Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/h2hSREHrkP12KxCYCgJaa1UKxhE.roa
File: h2hSREHrkP12KxCYCgJaa1UKxhE.roa (raw, json)
Hash identifier: qq508H13laLgzBETiNPTY/PttGhT/d+CofiEus6XcUk=
Subject key identifier: 87:68:52:44:41:EB:90:FD:76:2B:10:98:0A:02:5A:6B:55:0A:C6:11
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184D81692C4D7032C9F4A6372E421433CAF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/h2hSREHrkP12KxCYCgJaa1UKxhE.roa
Signing time: Sat 03 Dec 2022 13:04:28 +0000
ROA not before: Sat 03 Dec 2022 13:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.225.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d8:16:92:c4:d7:03:2c:9f:4a:63:72:e4:21:43:3c:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 3 13:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8768524441eb90fd762b10980a025a6b550ac611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:31:22:a4:76:54:85:59:27:39:fb:d1:ed:cb:
6a:50:b8:af:22:29:fb:02:8f:bc:f3:7c:70:f1:d5:
d2:e0:92:82:27:22:26:fe:f8:03:3c:43:4f:f1:96:
74:0a:cd:f7:df:2e:4c:6a:12:e2:de:01:55:74:c8:
d4:d8:b0:8c:68:22:16:35:10:d2:ae:4c:a5:e9:73:
2e:e0:3e:51:14:af:f6:d6:b4:62:70:c5:f4:60:8c:
11:2c:8a:5c:03:ed:04:83:72:18:7d:4b:97:f3:c2:
bf:5e:08:81:5e:1b:f9:ee:16:47:c2:0a:89:2e:d6:
ac:11:02:d8:87:99:15:05:2e:37:d9:3b:0f:01:b1:
a2:4f:f3:a1:03:9a:93:b1:c7:21:b2:6e:79:37:d1:
d1:8f:f0:99:e6:f8:26:d0:ed:62:7c:47:2d:af:78:
d1:59:e5:a7:a0:41:ab:cd:aa:a5:2a:c2:4b:c1:2e:
ee:55:7a:23:ec:bc:ff:b7:6d:69:2a:3f:a0:57:47:
7c:4e:87:47:05:6b:b1:b5:39:66:d9:95:49:27:78:
00:6d:b2:ca:be:93:09:3e:10:7e:bc:5c:35:90:89:
18:37:90:f3:e1:56:5d:5f:56:89:fc:c4:00:9c:91:
a9:f4:a3:13:d1:d8:5e:6f:ef:24:da:26:7e:6b:1f:
d2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:68:52:44:41:EB:90:FD:76:2B:10:98:0A:02:5A:6B:55:0A:C6:11
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/h2hSREHrkP12KxCYCgJaa1UKxhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.118.0/23
163.5.159.0/24
163.5.225.0/24
163.5.229.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:c3:5e:41:e2:59:fc:95:6c:26:7f:46:6d:5f:c6:60:1a:4b:
6a:d9:ea:4a:cb:1a:37:c2:18:d1:c8:ea:91:c3:bd:6a:c0:b4:
ba:a6:b3:b3:bc:ca:e7:99:d1:46:14:f1:fd:46:d5:88:d3:f4:
46:59:cb:45:30:85:38:ec:5d:7c:0f:ee:0b:b6:20:65:26:83:
ab:0f:19:ea:63:06:df:94:e8:5f:47:df:01:f4:e3:b0:8d:01:
b1:62:4b:12:1f:f9:7d:69:48:d0:d7:f6:6e:a9:70:2f:eb:98:
ab:63:2d:da:ee:a4:ae:4e:9e:f6:35:1d:c2:87:d3:1a:a4:7b:
89:e9:48:52:bc:17:8a:52:e2:dd:7f:42:de:70:f4:9f:df:88:
a8:26:7b:83:6b:09:af:63:cf:0d:a4:d8:4c:0d:70:4e:f8:52:
bd:d5:93:df:0f:26:23:b5:c9:13:57:16:33:66:b4:6c:db:fe:
74:b6:5e:40:0a:2b:8b:e6:b3:72:ab:c8:73:a1:be:20:de:cb:
35:75:da:6c:22:e7:ab:dc:bc:13:6a:a5:9c:f2:c5:ee:f4:9a:
68:9a:60:fe:12:0f:18:80:38:95:d4:90:76:37:3a:df:5f:2e:
78:45:6d:06:95:a0:a9:38:1b:92:7a:c9:ad:d6:50:85:03:91:
68:97:4e:64
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTYFpLE1wMsn0pjcuQhQzyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjAzMTMwNDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY4NTI0NDQxZWI5MGZkNzYyYjEwOTgwYTAyNWE2YjU1MGFjNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzEipHZUhVknOfvR7ctqULivIin7
Ao+883xw8dXS4JKCJyIm/vgDPENP8ZZ0Cs333y5MahLi3gFVdMjU2LCMaCIWNRDS
rkyl6XMu4D5RFK/21rRicMX0YIwRLIpcA+0Eg3IYfUuX88K/XgiBXhv57hZHwgqJ
LtasEQLYh5kVBS432TsPAbGiT/OhA5qTscchsm55N9HRj/CZ5vgm0O1ifEctr3jR
WeWnoEGrzaqlKsJLwS7uVXoj7Lz/t21pKj+gV0d8TodHBWuxtTlm2ZVJJ3gAbbLK
vpMJPhB+vFw1kIkYN5Dz4VZdX1aJ/MQAnJGp9KMT0dheb+8k2iZ+ax/SzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIdoUkRB65D9disQmAoCWmtVCsYRMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaDJoU1JFSHJrUDEyS3hDWUNnSmFhMVVLeGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBowV2AwQA
owWfAwQAowXhAwQAowXlMA0GCSqGSIb3DQEBCwUAA4IBAQCqw15B4ln8lWwmf0Zt
X8ZgGktq2epKyxo3whjRyOqRw71qwLS6prOzvMrnmdFGFPH9RtWI0/RGWctFMIU4
7F18D+4LtiBlJoOrDxnqYwbflOhfR98B9OOwjQGxYksSH/l9aUjQ1/ZuqXAv65ir
Yy3a7qSuTp72NR3Ch9MapHuJ6UhSvBeKUuLdf0LecPSf34ioJnuDawmvY88NpNhM
DXBO+FK91ZPfDyYjtckTVxYzZrRs2/50tl5ACiuL5rNyq8hzob4g3ss1ddpsIuer
3LwTaqWc8sXu9JpommD+Eg8YgDiV1JB2NzrfXy54RW0GlaCpOBuSesmt1lCFA5Fo
l05k
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:22 2023 by rpki-client on console-fra.rpki-client.org