Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mm92M5kNKu5sxaTvkve4p12fO4Q.roa
File: mm92M5kNKu5sxaTvkve4p12fO4Q.roa (raw, json)
Hash identifier: GRjUnMlPzNmUQBG6ImamY6tlaL6IMxCT80/ZoNjlsxs=
Subject key identifier: 9A:6F:76:33:99:0D:2A:EE:6C:C5:A4:EF:92:F7:B8:A7:5D:9F:3B:84
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01842D5C8FF58E7DDEC6C239329E57B11FA3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mm92M5kNKu5sxaTvkve4p12fO4Q.roa
Signing time: Mon 31 Oct 2022 09:25:51 +0000
ROA not before: Mon 31 Oct 2022 09:25:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.210.0/24 maxlen: 24
163.5.222.0/24 maxlen: 24
163.5.230.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:5c:8f:f5:8e:7d:de:c6:c2:39:32:9e:57:b1:1f:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 31 09:25:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a6f7633990d2aee6cc5a4ef92f7b8a75d9f3b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1c:18:a1:87:c9:a6:1c:70:0a:79:1d:db:aa:
66:67:e6:75:79:56:3d:e5:a3:c6:55:9d:30:56:5c:
8a:ee:2e:0d:49:d4:72:1d:56:55:00:f9:64:4c:c4:
c7:53:4b:89:96:37:09:23:7e:47:11:bf:5e:be:f9:
95:6d:ea:05:8a:93:ec:4c:82:a3:d6:da:de:ca:e5:
ae:d0:7e:f3:81:fe:ed:9d:26:b1:6c:f6:64:c1:9e:
55:dd:c4:9a:d0:34:64:f1:2c:7c:9f:34:1b:cc:d0:
90:ec:6b:36:3d:5f:b4:2f:72:f9:ed:37:c8:fb:19:
35:72:dd:fa:b0:08:fb:22:ba:a8:10:ca:5d:37:31:
6a:4c:8c:ab:ce:26:bf:7a:0d:4b:6b:36:30:bd:e0:
4a:02:0c:bc:23:17:e3:3d:e2:a8:97:f9:61:0e:ad:
32:47:41:07:fe:5c:10:04:f2:94:a6:5d:c3:7f:62:
fc:a5:10:5c:57:7c:b1:ac:52:8c:67:5e:af:c7:fa:
57:8b:5d:46:88:79:38:e6:2a:1d:95:d4:bc:bc:19:
53:a0:49:0b:b4:d9:fb:3a:00:85:e7:8b:ea:64:d1:
10:c2:29:5f:4f:35:f6:1d:55:ce:ff:3d:04:7b:ca:
d4:55:cc:51:ed:0e:29:78:d6:aa:08:d1:cc:f4:34:
26:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:6F:76:33:99:0D:2A:EE:6C:C5:A4:EF:92:F7:B8:A7:5D:9F:3B:84
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mm92M5kNKu5sxaTvkve4p12fO4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.35.0/24
163.5.138.0/24
163.5.161.0/24
163.5.210.0/24
163.5.222.0/24
163.5.230.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:9c:de:86:7a:69:d7:40:09:e7:42:64:c1:e8:ed:a2:36:0b:
61:09:e4:e3:56:5d:21:e3:4b:40:64:6d:f9:b8:9e:58:5c:b1:
f0:a6:d5:00:cb:5b:19:bf:eb:ac:da:f6:38:df:14:28:4d:fc:
2e:ff:18:8c:51:5d:17:b8:d9:88:00:b2:15:0b:1b:8c:4d:48:
20:a9:95:c0:5a:05:8a:3e:48:d7:f2:23:a3:1e:92:98:75:51:
83:c0:38:8c:a2:c2:68:41:7d:45:1c:18:d2:ed:24:c8:9f:f2:
29:88:d0:8c:fa:2f:2c:52:20:d3:e9:55:c5:3b:91:c7:77:f6:
c3:38:01:ce:24:2d:7f:c4:39:ac:85:55:17:1a:d3:2d:f2:a6:
3a:0b:b4:23:16:c6:e2:e1:91:00:31:54:7b:41:97:0d:ef:c1:
b1:17:39:96:83:60:d5:dd:e3:dd:92:8e:35:74:98:35:66:9b:
4e:0d:2b:58:91:67:ed:75:33:d1:69:d8:cf:95:50:cf:af:c1:
cf:bb:b0:bf:a3:b8:ec:db:28:43:7c:11:dd:c5:28:9d:0f:c7:
5b:62:a7:9c:ed:49:f9:8e:0b:7f:52:ba:bf:d8:8b:4f:7b:47:
e8:59:cc:59:d0:6f:be:48:6e:66:5c:7e:df:f9:89:08:df:bf:
50:e0:50:c8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYQtXI/1jn3exsI5Mp5XsR+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDMxMDkyNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTZmNzYzMzk5MGQyYWVlNmNjNWE0ZWY5MmY3YjhhNzVkOWYzYjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRwYoYfJphxwCnkd26pmZ+Z1eVY9
5aPGVZ0wVlyK7i4NSdRyHVZVAPlkTMTHU0uJljcJI35HEb9evvmVbeoFipPsTIKj
1treyuWu0H7zgf7tnSaxbPZkwZ5V3cSa0DRk8Sx8nzQbzNCQ7Gs2PV+0L3L57TfI
+xk1ct36sAj7IrqoEMpdNzFqTIyrzia/eg1LazYwveBKAgy8IxfjPeKol/lhDq0y
R0EH/lwQBPKUpl3Df2L8pRBcV3yxrFKMZ16vx/pXi11GiHk45iodldS8vBlToEkL
tNn7OgCF54vqZNEQwilfTzX2HVXO/z0Ee8rUVcxR7Q4peNaqCNHM9DQmsQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJpvdjOZDSrubMWk75L3uKddnzuEMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbW05Mk01a05LdTVzeGFUdmt2ZTRwMTJmTzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowUjAwQA
owWKAwQAowWhAwQAowXSAwQAowXeAwQAowXmAwQAowX4MA0GCSqGSIb3DQEBCwUA
A4IBAQAvnN6GemnXQAnnQmTB6O2iNgthCeTjVl0h40tAZG35uJ5YXLHwptUAy1sZ
v+us2vY43xQoTfwu/xiMUV0XuNmIALIVCxuMTUggqZXAWgWKPkjX8iOjHpKYdVGD
wDiMosJoQX1FHBjS7STIn/IpiNCM+i8sUiDT6VXFO5HHd/bDOAHOJC1/xDmshVUX
GtMt8qY6C7QjFsbi4ZEAMVR7QZcN78GxFzmWg2DV3ePdko41dJg1ZptODStYkWft
dTPRadjPlVDPr8HPu7C/o7js2yhDfBHdxSidD8dbYqec7Un5jgt/Urq/2ItPe0fo
WcxZ0G++SG5mXH7f+YkI379Q4FDI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org