Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/k6k1k4AbbHSPOxaFTcnkhsNNleM.roa
File: k6k1k4AbbHSPOxaFTcnkhsNNleM.roa (raw, json)
Hash identifier: BrUx3YaveeU7Yp2IhQ/T1m8ULijctXaQlpWtu5wlzLU=
Subject key identifier: 93:A9:35:93:80:1B:6C:74:8F:3B:16:85:4D:C9:E4:86:C3:4D:95:E3
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018500F20B4C34D54E3B8A50A203C3F30CB2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/k6k1k4AbbHSPOxaFTcnkhsNNleM.roa
Signing time: Sun 11 Dec 2022 11:29:00 +0000
ROA not before: Sun 11 Dec 2022 11:29:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 163.5.91.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
163.5.37.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.152.0/24 maxlen: 24
163.5.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:00:f2:0b:4c:34:d5:4e:3b:8a:50:a2:03:c3:f3:0c:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 11 11:29:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93a93593801b6c748f3b16854dc9e486c34d95e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a6:ee:44:54:a9:a7:71:ac:04:7a:27:cb:34:
d1:93:7c:9c:67:66:e0:0d:4c:c3:cd:7b:92:db:7e:
3f:44:26:88:0d:2c:f3:7d:b9:08:03:66:f9:40:01:
dc:0e:29:7f:67:14:94:14:3d:15:78:82:69:c2:01:
22:0d:9e:21:8d:48:bd:17:a3:96:af:a4:cc:58:03:
9d:c6:ae:ed:0c:36:fa:bc:1d:55:62:d3:72:fa:ed:
69:24:95:12:bf:45:aa:88:e4:c7:6d:99:2d:c1:1c:
94:ab:e7:bc:b6:b6:94:57:4a:ff:3b:a6:0d:bd:61:
95:82:37:39:45:46:14:2b:99:9c:ea:dd:2f:4c:3d:
06:c2:e6:d4:2e:1b:84:3f:1c:e3:da:2c:79:da:53:
0e:2d:c3:3b:4d:98:5f:0f:89:d0:0e:27:bd:67:e0:
bb:97:1c:b8:7f:89:5d:a0:a0:c1:fc:ef:b6:c9:1e:
72:5a:16:71:21:a2:75:3f:e0:10:7a:ea:20:91:e4:
b6:7c:22:a8:1a:f9:20:3e:96:10:18:6c:cb:ca:cc:
39:d5:d0:e7:c0:c0:45:a9:32:00:74:49:0a:79:9d:
ef:11:3c:a7:04:3a:6b:8f:60:80:51:b0:1e:81:4a:
07:37:d4:b4:26:54:5b:ba:2d:dc:9d:5b:0e:71:9d:
bd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A9:35:93:80:1B:6C:74:8F:3B:16:85:4D:C9:E4:86:C3:4D:95:E3
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/k6k1k4AbbHSPOxaFTcnkhsNNleM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.33.0-163.5.34.255
163.5.37.0-163.5.39.255
163.5.91.0/24
163.5.97.0/24
163.5.114.0/24
163.5.124.0/24
163.5.131.0/24
163.5.152.0/24
163.5.169.0/24
163.5.249.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
37:cf:cf:4e:e4:bf:92:b1:71:e2:ac:a7:69:62:1f:e0:ad:b7:
37:24:04:5a:b8:c4:36:9b:eb:1f:07:93:68:fc:31:1d:cc:44:
b6:44:ef:e2:e3:a8:14:f1:a0:5d:e3:f0:11:54:f9:6b:ae:82:
86:bc:0b:18:c6:44:62:18:60:ee:bd:c0:0f:95:d4:0a:5b:13:
97:23:68:d4:70:65:48:f9:e8:e9:78:d8:de:f9:c2:db:c8:62:
5f:6a:ee:bc:83:ea:42:70:93:ae:50:b7:c4:18:30:a0:fd:1c:
97:5f:30:5d:a8:68:ba:7d:fa:6e:a2:98:e3:72:ad:cc:6c:cb:
cd:0d:3d:da:f5:53:04:57:40:ba:b9:40:6c:26:57:25:09:da:
30:35:32:5a:c1:16:66:f8:b6:3f:9e:9d:4a:32:b9:d3:58:1e:
34:5e:60:c3:e9:ee:d7:da:bc:e0:5d:89:f1:ad:ea:fd:e5:7f:
da:ed:d2:48:83:07:5d:a6:36:05:52:2e:ad:47:9f:01:9d:01:
d4:e8:bb:aa:02:47:52:37:09:58:66:1b:34:2d:59:59:77:e2:
a6:6f:42:ee:66:52:3d:33:ec:93:a5:ce:a8:8a:eb:a6:68:9a:
a7:b0:c1:53:87:c8:31:05:9d:86:87:13:06:08:1d:20:0c:b2:
0f:4d:b5:b5
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYUA8gtMNNVOO4pQogPD8wyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjExMTEyOTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2E5MzU5MzgwMWI2Yzc0OGYzYjE2ODU0ZGM5ZTQ4NmMzNGQ5NWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6buRFSpp3GsBHonyzTRk3ycZ2bg
DUzDzXuS234/RCaIDSzzfbkIA2b5QAHcDil/ZxSUFD0VeIJpwgEiDZ4hjUi9F6OW
r6TMWAOdxq7tDDb6vB1VYtNy+u1pJJUSv0WqiOTHbZktwRyUq+e8traUV0r/O6YN
vWGVgjc5RUYUK5mc6t0vTD0GwubULhuEPxzj2ix52lMOLcM7TZhfD4nQDie9Z+C7
lxy4f4ldoKDB/O+2yR5yWhZxIaJ1P+AQeuogkeS2fCKoGvkgPpYQGGzLysw51dDn
wMBFqTIAdEkKeZ3vETynBDprj2CAUbAegUoHN9S0JlRbui3cnVsOcZ298QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFJOpNZOAG2x0jzsWhU3J5IbDTZXjMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvazZrMWs0QWJiSFNQT3hhRlRjbmtoc05ObGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAowUfMAwD
BACjBSEDBACjBSIwDAMEAKMFJQMEA6MFIAMEAKMFWwMEAKMFYQMEAKMFcgMEAKMF
fAMEAKMFgwMEAKMFmAMEAKMFqQMEAKMF+QMEAKMF/jANBgkqhkiG9w0BAQsFAAOC
AQEAN8/PTuS/krFx4qynaWIf4K23NyQEWrjENpvrHweTaPwxHcxEtkTv4uOoFPGg
XePwEVT5a66ChrwLGMZEYhhg7r3AD5XUClsTlyNo1HBlSPno6XjY3vnC28hiX2ru
vIPqQnCTrlC3xBgwoP0cl18wXahoun36bqKY43KtzGzLzQ092vVTBFdAurlAbCZX
JQnaMDUyWsEWZvi2P56dSjK501geNF5gw+nu19q84F2J8a3q/eV/2u3SSIMHXaY2
BVIurUefAZ0B1Oi7qgJHUjcJWGYbNC1ZWXfipm9C7mZSPTPsk6XOqIrrpmiap7DB
U4fIMQWdhocTBggdIAyyD021tQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org