Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hB9eMUW7B0vJ0K1beCAGskSkAS4.roa
File: hB9eMUW7B0vJ0K1beCAGskSkAS4.roa (raw, json)
Hash identifier: gbt/C0Pvrp/TaOJ5retR7+kRJdGmxamqaNeCsQUiYBI=
Subject key identifier: 84:1F:5E:31:45:BB:07:4B:C9:D0:AD:5B:78:20:06:B2:44:A4:01:2E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01825F6D1F671E8349CF5FD41F13848AC779
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hB9eMUW7B0vJ0K1beCAGskSkAS4.roa
Signing time: Tue 02 Aug 2022 16:39:23 +0000
ROA not before: Tue 02 Aug 2022 16:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 163.5.173.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.183.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
163.5.184.0/24 maxlen: 24
163.5.180.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.137.0/24 maxlen: 24
163.5.172.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5f:6d:1f:67:1e:83:49:cf:5f:d4:1f:13:84:8a:c7:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 2 16:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=841f5e3145bb074bc9d0ad5b782006b244a4012e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4c:ef:99:2c:6c:55:c2:48:c1:76:13:92:c0:
cc:7b:e6:c2:14:d6:ba:bc:cf:a1:44:ff:d3:32:b0:
6f:c6:8d:91:bf:2c:63:d1:7b:42:d2:3f:fe:88:a6:
66:73:7b:ba:1e:b8:62:87:9f:e2:b3:c8:74:31:a5:
85:1e:76:61:08:d0:c5:31:cc:cd:ed:01:92:98:7c:
67:a9:55:30:50:ab:3e:60:6d:67:45:23:f9:7e:7a:
0e:dd:67:18:d4:8b:05:37:85:a2:4c:2a:cf:e6:bc:
f2:00:72:e4:32:25:9e:3d:7c:87:87:a8:06:78:21:
de:d2:a8:29:13:b7:6c:14:0a:53:34:50:26:e0:52:
cf:f0:35:ab:22:6a:31:e3:57:0b:a8:b1:17:21:71:
84:07:94:7e:a7:7e:0e:66:e7:3e:ca:67:8f:d3:d8:
99:d8:84:39:22:07:6c:96:a4:40:81:fc:de:78:c9:
f5:79:07:29:b1:93:46:8c:c7:b0:e7:8a:07:99:d9:
41:51:53:d5:c7:6c:f3:ed:b6:86:3e:08:58:6d:06:
9d:25:62:e1:98:48:cf:a7:40:05:c6:cd:44:e8:f1:
e1:be:98:cb:dd:16:b4:af:1e:82:86:5e:cd:2b:79:
47:e3:45:1b:f0:ff:91:9e:f2:3d:25:76:9d:5b:5b:
6b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1F:5E:31:45:BB:07:4B:C9:D0:AD:5B:78:20:06:B2:44:A4:01:2E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hB9eMUW7B0vJ0K1beCAGskSkAS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.137.0/24
163.5.170.0-163.5.173.255
163.5.180.0/24
163.5.182.0-163.5.189.255
Signature Algorithm: sha256WithRSAEncryption
a5:62:3b:0a:bb:69:bb:ff:c7:99:e3:53:2a:d2:00:1b:19:4a:
2e:c9:ae:b8:63:dc:bf:a7:bb:a4:b2:5b:ed:8a:39:57:59:cd:
10:be:30:6b:54:f2:67:d6:c1:3f:60:63:35:95:86:92:d3:8c:
df:e4:1a:8f:6d:d3:f9:8a:65:91:30:73:ac:62:41:5b:e7:ab:
9e:01:49:6a:6f:02:8d:a0:0c:af:43:4e:32:be:4c:fa:06:69:
af:33:3a:5e:61:c0:e3:0e:eb:2e:6c:0f:c6:d3:f2:21:03:5f:
81:98:d8:d4:24:39:79:df:3d:96:8d:b8:1e:85:3e:e5:f2:7c:
f7:17:06:92:df:ac:a2:74:c3:88:8a:9e:ff:1c:6d:f7:4d:cb:
ed:17:de:e0:48:4c:22:7d:a0:ff:75:c6:da:3d:d1:99:29:ac:
27:91:fe:83:d3:17:82:f0:1a:a1:0a:4b:00:0f:6f:b0:25:a6:
8f:21:5f:c0:81:45:ac:df:d1:12:e2:07:5a:85:79:dc:ca:1b:
b8:cd:35:74:7f:94:b2:8c:ea:17:c4:74:d9:4b:84:db:99:bf:
36:5e:8b:e4:ee:14:49:a1:c2:c4:f7:57:3b:16:7f:4a:d6:e2:
ea:87:0a:b8:42:1f:98:67:8c:b9:b9:fc:91:6b:a7:ef:26:1c:
9f:f2:ff:45
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYJfbR9nHoNJz1/UHxOEisd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODAyMTYzOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDFmNWUzMTQ1YmIwNzRiYzlkMGFkNWI3ODIwMDZiMjQ0YTQwMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0zvmSxsVcJIwXYTksDMe+bCFNa6
vM+hRP/TMrBvxo2Rvyxj0XtC0j/+iKZmc3u6Hrhih5/is8h0MaWFHnZhCNDFMczN
7QGSmHxnqVUwUKs+YG1nRSP5fnoO3WcY1IsFN4WiTCrP5rzyAHLkMiWePXyHh6gG
eCHe0qgpE7dsFApTNFAm4FLP8DWrImox41cLqLEXIXGEB5R+p34OZuc+ymeP09iZ
2IQ5IgdslqRAgfzeeMn1eQcpsZNGjMew54oHmdlBUVPVx2zz7baGPghYbQadJWLh
mEjPp0AFxs1E6PHhvpjL3Ra0rx6Chl7NK3lH40Ub8P+RnvI9JXadW1trsQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIQfXjFFuwdLydCtW3ggBrJEpAEuMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaEI5ZU1VVzdCMHZKMEsxYmVDQUdza1NrQVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAowWJMAwD
BAGjBaoDBAGjBawDBACjBbQwDAMEAaMFtgMEAaMFvDANBgkqhkiG9w0BAQsFAAOC
AQEApWI7Crtpu//HmeNTKtIAGxlKLsmuuGPcv6e7pLJb7Yo5V1nNEL4wa1TyZ9bB
P2BjNZWGktOM3+Qaj23T+YplkTBzrGJBW+erngFJam8CjaAMr0NOMr5M+gZprzM6
XmHA4w7rLmwPxtPyIQNfgZjY1CQ5ed89lo24HoU+5fJ89xcGkt+sonTDiIqe/xxt
903L7Rfe4EhMIn2g/3XG2j3RmSmsJ5H+g9MXgvAaoQpLAA9vsCWmjyFfwIFFrN/R
EuIHWoV53MobuM01dH+UsozqF8R02UuE25m/Nl6L5O4USaHCxPdXOxZ/Stbi6ocK
uEIfmGeMubn8kWun7yYcn/L/RQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:22 2023 by rpki-client on console-fra.rpki-client.org