Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ghBwCEZ_28TAj0JqA7Py6c9liA0.roa
File: ghBwCEZ_28TAj0JqA7Py6c9liA0.roa (raw, json)
Hash identifier: J848yIGuid5ev2MJH5vTo0xhH83wKL79xYByFrLDDBY=
Subject key identifier: 82:10:70:08:46:7F:DB:C4:C0:8F:42:6A:03:B3:F2:E9:CF:65:88:0D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184BEAED9F6ED7E91ED893FD6447244A498
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ghBwCEZ_28TAj0JqA7Py6c9liA0.roa
Signing time: Mon 28 Nov 2022 14:40:40 +0000
ROA not before: Mon 28 Nov 2022 14:40:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 163.5.91.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
163.5.37.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.152.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:ae:d9:f6:ed:7e:91:ed:89:3f:d6:44:72:44:a4:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 28 14:40:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82107008467fdbc4c08f426a03b3f2e9cf65880d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:22:1f:67:52:7c:ac:54:15:f5:c6:12:98:47:
58:0d:7f:8e:7f:d2:d9:e0:7f:93:62:5d:43:43:95:
74:f9:b1:18:39:63:f3:25:a0:e6:fa:fc:4f:71:2b:
a5:72:4f:c8:dc:a8:61:c8:95:26:20:b4:4b:0b:b2:
35:01:54:fd:0d:4d:9a:e9:fc:0f:c5:b0:da:fa:b9:
2b:ee:a2:46:04:37:a6:13:b4:b4:53:6e:dc:48:a6:
1e:86:e9:12:7a:74:90:f1:3c:33:1f:8e:80:e6:88:
8a:06:80:a2:39:f6:e2:f0:8d:7e:d6:b8:fb:17:2e:
b4:a7:a1:f8:a2:f2:c1:44:d6:3d:04:c5:88:f2:4b:
af:d1:76:0e:23:bd:a8:ba:14:8b:dd:31:e5:6b:cc:
a6:30:5a:f9:1c:5e:8f:26:c0:d4:0e:d5:73:af:ec:
92:e8:fe:d3:8b:39:9a:45:78:1e:00:b5:09:4f:d9:
a1:8a:63:61:09:34:71:b0:d7:08:ff:4d:64:e5:73:
37:33:cd:9c:16:5f:56:5f:30:e7:d1:c7:a7:38:64:
09:b3:5d:ea:f9:56:d8:b3:41:59:fe:03:84:fe:cd:
0a:bd:86:a2:88:79:4c:b3:fa:50:54:08:c8:85:d3:
6d:07:3c:2b:ad:7b:c5:2b:0a:7d:0c:f9:1e:b3:ac:
e3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:10:70:08:46:7F:DB:C4:C0:8F:42:6A:03:B3:F2:E9:CF:65:88:0D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ghBwCEZ_28TAj0JqA7Py6c9liA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/23
163.5.33.0-163.5.34.255
163.5.37.0-163.5.39.255
163.5.91.0/24
163.5.97.0/24
163.5.114.0/24
163.5.124.0/24
163.5.131.0/24
163.5.152.0/24
163.5.158.0/24
163.5.169.0/24
163.5.179.0/24
163.5.214.0/24
163.5.223.0/24
163.5.249.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
42:db:27:00:bc:2b:8f:ed:ef:67:c6:24:29:52:77:46:31:2c:
dc:43:04:32:32:34:79:9a:31:33:3d:8f:eb:53:19:eb:c1:dd:
f0:df:ae:a5:64:65:1e:c5:73:d6:fd:64:45:d1:00:f7:6c:5c:
11:3b:11:92:c7:c2:fb:3b:3c:33:1d:b7:b4:51:cb:36:10:d6:
a0:d1:85:f1:75:2c:b2:26:89:f2:39:29:55:d3:c6:2a:81:bd:
69:67:3c:8b:4a:34:b8:15:e0:5c:d9:e7:44:78:61:a3:a8:a7:
b2:80:db:0b:66:12:42:c4:e0:89:54:a1:f8:0a:b7:f4:7c:fc:
6c:e9:dc:6a:1d:f9:d8:1c:8a:f6:ed:5b:01:32:15:17:e4:16:
42:ef:3c:48:92:28:94:b8:e0:a8:8a:2c:e0:ae:5e:20:79:9d:
03:bb:44:79:7f:49:16:9e:5e:ab:ac:61:1e:49:4c:d9:b2:d6:
ce:7c:ff:19:aa:53:46:3b:37:95:aa:d4:92:e9:f7:0a:e6:05:
52:54:c0:b6:77:7d:84:c2:4f:16:f2:75:06:2a:b6:d6:9a:87:
e6:a7:51:e8:28:0f:33:e5:41:6c:54:b9:d2:11:cc:20:b1:cb:
a7:a6:db:c9:2c:ac:ca:1e:6c:79:ba:fc:a7:72:02:60:bf:2e:
ff:c7:c0:cd
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYS+rtn27X6R7Yk/1kRyRKSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTI4MTQ0MDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjEwNzAwODQ2N2ZkYmM0YzA4ZjQyNmEwM2IzZjJlOWNmNjU4ODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSIfZ1J8rFQV9cYSmEdYDX+Of9LZ
4H+TYl1DQ5V0+bEYOWPzJaDm+vxPcSulck/I3KhhyJUmILRLC7I1AVT9DU2a6fwP
xbDa+rkr7qJGBDemE7S0U27cSKYehukSenSQ8TwzH46A5oiKBoCiOfbi8I1+1rj7
Fy60p6H4ovLBRNY9BMWI8kuv0XYOI72ouhSL3THla8ymMFr5HF6PJsDUDtVzr+yS
6P7TizmaRXgeALUJT9mhimNhCTRxsNcI/01k5XM3M82cFl9WXzDn0cenOGQJs13q
+VbYs0FZ/gOE/s0KvYaiiHlMs/pQVAjIhdNtBzwrrXvFKwp9DPkes6zjlwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFIIQcAhGf9vEwI9CagOz8unPZYgNMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZ2hCd0NFWl8yOFRBajBKcUE3UHk2YzlsaUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAaMFHjAM
AwQAowUhAwQAowUiMAwDBACjBSUDBAOjBSADBACjBVsDBACjBWEDBACjBXIDBACj
BXwDBACjBYMDBACjBZgDBACjBZ4DBACjBakDBACjBbMDBACjBdYDBACjBd8DBACj
BfkDBACjBf4wDQYJKoZIhvcNAQELBQADggEBAELbJwC8K4/t72fGJClSd0YxLNxD
BDIyNHmaMTM9j+tTGevB3fDfrqVkZR7Fc9b9ZEXRAPdsXBE7EZLHwvs7PDMdt7RR
yzYQ1qDRhfF1LLImifI5KVXTxiqBvWlnPItKNLgV4FzZ50R4YaOop7KA2wtmEkLE
4IlUofgKt/R8/Gzp3God+dgcivbtWwEyFRfkFkLvPEiSKJS44KiKLOCuXiB5nQO7
RHl/SRaeXqusYR5JTNmy1s58/xmqU0Y7N5Wq1JLp9wrmBVJUwLZ3fYTCTxbydQYq
ttaah+anUegoDzPlQWxUudIRzCCxy6em28ksrMoebHm6/KdyAmC/Lv/HwM0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:10 2023 by rpki-client on console-ams.rpki-client.org