Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hA0JprrGOi5uqX592MtcMxf7nAw.roa
File: hA0JprrGOi5uqX592MtcMxf7nAw.roa (raw, json)
Hash identifier: BYDy6yqax5TjUwAu7+CbZsSb48Ikm1Em0hWxcjxelrs=
Subject key identifier: 84:0D:09:A6:BA:C6:3A:2E:6E:A9:7E:7D:D8:CB:5C:33:17:FB:9C:0C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018418C9C49F2B5A6C797EF5D6A8C6A7C906
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hA0JprrGOi5uqX592MtcMxf7nAw.roa
Signing time: Thu 27 Oct 2022 09:33:07 +0000
ROA not before: Thu 27 Oct 2022 09:33:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 163.5.118.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
163.5.37.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.152.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:18:c9:c4:9f:2b:5a:6c:79:7e:f5:d6:a8:c6:a7:c9:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 27 09:33:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=840d09a6bac63a2e6ea97e7dd8cb5c3317fb9c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c0:8a:ef:7f:65:7b:4a:5c:41:c0:9e:41:68:
10:bf:cd:54:dc:a0:81:51:b1:fa:fa:f1:7e:21:1d:
5a:aa:d3:61:c8:12:e5:5e:98:4e:89:15:3c:4f:6e:
95:bf:df:4d:fd:6e:43:88:05:1c:68:23:6b:94:fc:
ca:79:e2:b1:34:2a:33:57:be:fa:e1:d4:52:59:f7:
af:b6:38:96:d6:91:6f:bd:21:b4:d3:d9:94:d4:c0:
c0:d6:65:8b:b6:5a:67:b2:56:b5:d2:ba:f8:4a:a2:
a2:4d:96:22:a2:b1:cf:17:c2:c2:4b:87:e5:47:57:
80:a8:a6:24:14:0a:e3:23:ea:05:34:6b:15:1f:14:
d0:cc:71:d1:19:15:85:5f:a8:32:e9:ac:08:2a:63:
16:45:e1:f8:ef:c9:b3:24:71:c3:6b:64:29:e6:c2:
4a:e8:1b:70:78:91:16:4e:d9:2d:af:9b:0e:f9:8e:
58:9d:7c:06:f4:18:50:7e:b4:d2:04:67:d1:af:d3:
58:3d:a0:4e:10:bd:87:a8:03:9e:2b:be:30:23:5c:
d5:88:76:43:67:eb:9f:9e:04:43:cd:48:f0:ae:40:
74:f1:ef:f4:f8:8c:77:89:04:0b:8b:71:41:78:22:
1e:41:11:5e:d4:af:e7:2b:d9:2a:d6:25:53:4d:58:
11:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0D:09:A6:BA:C6:3A:2E:6E:A9:7E:7D:D8:CB:5C:33:17:FB:9C:0C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hA0JprrGOi5uqX592MtcMxf7nAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/23
163.5.33.0-163.5.34.255
163.5.37.0-163.5.39.255
163.5.118.0/23
163.5.124.0/24
163.5.152.0/24
163.5.158.0/24
163.5.169.0/24
163.5.179.0/24
163.5.212.0/24
163.5.214.0/24
163.5.223.0/24
163.5.249.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:b8:47:db:cd:46:6a:1f:c0:bc:92:02:01:a4:e3:50:00:cd:
e3:35:ea:8c:32:1a:9b:f1:4b:f8:3b:50:08:97:0c:71:bf:bb:
d4:4e:51:c1:ec:9a:59:45:ef:7d:9f:2e:8a:10:e3:d5:d8:0b:
46:3d:63:d7:6b:78:cc:89:68:2e:25:58:10:63:ac:32:3e:f6:
9f:b8:cf:d4:ca:34:19:e7:ac:a6:2e:6f:3a:c6:07:b9:ae:53:
fb:d6:f6:e9:a7:c4:2d:7c:85:d9:16:fd:f0:56:b6:50:4d:59:
de:9c:b2:27:fa:ab:3f:f5:f6:88:0e:d1:c6:c2:65:c0:cd:eb:
fa:8b:43:23:af:af:25:e8:26:83:55:b3:2f:56:7f:47:4c:4c:
72:9a:17:14:d7:fa:cd:59:fa:5a:dd:de:ad:78:77:50:64:1c:
4b:6d:07:06:fa:fe:e3:24:9f:ac:f7:18:5a:db:0e:b6:ab:bb:
89:a2:b3:a9:b3:57:ff:ab:45:45:95:6a:5a:27:54:51:3a:a8:
48:0a:22:c5:f7:b3:05:72:ad:b2:c1:44:51:f9:a6:10:81:f1:
26:22:aa:ba:e9:72:58:a2:2d:e0:e3:b3:6e:ca:54:bb:7b:b7:
eb:c4:34:21:56:fd:06:d3:9d:21:83:24:34:91:d6:b5:d3:bc:
bc:e0:5b:37
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYQYycSfK1pseX711qjGp8kGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDI3MDkzMzA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDBkMDlhNmJhYzYzYTJlNmVhOTdlN2RkOGNiNWMzMzE3ZmI5YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMCK739le0pcQcCeQWgQv81U3KCB
UbH6+vF+IR1aqtNhyBLlXphOiRU8T26Vv99N/W5DiAUcaCNrlPzKeeKxNCozV776
4dRSWfevtjiW1pFvvSG009mU1MDA1mWLtlpnsla10rr4SqKiTZYiorHPF8LCS4fl
R1eAqKYkFArjI+oFNGsVHxTQzHHRGRWFX6gy6awIKmMWReH478mzJHHDa2Qp5sJK
6BtweJEWTtktr5sO+Y5YnXwG9BhQfrTSBGfRr9NYPaBOEL2HqAOeK74wI1zViHZD
Z+ufngRDzUjwrkB08e/0+Ix3iQQLi3FBeCIeQRFe1K/nK9kq1iVTTVgR8wIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFIQNCaa6xjoubql+fdjLXDMX+5wMMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaEEwSnByckdPaTV1cVg1OTJNdGNNeGY3bkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQBowUeMAwD
BACjBSEDBACjBSIwDAMEAKMFJQMEA6MFIAMEAaMFdgMEAKMFfAMEAKMFmAMEAKMF
ngMEAKMFqQMEAKMFswMEAKMF1AMEAKMF1gMEAKMF3wMEAKMF+QMEAKMF/jANBgkq
hkiG9w0BAQsFAAOCAQEAprhH281Gah/AvJICAaTjUADN4zXqjDIam/FL+DtQCJcM
cb+71E5RweyaWUXvfZ8uihDj1dgLRj1j12t4zIloLiVYEGOsMj72n7jP1Mo0Gees
pi5vOsYHua5T+9b26afELXyF2Rb98Fa2UE1Z3pyyJ/qrP/X2iA7RxsJlwM3r+otD
I6+vJegmg1WzL1Z/R0xMcpoXFNf6zVn6Wt3erXh3UGQcS20HBvr+4ySfrPcYWtsO
tqu7iaKzqbNX/6tFRZVqWidUUTqoSAoixfezBXKtssFEUfmmEIHxJiKquulyWKIt
4OOzbspUu3u368Q0IVb9BtOdIYMkNJHWtdO8vOBbNw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:22 2023 by rpki-client on console-fra.rpki-client.org