Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rOihJdjL8bKtqfWaOc32dCmk_jc.roa
File: rOihJdjL8bKtqfWaOc32dCmk_jc.roa (raw, json)
Hash identifier: lRtDnS1CYHjS/w6ldYpisFl/Mir/oMga6DT7GPO7ZZ4=
Subject key identifier: AC:E8:A1:25:D8:CB:F1:B2:AD:A9:F5:9A:39:CD:F6:74:29:A4:FE:37
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184754BAB62078F6616EDDF6143D04D4B03
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rOihJdjL8bKtqfWaOc32dCmk_jc.roa
Signing time: Mon 14 Nov 2022 08:40:04 +0000
ROA not before: Mon 14 Nov 2022 08:40:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396356
IP address blocks: 163.5.70.0/24 maxlen: 24
163.5.74.0/24 maxlen: 24
163.5.76.0/24 maxlen: 24
163.5.72.0/24 maxlen: 24
163.5.78.0/24 maxlen: 24
163.5.75.0/24 maxlen: 24
163.5.77.0/24 maxlen: 24
163.5.98.0/24 maxlen: 24
163.5.96.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
163.5.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:4b:ab:62:07:8f:66:16:ed:df:61:43:d0:4d:4b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 14 08:40:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ace8a125d8cbf1b2ada9f59a39cdf67429a4fe37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d3:84:ec:f7:b4:ea:e4:be:98:76:3b:84:a5:
e4:e9:c9:e2:b8:b8:c8:a0:e4:92:08:51:23:fb:cd:
e2:66:82:06:b0:e1:db:45:d7:ca:53:2a:01:45:d0:
cc:dd:dd:7f:41:55:5a:5b:58:f7:51:98:88:96:d3:
a3:9c:c4:47:6d:cb:dc:d4:c0:5f:52:22:a2:c6:c9:
55:cb:4a:ab:6a:ad:17:b8:37:56:c4:92:3e:b8:72:
8d:ea:b1:09:42:6a:89:5c:f8:e9:ab:18:a1:d8:dd:
52:38:5c:b7:16:6a:e9:9e:e6:79:75:ee:45:a4:98:
7e:30:4d:89:21:b0:2d:f5:d9:3b:1a:70:4a:69:48:
bb:13:45:2d:ea:64:0c:dd:d1:41:0f:89:80:0d:d8:
ea:5f:13:33:a7:3c:cd:ed:dd:10:27:9e:60:7a:48:
21:da:76:a7:e9:03:7b:57:bf:72:b9:b7:64:70:6b:
91:cf:bd:28:6f:85:15:7b:57:bb:5d:ec:19:b0:a4:
2e:c9:37:f7:02:49:af:9e:0c:ec:a5:d3:bc:ad:9c:
c3:7d:37:0f:25:fc:9a:b0:f1:29:f8:86:bc:a0:e3:
34:93:1c:db:f3:18:78:82:5f:ae:b9:3b:4a:d6:b0:
9b:ba:ba:8e:cb:33:56:ef:1c:b3:20:56:cb:29:bc:
b2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E8:A1:25:D8:CB:F1:B2:AD:A9:F5:9A:39:CD:F6:74:29:A4:FE:37
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rOihJdjL8bKtqfWaOc32dCmk_jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.70.0/24
163.5.72.0/24
163.5.74.0-163.5.78.255
163.5.92.0/23
163.5.96.0/24
163.5.98.0/24
163.5.243.0/24
163.5.245.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:33:c1:bc:54:6c:8e:c9:3d:ad:89:b4:4e:f6:b6:8a:47:61:
da:74:47:7e:9c:46:44:e1:61:1d:ec:10:5d:a6:1e:29:8b:3a:
7b:c6:8b:3e:ff:63:62:d8:dc:6a:c0:e7:b9:66:e1:ce:59:26:
de:18:cb:90:0f:51:22:31:28:a3:c5:36:6f:56:01:ed:36:58:
74:7f:99:4e:44:f1:3f:a0:43:c6:5a:b0:11:bb:cd:45:74:7f:
44:38:a8:23:c4:9d:63:f2:21:ea:f0:a5:60:cb:b7:2a:d1:64:
b6:40:24:36:9e:24:48:6f:c8:72:a4:09:a4:e4:1d:5b:43:57:
0a:ec:90:c2:9e:f0:66:e5:e8:78:1e:9d:be:35:74:ab:43:d4:
6a:4b:75:fb:20:f1:46:c6:df:84:96:ba:b7:f4:78:02:8d:34:
1b:3d:9a:0f:bc:ef:17:44:fb:77:5f:c3:14:0a:fe:c1:3e:bf:
7c:e5:af:5f:32:f6:6c:c6:81:a5:10:10:c4:2c:99:4a:92:f4:
06:bf:c6:6f:dc:5e:f2:f5:91:5b:81:a4:a1:0a:9c:9b:f0:44:
72:e2:68:a2:a3:45:d7:e5:49:0e:e9:30:8c:65:ae:68:ec:98:
a1:37:c1:69:0d:53:14:89:ce:d3:2b:26:8b:91:3c:fd:f3:7f:
f3:04:5b:ca
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYR1S6tiB49mFu3fYUPQTUsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTE0MDg0MDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2U4YTEyNWQ4Y2JmMWIyYWRhOWY1OWEzOWNkZjY3NDI5YTRmZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9OE7Pe06uS+mHY7hKXk6cniuLjI
oOSSCFEj+83iZoIGsOHbRdfKUyoBRdDM3d1/QVVaW1j3UZiIltOjnMRHbcvc1MBf
UiKixslVy0qraq0XuDdWxJI+uHKN6rEJQmqJXPjpqxih2N1SOFy3FmrpnuZ5de5F
pJh+ME2JIbAt9dk7GnBKaUi7E0Ut6mQM3dFBD4mADdjqXxMzpzzN7d0QJ55gekgh
2nan6QN7V79yubdkcGuRz70ob4UVe1e7XewZsKQuyTf3AkmvngzspdO8rZzDfTcP
JfyasPEp+Ia8oOM0kxzb8xh4gl+uuTtK1rCburqOyzNW7xyzIFbLKbyyoQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFKzooSXYy/Gyran1mjnN9nQppP43MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvck9paEpkakw4Ykt0cWZXYU9jMzJkQ21rX2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAowVGAwQA
owVIMAwDBAGjBUoDBACjBU4DBAGjBVwDBACjBWADBACjBWIDBACjBfMDBACjBfUw
DQYJKoZIhvcNAQELBQADggEBAKkzwbxUbI7JPa2JtE72topHYdp0R36cRkThYR3s
EF2mHimLOnvGiz7/Y2LY3GrA57lm4c5ZJt4Yy5APUSIxKKPFNm9WAe02WHR/mU5E
8T+gQ8ZasBG7zUV0f0Q4qCPEnWPyIerwpWDLtyrRZLZAJDaeJEhvyHKkCaTkHVtD
VwrskMKe8Gbl6Hgenb41dKtD1GpLdfsg8UbG34SWurf0eAKNNBs9mg+87xdE+3df
wxQK/sE+v3zlr18y9mzGgaUQEMQsmUqS9Aa/xm/cXvL1kVuBpKEKnJvwRHLiaKKj
RdflSQ7pMIxlrmjsmKE3wWkNUxSJztMrJouRPP3zf/MEW8o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org