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b6:89:ce:5c:bf:66:6c:d0:d1:41:f6:7c:4c:
e3:4a:eb:ee:ac:1e:cf:7f:35:68:13:b0:0d:f4:06:
0a:5a:71:2c:16:49:02:98:5c:5e:8e:33:76:95:28:
6b:d4:67:70:b4:f5:3f:64:b3:d3:60:3c:d0:33:0f:
42:93:0f:9e:8a:b5:8d:61:28:fa:6b:db:05:5c:b6:
c8:2e:f4:c6:ec:7e:6a:f1:70:28:a1:59:11:04:60:
00:69:c1:40:73:16:77:7c:11:15:f5:55:29:13:17:
c3:2c:54:15:74:09:23:22:28:9d:fe:59:bc:bf:d0:
7d:93:98:b6:97:69:fa:0d:db:c2:8e:0f:51:cb:57:
f4:9c:a8:a7:a1:a3:11:b4:3b:6d:b9:da:9f:21:16:
b9:e7:68:bb:34:01:7f:a7:32:9d:21:dc:0f:c8:e4:
6c:78:60:58:2d:a8:46:9d:84:8f:f2:97:f2:14:83:
8f:29:56:21:2e:27:f8:40:63:b2:74:4e:b1:23:72:
e6:59:65:fb:40:58:10:b3:ca:2b:f9:a8:b6:f6:35:
98:c4:b5:a3:40:fd:3a:ab:68:1d:8c:6e:e3:11:7b:
ee:bf:72:02:5a:2d:c3:1f:94:ba:ce:a1:00:48:cb:
bd:bd:bf:c5:54:2a:27:d2:c1:6b:06:d1:e3:62:02:
64:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:09:69:9D:91:ED:89:56:EC:C7:1B:A9:C8:04:37:09:D4:9B:45:D6
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fAlpnZHtiVbsxxupyAQ3CdSbRdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.79.0/24
163.5.134.0/24
163.5.220.0/24
163.5.223.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:ca:31:06:42:42:32:ee:2a:cb:ae:2e:dc:b8:88:03:d5:2f:
73:37:de:0a:bf:3d:db:b6:75:cc:52:09:82:d2:89:82:2e:f3:
28:08:83:36:7a:f5:09:d8:c8:ff:15:f4:f6:93:42:00:f1:da:
d0:3e:6c:c8:66:af:29:50:e5:11:a8:f5:4f:f1:ac:5d:ad:7d:
1e:b6:f0:63:bb:2c:60:d1:40:97:3d:88:6f:aa:83:03:7e:78:
f1:ef:36:1e:58:14:ab:5f:4b:07:92:92:48:ef:da:2c:7c:3a:
b6:3e:bf:4e:89:0a:90:df:ca:8c:15:3f:46:68:72:c5:39:2e:
c9:19:2f:a7:d0:04:bb:01:27:fb:28:6d:6e:68:0c:64:06:72:
96:92:84:ed:20:78:8c:ce:d5:ac:f1:fc:b8:95:80:f3:76:a7:
35:ed:72:67:2f:f3:b9:06:4d:19:09:8a:30:eb:0a:c1:bd:e3:
cc:0e:8c:5a:5b:c2:20:dc:53:3f:bf:0a:ce:47:49:0a:f1:cb:
39:c8:8e:fa:57:4d:e9:87:1e:a4:9a:ec:81:bc:e0:9b:b0:10:
70:14:d6:1e:9d:e3:a2:f0:f9:7d:5d:86:f5:c1:c8:a4:85:42:
6a:74:7c:87:25:91:7a:0d:91:c0:56:4d:57:b2:f2:e3:cc:71:
a5:a5:84:c8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVY9FjIPzd8ffPxXGvvx95vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjI4MTMzODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzA5Njk5ZDkxZWQ4OTU2ZWNjNzFiYTljODA0MzcwOWQ0OWI0NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlraJzly/ZmzQ0UH2fEzjSuvurB7P
fzVoE7AN9AYKWnEsFkkCmFxejjN2lShr1GdwtPU/ZLPTYDzQMw9Ckw+eirWNYSj6
a9sFXLbILvTG7H5q8XAooVkRBGAAacFAcxZ3fBEV9VUpExfDLFQVdAkjIiid/lm8
v9B9k5i2l2n6DdvCjg9Ry1f0nKinoaMRtDttudqfIRa552i7NAF/pzKdIdwPyORs
eGBYLahGnYSP8pfyFIOPKVYhLif4QGOydE6xI3LmWWX7QFgQs8or+ai29jWYxLWj
QP06q2gdjG7jEXvuv3ICWi3DH5S6zqEASMu9vb/FVCon0sFrBtHjYgJktwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHwJaZ2R7YlW7McbqcgENwnUm0XWMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZkFscG5aSHRpVmJzeHh1cHlBUTNDZFNiUmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVPAwQA
owWGAwQAowXcAwQAowXfMA0GCSqGSIb3DQEBCwUAA4IBAQCdyjEGQkIy7irLri7c
uIgD1S9zN94Kvz3btnXMUgmC0omCLvMoCIM2evUJ2Mj/FfT2k0IA8drQPmzIZq8p
UOURqPVP8axdrX0etvBjuyxg0UCXPYhvqoMDfnjx7zYeWBSrX0sHkpJI79osfDq2
Pr9OiQqQ38qMFT9GaHLFOS7JGS+n0AS7ASf7KG1uaAxkBnKWkoTtIHiMztWs8fy4
lYDzdqc17XJnL/O5Bk0ZCYow6wrBvePMDoxaW8Ig3FM/vwrOR0kK8cs5yI76V03p
hx6kmuyBvOCbsBBwFNYeneOi8Pl9XYb1wcikhUJqdHyHJZF6DZHAVk1XsvLjzHGl
pYTI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:10 2023 by rpki-client on console-ams.rpki-client.org