Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nTuArIdxS-pOvZOTJyfkTHVUnLQ.roa
File: nTuArIdxS-pOvZOTJyfkTHVUnLQ.roa (raw, json)
Hash identifier: EhQ73Tjb/Z2Bs89iKLNfqfemcTFBe3ovQwlY8rSsfmc=
Subject key identifier: 9D:3B:80:AC:87:71:4B:EA:4E:BD:93:93:27:27:E4:4C:75:54:9C:B4
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01850FF1F2B05A1B31A81B4FEC1F8CA9D58C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nTuArIdxS-pOvZOTJyfkTHVUnLQ.roa
Signing time: Wed 14 Dec 2022 09:23:12 +0000
ROA not before: Wed 14 Dec 2022 09:23:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.107.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.230.0/24 maxlen: 24
163.5.239.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.210.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.222.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:f1:f2:b0:5a:1b:31:a8:1b:4f:ec:1f:8c:a9:d5:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 14 09:23:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d3b80ac87714bea4ebd93932727e44c75549cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:37:54:7b:62:61:03:e8:7f:69:b4:2b:d8:10:
49:a6:f8:c1:d3:f2:0d:bf:e2:38:1c:3f:57:c7:95:
74:b7:b8:13:73:f9:e1:3e:be:09:19:e6:ce:e1:65:
5e:09:50:92:6e:11:c3:b2:d8:bc:79:de:7c:d6:23:
66:16:97:45:a5:93:7e:db:24:fe:8e:75:30:32:53:
e0:be:c6:aa:59:4c:78:88:6e:47:75:2c:72:c7:8a:
d6:df:ed:8a:96:6f:65:18:53:12:b8:63:6f:17:90:
7e:fe:dc:b6:f4:dd:c9:56:9c:2a:d9:da:6b:00:4e:
87:f6:99:aa:bf:4f:e0:53:bf:d9:8f:a3:b0:3c:c9:
ff:01:98:c9:11:80:ca:ce:01:7a:d5:1d:bd:20:81:
32:3a:5e:ca:d5:2b:ab:1f:ef:0d:c7:44:c4:b0:a7:
f0:1d:47:db:6c:24:ac:99:61:e9:6e:f6:f2:a5:69:
d8:d4:65:98:1b:09:e1:4b:ea:ec:cd:d7:06:b3:46:
06:14:1c:c8:f2:e6:28:a6:0a:1a:1a:c4:7e:1a:15:
d2:b2:93:68:64:e5:24:a7:f5:11:d2:e6:f5:4e:b6:
01:3e:4a:81:8b:93:9e:79:a2:41:9e:b4:d4:5e:07:
d7:00:b0:6d:38:cf:7d:88:34:92:55:a2:79:1c:76:
a0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3B:80:AC:87:71:4B:EA:4E:BD:93:93:27:27:E4:4C:75:54:9C:B4
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nTuArIdxS-pOvZOTJyfkTHVUnLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.35.0/24
163.5.107.0/24
163.5.127.0/24
163.5.138.0/24
163.5.161.0/24
163.5.166.0/24
163.5.202.0/24
163.5.210.0/23
163.5.222.0/24
163.5.226.0/23
163.5.230.0/24
163.5.239.0-163.5.241.255
163.5.244.0/24
163.5.246.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
84:5a:a4:bd:d1:bc:84:59:5e:8b:d5:58:78:f4:e6:ec:9c:9c:
0e:4a:6b:3a:3d:5c:3b:cc:72:7b:0a:30:6b:2e:c0:40:b6:b4:
4f:9d:47:52:35:3f:65:d6:e4:7f:97:5c:f8:ac:67:a6:1d:1f:
9c:dc:06:c6:65:a9:73:05:35:41:00:52:75:eb:e0:53:9c:f0:
8e:4c:a4:2d:6c:d0:f9:eb:d9:a4:d0:bf:3c:b8:5b:80:88:b6:
e3:77:fb:d0:0c:e0:0d:04:42:12:9e:9f:08:9a:ac:be:89:ef:
20:5d:36:ef:3d:6f:bd:cc:ac:30:5f:fc:d8:51:74:91:86:d1:
dc:c4:d5:8e:da:9d:65:0e:3d:58:28:4a:1d:36:ec:81:53:65:
47:78:f2:76:bc:43:81:76:b0:0c:f2:34:01:f4:d6:ba:43:31:
d6:1f:80:40:ed:8e:f6:15:58:01:df:f5:0e:b8:e4:88:a4:26:
63:1b:01:b2:42:1e:92:d8:73:33:75:39:ab:8c:81:a3:e8:d1:
15:41:63:e8:35:56:18:64:5c:f0:15:f9:22:bc:a8:7b:df:73:
5b:1f:6a:6b:7c:91:eb:75:07:16:c8:d2:be:f5:59:6b:0d:64:
d0:9e:85:cd:7e:63:e9:1c:07:a7:db:f9:94:93:23:c9:79:4e:
40:dd:86:a1
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYUP8fKwWhsxqBtP7B+MqdWMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjE0MDkyMzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNiODBhYzg3NzE0YmVhNGViZDkzOTMyNzI3ZTQ0Yzc1NTQ5Y2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TdUe2JhA+h/abQr2BBJpvjB0/IN
v+I4HD9Xx5V0t7gTc/nhPr4JGebO4WVeCVCSbhHDsti8ed581iNmFpdFpZN+2yT+
jnUwMlPgvsaqWUx4iG5HdSxyx4rW3+2Klm9lGFMSuGNvF5B+/ty29N3JVpwq2dpr
AE6H9pmqv0/gU7/Zj6OwPMn/AZjJEYDKzgF61R29IIEyOl7K1SurH+8Nx0TEsKfw
HUfbbCSsmWHpbvbypWnY1GWYGwnhS+rszdcGs0YGFBzI8uYopgoaGsR+GhXSspNo
ZOUkp/UR0ub1TrYBPkqBi5OeeaJBnrTUXgfXALBtOM99iDSSVaJ5HHagAwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJ07gKyHcUvqTr2Tkycn5Ex1VJy0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvblR1QXJJZHhTLXBPdlpPVEp5ZmtUSFZVbkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAowUjAwQA
owVrAwQAowV/AwQAowWKAwQAowWhAwQAowWmAwQAowXKAwQBowXSAwQAowXeAwQB
owXiAwQAowXmMAwDBACjBe8DBAGjBfADBACjBfQDBACjBfYDBACjBfgwDQYJKoZI
hvcNAQELBQADggEBAIRapL3RvIRZXovVWHj05uycnA5Kazo9XDvMcnsKMGsuwEC2
tE+dR1I1P2XW5H+XXPisZ6YdH5zcBsZlqXMFNUEAUnXr4FOc8I5MpC1s0Pnr2aTQ
vzy4W4CItuN3+9AM4A0EQhKenwiarL6J7yBdNu89b73MrDBf/NhRdJGG0dzE1Y7a
nWUOPVgoSh027IFTZUd48na8Q4F2sAzyNAH01rpDMdYfgEDtjvYVWAHf9Q645Iik
JmMbAbJCHpLYczN1OauMgaPo0RVBY+g1VhhkXPAV+SK8qHvfc1sfamt8ket1BxbI
0r71WWsNZNCehc1+Y+kcB6fb+ZSTI8l5TkDdhqE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org