Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/n1c0XFwOy7DbAjaYUmQut1-qGOI.roa
File: n1c0XFwOy7DbAjaYUmQut1-qGOI.roa (raw, json)
Hash identifier: Epl1+c2t83s4gfIa4SG/Kw2Rxb+ei3SqvIUWfI/2mLc=
Subject key identifier: 9F:57:34:5C:5C:0E:CB:B0:DB:02:36:98:52:64:2E:B7:5F:AA:18:E2
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184C2F4E897D006B331554BDC1B0476A078
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/n1c0XFwOy7DbAjaYUmQut1-qGOI.roa
Signing time: Tue 29 Nov 2022 10:35:40 +0000
ROA not before: Tue 29 Nov 2022 10:35:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 163.5.79.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:f4:e8:97:d0:06:b3:31:55:4b:dc:1b:04:76:a0:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 29 10:35:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f57345c5c0ecbb0db02369852642eb75faa18e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0f:84:90:16:ee:02:e4:c5:3d:ab:9b:2f:bd:
ad:f0:5b:4d:12:4c:f4:de:02:86:8b:4e:ed:e8:d9:
cc:74:49:9c:d1:76:6a:bf:43:34:3f:34:6c:7a:11:
c9:07:67:fe:c5:bd:be:be:fc:e6:73:6d:61:a0:86:
b4:fb:41:b9:cf:18:a5:95:38:35:7a:bb:7d:d3:de:
a9:3a:f6:0f:fe:b5:2d:5a:17:5d:50:80:d9:11:d6:
30:0e:7f:38:c5:4b:11:d8:92:27:0c:bd:b6:99:d4:
01:85:7d:c4:fd:be:f0:40:e7:25:96:15:16:3f:1b:
f4:7f:ac:d8:c1:c8:19:5e:86:5f:d2:d0:ff:4f:6a:
8e:58:c5:0b:8d:ef:85:c8:e3:21:50:1c:de:a8:ee:
58:f3:94:ba:ec:0c:b6:71:b8:3e:57:f1:28:03:e7:
5d:a4:29:55:56:53:85:fe:9f:b1:f7:e1:65:c0:1a:
ad:0b:5b:f4:19:47:a9:0a:ba:47:d4:13:15:14:53:
f4:df:1d:29:4b:f3:37:ae:f0:40:e0:72:0a:55:c5:
00:9a:f0:0d:ee:23:89:ac:61:37:02:de:f4:03:0f:
79:cf:0f:8b:2c:36:54:87:0e:80:20:4b:2d:b8:2b:
4f:dc:c4:8d:57:c6:4e:63:5b:a5:2e:55:81:c5:aa:
73:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:57:34:5C:5C:0E:CB:B0:DB:02:36:98:52:64:2E:B7:5F:AA:18:E2
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/n1c0XFwOy7DbAjaYUmQut1-qGOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.79.0/24
163.5.112.0/24
163.5.134.0/24
163.5.220.0/24
Signature Algorithm: sha256WithRSAEncryption
03:35:2b:1c:eb:83:0c:6b:f2:14:68:6b:72:41:50:93:3e:1c:
ae:3b:af:6c:fa:bb:8b:ad:14:70:07:ea:4f:77:44:20:4f:61:
99:98:c4:59:eb:ee:54:06:9c:53:1b:de:4e:cc:56:89:f0:4b:
7d:09:2a:39:0e:c7:80:e3:19:3f:bd:99:91:69:33:0f:19:62:
f1:9d:d6:84:5e:c8:21:a4:b6:e3:28:f8:06:41:2e:7a:2e:8a:
a2:df:35:7f:41:be:f5:33:31:fc:77:f5:b6:86:56:49:3a:64:
0b:ca:a6:7f:b9:b6:7c:b2:52:52:5c:fc:df:2d:f9:25:a2:15:
b5:c0:05:7a:b5:37:ec:05:9e:ae:67:71:89:d7:d4:65:ef:f1:
45:24:08:ef:87:73:0a:9a:34:7d:9f:66:3b:16:f5:d1:22:ff:
df:72:b9:73:8a:b0:01:73:9f:d0:ee:7e:6d:d4:69:f5:7c:50:
ac:66:25:2f:d0:58:03:69:88:87:f5:9c:8b:26:15:30:36:3a:
f5:be:4f:99:38:21:ff:e2:2f:b3:51:47:e0:a1:7a:0e:20:f0:
8e:b9:b1:3d:f3:da:c5:e8:12:1b:06:51:46:b3:d2:1c:6f:b9:
5e:e5:f8:41:eb:3f:4b:c5:9b:53:ac:64:12:c6:95:4a:34:29:
20:bc:2f:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTC9OiX0AazMVVL3BsEdqB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTI5MTAzNTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjU3MzQ1YzVjMGVjYmIwZGIwMjM2OTg1MjY0MmViNzVmYWExOGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiw+EkBbuAuTFPaubL72t8FtNEkz0
3gKGi07t6NnMdEmc0XZqv0M0PzRsehHJB2f+xb2+vvzmc21hoIa0+0G5zxillTg1
ert9096pOvYP/rUtWhddUIDZEdYwDn84xUsR2JInDL22mdQBhX3E/b7wQOcllhUW
Pxv0f6zYwcgZXoZf0tD/T2qOWMULje+FyOMhUBzeqO5Y85S67Ay2cbg+V/EoA+dd
pClVVlOF/p+x9+FlwBqtC1v0GUepCrpH1BMVFFP03x0pS/M3rvBA4HIKVcUAmvAN
7iOJrGE3At70Aw95zw+LLDZUhw6AIEstuCtP3MSNV8ZOY1ulLlWBxapzaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ9XNFxcDsuw2wI2mFJkLrdfqhjiMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbjFjMFhGd095N0RiQWphWVVtUXV0MS1xR09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVPAwQA
owVwAwQAowWGAwQAowXcMA0GCSqGSIb3DQEBCwUAA4IBAQADNSsc64MMa/IUaGty
QVCTPhyuO69s+ruLrRRwB+pPd0QgT2GZmMRZ6+5UBpxTG95OzFaJ8Et9CSo5DseA
4xk/vZmRaTMPGWLxndaEXsghpLbjKPgGQS56Loqi3zV/Qb71MzH8d/W2hlZJOmQL
yqZ/ubZ8slJSXPzfLfklohW1wAV6tTfsBZ6uZ3GJ19Rl7/FFJAjvh3MKmjR9n2Y7
FvXRIv/fcrlzirABc5/Q7n5t1Gn1fFCsZiUv0FgDaYiH9ZyLJhUwNjr1vk+ZOCH/
4i+zUUfgoXoOIPCOubE989rF6BIbBlFGs9Icb7le5fhB6z9LxZtTrGQSxpVKNCkg
vC91
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:22 2023 by rpki-client on console-fra.rpki-client.org