Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hpfpQP46DpCvKuD7zV3C6S2akEg.roa
File: hpfpQP46DpCvKuD7zV3C6S2akEg.roa (raw, json)
Hash identifier: GkYeADknmbj7Ld1SOBscCUXVF5tWXJFHayVEpaWDz/4=
Subject key identifier: 86:97:E9:40:FE:3A:0E:90:AF:2A:E0:FB:CD:5D:C2:E9:2D:9A:90:48
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018486E151D4ACBD5659A0E72F5384EAE5AD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hpfpQP46DpCvKuD7zV3C6S2akEg.roa
Signing time: Thu 17 Nov 2022 18:37:04 +0000
ROA not before: Thu 17 Nov 2022 18:37:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43043
IP address blocks: 163.5.212.0/24 maxlen: 24
163.5.107.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.137.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:e1:51:d4:ac:bd:56:59:a0:e7:2f:53:84:ea:e5:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 17 18:37:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8697e940fe3a0e90af2ae0fbcd5dc2e92d9a9048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:05:8c:93:72:c2:50:b3:10:bd:44:ea:b0:36:
c6:2f:d4:dc:b6:b4:65:2e:ea:27:9a:9d:50:26:92:
7d:16:d0:d2:8d:3f:fe:4b:91:a2:fe:89:78:7c:ab:
a6:cd:36:e3:22:6a:8d:1e:f6:c4:53:d1:96:6e:f6:
45:54:d5:58:cc:33:3d:34:e7:9c:8a:32:e5:f1:32:
8c:6b:52:8e:da:99:7e:c8:b5:a2:fd:54:0c:90:5d:
57:cb:be:1e:7d:2c:ad:5f:05:58:7c:86:26:71:42:
63:78:d6:79:5a:e5:43:f7:b4:a3:70:d7:bc:5e:db:
f5:49:e7:4f:ed:2d:c1:56:70:99:79:38:4f:83:cb:
77:9e:b5:bf:68:56:bf:b9:60:a9:cf:d1:3b:05:93:
9e:ac:a6:6f:07:1a:c0:6f:c6:5c:dc:9b:0a:7a:64:
c7:9c:57:50:f3:4a:27:43:72:36:90:70:4e:f0:42:
cb:d1:2b:05:11:da:cd:9f:a7:d6:1c:12:a5:cb:95:
3e:58:4d:a6:82:60:7d:4d:be:5d:81:14:f0:72:d1:
8d:92:db:ec:92:68:d8:c0:af:b2:20:10:96:56:2b:
42:f0:88:24:28:dc:81:7e:98:27:3e:00:44:74:dd:
92:f7:3e:5a:25:88:81:2e:53:64:ec:ef:bb:8d:e8:
85:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:97:E9:40:FE:3A:0E:90:AF:2A:E0:FB:CD:5D:C2:E9:2D:9A:90:48
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hpfpQP46DpCvKuD7zV3C6S2akEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.107.0/24
163.5.121.0/24
163.5.137.0/24
163.5.143.0/24
163.5.145.0/24
163.5.212.0/24
Signature Algorithm: sha256WithRSAEncryption
65:98:33:a2:c4:96:07:b7:02:5d:cb:dc:06:db:85:c9:e1:cb:
0a:3e:84:8e:23:b8:32:86:dc:78:f7:34:ef:33:3e:2d:d4:6d:
35:47:77:11:4d:8f:76:c2:3c:40:bc:d3:29:13:b8:f6:15:ad:
07:5b:47:fc:3b:2c:0d:00:5b:4f:10:a1:ec:42:a1:8e:57:ca:
6c:f6:35:ea:fb:af:61:64:3f:ec:4b:42:22:e7:54:a0:6e:bf:
28:8c:67:32:c4:77:09:a3:aa:ac:07:86:39:da:c4:80:fc:ed:
b6:8a:9e:92:8e:54:22:fa:2f:cc:b6:af:20:3c:00:51:a7:34:
95:46:05:2a:e8:97:ee:37:4e:85:1d:81:f2:31:94:03:80:5e:
a0:39:fa:7f:a3:86:f6:5b:fb:cf:54:ab:be:8f:18:36:01:2f:
87:9e:9c:ad:f4:c0:6a:c0:b4:01:1c:3f:6e:7d:5c:84:6d:de:
86:6f:83:9b:4d:7c:e2:f9:29:b9:95:0f:ec:36:65:0a:39:64:
17:b3:e8:b5:f2:61:9e:7e:c0:da:77:ac:ac:4f:0d:e7:b5:93:
db:91:37:c7:67:d1:c5:d7:b4:85:0a:2c:d2:65:2c:73:72:d4:
af:96:dd:fb:8c:69:01:00:26:62:a0:02:56:b6:e4:ad:ea:49:
4d:ce:c3:96
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYSG4VHUrL1WWaDnL1OE6uWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTE3MTgzNzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njk3ZTk0MGZlM2EwZTkwYWYyYWUwZmJjZDVkYzJlOTJkOWE5MDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wWMk3LCULMQvUTqsDbGL9TctrRl
Luonmp1QJpJ9FtDSjT/+S5Gi/ol4fKumzTbjImqNHvbEU9GWbvZFVNVYzDM9NOec
ijLl8TKMa1KO2pl+yLWi/VQMkF1Xy74efSytXwVYfIYmcUJjeNZ5WuVD97SjcNe8
Xtv1SedP7S3BVnCZeThPg8t3nrW/aFa/uWCpz9E7BZOerKZvBxrAb8Zc3JsKemTH
nFdQ80onQ3I2kHBO8ELL0SsFEdrNn6fWHBKly5U+WE2mgmB9Tb5dgRTwctGNktvs
kmjYwK+yIBCWVitC8IgkKNyBfpgnPgBEdN2S9z5aJYiBLlNk7O+7jeiFPwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIaX6UD+Og6Qryrg+81dwuktmpBIMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaHBmcFFQNDZEcEN2S3VEN3pWM0M2UzJha0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowVrAwQA
owV5AwQAowWJAwQAowWPAwQAowWRAwQAowXUMA0GCSqGSIb3DQEBCwUAA4IBAQBl
mDOixJYHtwJdy9wG24XJ4csKPoSOI7gyhtx49zTvMz4t1G01R3cRTY92wjxAvNMp
E7j2Fa0HW0f8OywNAFtPEKHsQqGOV8ps9jXq+69hZD/sS0Ii51Sgbr8ojGcyxHcJ
o6qsB4Y52sSA/O22ip6SjlQi+i/Mtq8gPABRpzSVRgUq6JfuN06FHYHyMZQDgF6g
Ofp/o4b2W/vPVKu+jxg2AS+Hnpyt9MBqwLQBHD9ufVyEbd6Gb4ObTXzi+Sm5lQ/s
NmUKOWQXs+i18mGefsDad6ysTw3ntZPbkTfHZ9HF17SFCizSZSxzctSvlt37jGkB
ACZioAJWtuSt6klNzsOW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org