Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/leXyLOF_4r8k6nrXHACShsnQ9LI.roa
File: leXyLOF_4r8k6nrXHACShsnQ9LI.roa (raw, json)
Hash identifier: uZBe0cL24EB/NGZasdSekPJsapu127Z3Rqg6AUKPP4I=
Subject key identifier: 95:E5:F2:2C:E1:7F:E2:BF:24:EA:7A:D7:1C:00:92:86:C9:D0:F4:B2
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0182FE1A26B4E475AF8F2775CD221C067150
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/leXyLOF_4r8k6nrXHACShsnQ9LI.roa
Signing time: Fri 02 Sep 2022 12:08:22 +0000
ROA not before: Fri 02 Sep 2022 12:08:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 163.5.127.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fe:1a:26:b4:e4:75:af:8f:27:75:cd:22:1c:06:71:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 2 12:08:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95e5f22ce17fe2bf24ea7ad71c009286c9d0f4b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0c:b6:bc:c6:ff:76:32:7f:08:3e:6d:91:4f:
3b:dd:38:59:3a:d3:76:7d:89:69:ff:fd:be:64:bf:
1a:a9:01:cd:56:bd:9f:f6:1c:ef:8b:54:4c:4b:11:
3c:cb:98:fa:79:4f:d2:e0:8d:5f:79:6e:c7:e4:64:
ab:46:67:05:a7:7b:d7:b2:44:14:bd:8c:fb:9a:48:
8e:a7:07:13:47:b7:e6:0e:2f:b3:85:57:24:22:a1:
00:01:1e:b5:1d:da:cb:f5:3f:21:39:a3:f6:08:4f:
4c:cd:55:da:6f:ad:0b:7d:8e:07:7d:aa:d2:fe:23:
79:bd:85:e4:15:76:10:e1:aa:79:44:a3:cf:aa:06:
46:b3:f1:7b:2a:99:58:cf:09:88:2d:7c:82:ed:33:
d5:fc:4d:b6:e5:63:98:d1:27:6b:ea:0e:69:59:99:
34:b8:2b:21:e2:c2:eb:7a:06:1c:4d:66:2a:44:8a:
65:de:6a:89:c8:eb:0b:34:28:7b:55:a2:7b:23:87:
c7:88:9a:15:ce:6b:47:e8:fb:7a:35:b5:aa:7e:e2:
9b:87:63:c7:72:b5:29:75:0c:83:c3:6f:0f:97:2a:
9b:8b:1e:5b:97:4f:2e:a9:32:90:e7:f6:f7:be:e2:
12:63:e5:fb:a0:18:d6:75:b2:85:16:14:fc:8d:db:
c3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E5:F2:2C:E1:7F:E2:BF:24:EA:7A:D7:1C:00:92:86:C9:D0:F4:B2
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/leXyLOF_4r8k6nrXHACShsnQ9LI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.127.0/24
163.5.132.0/23
163.5.143.0/24
Signature Algorithm: sha256WithRSAEncryption
72:d0:47:30:d9:01:55:ef:03:b5:8a:57:94:11:66:06:4e:88:
10:46:3d:62:e1:54:4d:84:46:05:86:c3:5a:c4:7b:ad:da:76:
be:61:98:43:65:13:5c:e6:93:26:15:0b:47:91:64:6b:35:f5:
16:5e:01:b2:2d:26:dc:b9:f9:0f:fd:44:c3:6b:a4:1c:65:5a:
2a:a3:72:4e:73:79:3c:66:c3:60:67:6a:35:61:ef:ec:5d:b1:
eb:1c:9e:43:f1:5e:f8:ef:8b:d4:12:7f:9f:c0:71:e4:20:2b:
c8:d7:f9:03:d7:34:5b:22:dd:4e:5d:92:1f:64:d1:ff:60:81:
22:82:55:1a:cd:86:ab:20:e6:2f:11:8f:be:4b:e7:ef:80:92:
1a:c1:b3:0a:62:c3:8c:d9:af:03:30:0b:17:7a:b6:26:ae:09:
70:1d:9d:9c:d3:ae:c5:da:fb:39:cb:d4:61:09:a0:5d:01:32:
e1:92:cd:1d:c8:7c:27:20:e1:57:80:1a:29:fe:97:a4:76:87:
c3:d9:54:3e:4e:e6:ea:75:6c:64:17:64:bb:69:98:66:6c:55:
53:bc:26:9e:e8:ce:27:de:b3:cc:09:81:20:9b:a9:b8:76:16:
aa:02:05:80:9e:29:72:79:53:b6:3e:e9:64:f6:87:d9:31:17:
d4:25:72:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYL+Gia05HWvjyd1zSIcBnFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTAyMTIwODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWU1ZjIyY2UxN2ZlMmJmMjRlYTdhZDcxYzAwOTI4NmM5ZDBmNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wy2vMb/djJ/CD5tkU873ThZOtN2
fYlp//2+ZL8aqQHNVr2f9hzvi1RMSxE8y5j6eU/S4I1feW7H5GSrRmcFp3vXskQU
vYz7mkiOpwcTR7fmDi+zhVckIqEAAR61HdrL9T8hOaP2CE9MzVXab60LfY4HfarS
/iN5vYXkFXYQ4ap5RKPPqgZGs/F7KplYzwmILXyC7TPV/E225WOY0Sdr6g5pWZk0
uCsh4sLregYcTWYqRIpl3mqJyOsLNCh7VaJ7I4fHiJoVzmtH6Pt6NbWqfuKbh2PH
crUpdQyDw28Plyqbix5bl08uqTKQ5/b3vuISY+X7oBjWdbKFFhT8jdvDuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJXl8izhf+K/JOp61xwAkobJ0PSyMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbGVYeUxPRl80cjhrNm5yWEhBQ1Noc25ROUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowV/AwQB
owWEAwQAowWPMA0GCSqGSIb3DQEBCwUAA4IBAQBy0Ecw2QFV7wO1ileUEWYGTogQ
Rj1i4VRNhEYFhsNaxHut2na+YZhDZRNc5pMmFQtHkWRrNfUWXgGyLSbcufkP/UTD
a6QcZVoqo3JOc3k8ZsNgZ2o1Ye/sXbHrHJ5D8V7474vUEn+fwHHkICvI1/kD1zRb
It1OXZIfZNH/YIEiglUazYarIOYvEY++S+fvgJIawbMKYsOM2a8DMAsXerYmrglw
HZ2c067F2vs5y9RhCaBdATLhks0dyHwnIOFXgBop/pekdofD2VQ+TubqdWxkF2S7
aZhmbFVTvCae6M4n3rPMCYEgm6m4dhaqAgWAnilyeVO2Pulk9ofZMRfUJXJV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:22 2023 by rpki-client on console-fra.rpki-client.org