Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gIWv_VctGwaA14nu4M4jnSnBu3k.roa
File: gIWv_VctGwaA14nu4M4jnSnBu3k.roa (raw, json)
Hash identifier: pDXSsi0JQYypv2C8FepL3QcSUeqtIXba7e/MbWAPkjs=
Subject key identifier: 80:85:AF:FD:57:2D:1B:06:80:D7:89:EE:E0:CE:23:9D:29:C1:BB:79
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01839DC8D657F35E006E705FE2E3EFC501A2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gIWv_VctGwaA14nu4M4jnSnBu3k.roa
Signing time: Mon 03 Oct 2022 12:18:48 +0000
ROA not before: Mon 03 Oct 2022 12:18:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 163.5.95.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:c8:d6:57:f3:5e:00:6e:70:5f:e2:e3:ef:c5:01:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 3 12:18:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8085affd572d1b0680d789eee0ce239d29c1bb79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0e:91:24:fc:a9:10:28:99:72:38:8a:3c:b1:
33:9f:24:1c:e1:d6:0e:70:c1:1e:f6:e0:14:d3:4e:
d3:76:50:2d:7b:a3:73:01:d0:ae:26:5f:5a:bc:be:
b1:94:9d:ca:e7:cb:ba:5a:8d:b6:ff:5d:a2:d5:04:
09:e4:d7:bc:b9:69:36:1a:71:41:67:e8:ab:93:e0:
76:66:c7:ca:0e:ac:d3:e5:d0:f9:59:b0:7d:be:de:
5e:c5:ba:42:e5:b1:c7:44:16:50:9b:e7:e0:9e:fc:
74:68:e1:7d:0c:0a:d9:97:8d:3d:13:e9:60:b4:b2:
f7:3f:73:b4:08:1e:38:df:6c:f9:b3:05:61:01:06:
a2:ef:21:5c:21:04:24:fb:8f:0f:20:1f:2b:67:dc:
68:40:8d:97:66:82:d3:9b:2b:c7:a4:c6:58:ea:7f:
91:96:1a:41:9c:f1:9a:af:27:b2:7f:13:3e:a4:0f:
67:2a:fe:a5:30:30:56:66:b1:da:ab:22:37:e6:12:
8f:7a:c1:1a:e6:08:20:39:47:52:9e:cd:57:73:0e:
3c:35:b1:99:fd:2e:59:fb:34:f5:94:fe:db:35:4c:
6d:e3:6c:54:6d:69:04:6c:a0:83:39:61:9d:e6:aa:
29:c2:ba:bb:75:1d:67:61:f5:75:2c:60:32:7f:7d:
8a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:85:AF:FD:57:2D:1B:06:80:D7:89:EE:E0:CE:23:9D:29:C1:BB:79
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gIWv_VctGwaA14nu4M4jnSnBu3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.94.0/23
163.5.113.0/24
163.5.116.0/24
163.5.127.0/24
163.5.132.0/23
163.5.136.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:7c:2b:21:2f:3b:92:39:40:13:b3:05:48:ec:e9:15:1b:87:
b6:f0:d2:69:0b:91:bd:0c:71:be:f8:59:06:f0:b7:fd:c6:dc:
f6:24:8d:2f:a7:74:58:b2:41:44:b4:40:fd:b8:e9:58:46:35:
de:0c:36:a5:7d:01:e4:6a:08:df:e2:b6:55:1a:f2:cb:b8:fd:
5d:be:e6:9d:3f:7d:ab:0e:fb:f3:8e:a7:cf:e6:6a:35:bf:9d:
ba:65:9c:6b:78:e7:33:8d:34:94:a4:fc:dc:11:8d:83:76:b3:
f0:fb:cd:e8:35:33:50:a9:28:22:f7:7f:59:9c:83:9a:1b:ea:
27:34:5a:24:07:ad:c4:99:7f:e7:c1:2e:66:41:19:1b:c4:4e:
f5:2a:ce:8a:d0:72:30:96:b9:aa:d9:63:31:cb:1b:be:72:72:
ee:e9:93:ab:0e:48:40:6b:15:bb:2c:20:91:9c:69:42:31:a0:
2d:62:1a:fc:fa:31:5e:f2:a9:40:8c:c4:18:bd:ad:f8:e0:79:
99:74:c2:8c:20:76:69:f3:34:61:a4:3f:5a:e5:a1:1f:c4:57:
88:5c:5f:28:4a:b2:7d:10:de:75:94:c0:b6:1a:19:c0:6d:d0:
38:f8:4a:94:e7:2c:03:16:a9:6b:c7:39:11:c1:25:b5:da:19:
14:22:75:bd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYOdyNZX814AbnBf4uPvxQGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDAzMTIxODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDg1YWZmZDU3MmQxYjA2ODBkNzg5ZWVlMGNlMjM5ZDI5YzFiYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoA6RJPypECiZcjiKPLEznyQc4dYO
cMEe9uAU007TdlAte6NzAdCuJl9avL6xlJ3K58u6Wo22/12i1QQJ5Ne8uWk2GnFB
Z+irk+B2ZsfKDqzT5dD5WbB9vt5exbpC5bHHRBZQm+fgnvx0aOF9DArZl409E+lg
tLL3P3O0CB4432z5swVhAQai7yFcIQQk+48PIB8rZ9xoQI2XZoLTmyvHpMZY6n+R
lhpBnPGaryeyfxM+pA9nKv6lMDBWZrHaqyI35hKPesEa5gggOUdSns1Xcw48NbGZ
/S5Z+zT1lP7bNUxt42xUbWkEbKCDOWGd5qopwrq7dR1nYfV1LGAyf32KvQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFICFr/1XLRsGgNeJ7uDOI50pwbt5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZ0lXdl9WY3RHd2FBMTRudTRNNGpuU25CdTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBowVeAwQA
owVxAwQAowV0AwQAowV/AwQBowWEAwQAowWIAwQAowXxMA0GCSqGSIb3DQEBCwUA
A4IBAQAffCshLzuSOUATswVI7OkVG4e28NJpC5G9DHG++FkG8Lf9xtz2JI0vp3RY
skFEtED9uOlYRjXeDDalfQHkagjf4rZVGvLLuP1dvuadP32rDvvzjqfP5mo1v526
ZZxreOczjTSUpPzcEY2DdrPw+83oNTNQqSgi939ZnIOaG+onNFokB63EmX/nwS5m
QRkbxE71Ks6K0HIwlrmq2WMxyxu+cnLu6ZOrDkhAaxW7LCCRnGlCMaAtYhr8+jFe
8qlAjMQYva344HmZdMKMIHZp8zRhpD9a5aEfxFeIXF8oSrJ9EN51lMC2GhnAbdA4
+EqU5ywDFqlrxzkRwSW12hkUInW9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org