Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iQpgh6qGXFrxB_WdsNrR93VAgMk.roa
File: iQpgh6qGXFrxB_WdsNrR93VAgMk.roa (raw, json)
Hash identifier: ZRhceyfuGNrPPi7zUL8eOTFqc+ePAvg7VKLhRHvlHnc=
Subject key identifier: 89:0A:60:87:AA:86:5C:5A:F1:07:F5:9D:B0:DA:D1:F7:75:40:80:C9
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184C3957B5F031677AE7E26CD01C681E16F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iQpgh6qGXFrxB_WdsNrR93VAgMk.roa
Signing time: Tue 29 Nov 2022 13:31:04 +0000
ROA not before: Tue 29 Nov 2022 13:31:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 163.5.199.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.208.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.207.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:95:7b:5f:03:16:77:ae:7e:26:cd:01:c6:81:e1:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 29 13:31:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=890a6087aa865c5af107f59db0dad1f7754080c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:55:82:83:50:7e:61:d5:67:b4:ef:23:02:82:
bd:97:bb:29:78:49:fb:67:8c:32:c4:48:b2:c6:36:
74:7b:3b:28:da:d0:09:21:03:d1:88:cc:d2:5f:03:
7f:90:0d:2e:52:0e:dd:eb:64:81:39:9c:c4:1c:ef:
53:48:b0:1d:44:02:d1:f0:08:6d:d1:ad:16:e1:68:
b2:b6:20:27:c9:25:49:14:87:e0:5c:48:24:b1:2d:
ef:c3:49:e5:1e:9d:9e:c2:a2:fd:1f:eb:23:00:90:
23:5d:96:a3:6c:6e:34:23:2f:08:35:54:61:50:b1:
be:d9:ea:1c:13:91:31:d1:29:f8:c2:9f:c9:cd:f0:
dc:a5:fc:e5:ef:5f:fa:67:27:52:54:55:65:05:6d:
4e:34:ca:40:8a:ed:1a:c1:16:aa:5e:83:72:f2:52:
ca:e9:bf:f6:a6:22:cd:b2:a3:ed:4f:35:03:29:9f:
17:2d:1e:43:3e:a2:9b:5f:65:3e:c4:b1:48:b3:93:
01:16:30:61:b5:65:7b:79:70:3b:71:97:80:ec:b3:
98:45:06:59:1f:52:62:33:c2:b8:21:c8:ff:dc:aa:
1e:b2:63:c3:17:c1:db:47:4d:98:eb:d8:53:db:2a:
62:b8:85:cb:2b:df:f1:e1:c0:d1:a9:70:20:01:e3:
28:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0A:60:87:AA:86:5C:5A:F1:07:F5:9D:B0:DA:D1:F7:75:40:80:C9
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iQpgh6qGXFrxB_WdsNrR93VAgMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.155.0-163.5.157.255
163.5.199.0/24
163.5.206.0-163.5.209.255
163.5.213.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:1b:8f:a7:45:dd:f0:da:f8:fd:7f:ba:04:4c:ec:93:cb:d4:
93:a7:34:73:79:d9:2a:ec:9e:c6:fc:4c:4e:90:ef:b3:4b:34:
7b:f0:16:0a:1f:37:d0:17:e2:25:a1:13:f1:b1:f8:3c:b2:05:
53:aa:1c:20:82:aa:10:62:2e:ba:ae:5d:29:34:02:6a:6b:b3:
b8:d0:f8:11:c8:be:2b:92:4a:a1:04:20:89:0c:e9:32:38:fa:
e9:f3:f2:6a:bf:f5:08:c2:d4:0c:37:d4:4e:39:72:e8:79:66:
03:f6:99:08:1f:b6:b7:7f:de:b9:8b:c1:c3:1c:0d:d3:24:60:
47:49:c2:86:7f:79:b5:c3:a8:39:a6:0d:a3:62:f2:2c:52:0e:
8f:a3:49:0d:46:24:9e:34:80:7a:f7:72:fc:dc:42:49:10:b7:
91:ce:70:68:f1:29:94:a0:0b:05:1d:f1:99:ca:1a:5b:e9:83:
4b:16:98:60:f5:90:3c:94:9c:33:ff:38:93:52:af:0d:c5:a2:
ea:1e:5a:1a:78:7d:b2:8c:e7:bd:7c:b1:9a:b6:75:5f:af:e1:
97:46:f1:57:61:fa:86:42:88:a5:d9:c7:ba:06:09:e9:64:39:
de:b2:49:4d:a7:87:46:2e:1c:a4:ad:f2:c5:4b:e3:06:a7:54:
4f:a7:bd:bb
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYTDlXtfAxZ3rn4mzQHGgeFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTI5MTMzMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBhNjA4N2FhODY1YzVhZjEwN2Y1OWRiMGRhZDFmNzc1NDA4MGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklWCg1B+YdVntO8jAoK9l7speEn7
Z4wyxEiyxjZ0ezso2tAJIQPRiMzSXwN/kA0uUg7d62SBOZzEHO9TSLAdRALR8Aht
0a0W4WiytiAnySVJFIfgXEgksS3vw0nlHp2ewqL9H+sjAJAjXZajbG40Iy8INVRh
ULG+2eocE5Ex0Sn4wp/JzfDcpfzl71/6ZydSVFVlBW1ONMpAiu0awRaqXoNy8lLK
6b/2piLNsqPtTzUDKZ8XLR5DPqKbX2U+xLFIs5MBFjBhtWV7eXA7cZeA7LOYRQZZ
H1JiM8K4Icj/3KoesmPDF8HbR02Y69hT2ypiuIXLK9/x4cDRqXAgAeMoJQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIkKYIeqhlxa8Qf1nbDa0fd1QIDJMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaVFwZ2g2cUdYRnJ4Ql9XZHNOclI5M1ZBZ01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBACjBZsD
BAGjBZwDBACjBccwDAMEAaMFzgMEAaMF0AMEAKMF1TANBgkqhkiG9w0BAQsFAAOC
AQEAGhuPp0Xd8Nr4/X+6BEzsk8vUk6c0c3nZKuyexvxMTpDvs0s0e/AWCh830Bfi
JaET8bH4PLIFU6ocIIKqEGIuuq5dKTQCamuzuND4Eci+K5JKoQQgiQzpMjj66fPy
ar/1CMLUDDfUTjly6HlmA/aZCB+2t3/euYvBwxwN0yRgR0nChn95tcOoOaYNo2Ly
LFIOj6NJDUYknjSAevdy/NxCSRC3kc5waPEplKALBR3xmcoaW+mDSxaYYPWQPJSc
M/84k1KvDcWi6h5aGnh9soznvXyxmrZ1X6/hl0bxV2H6hkKIpdnHugYJ6WQ53rJJ
TaeHRi4cpK3yxUvjBqdUT6e9uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org