Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rUJPG2zO4BuA-A4ek3uBLgeWaQU.roa
File: rUJPG2zO4BuA-A4ek3uBLgeWaQU.roa (raw, json)
Hash identifier: H6rxNiRAH3NFZboCxnNiMKzgtMDt6H97d3QsSK1yQSg=
Subject key identifier: AD:42:4F:1B:6C:CE:E0:1B:80:F8:0E:1E:93:7B:81:2E:07:96:69:05
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01835F29124D702B7A79FB3262BE9D5B0350
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rUJPG2zO4BuA-A4ek3uBLgeWaQU.roa
Signing time: Wed 21 Sep 2022 08:27:50 +0000
ROA not before: Wed 21 Sep 2022 08:27:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 163.5.112.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.236.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5f:29:12:4d:70:2b:7a:79:fb:32:62:be:9d:5b:03:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 21 08:27:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad424f1b6ccee01b80f80e1e937b812e07966905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:53:4a:0e:35:67:47:e0:08:7b:ca:86:2e:9c:
dd:43:24:5e:f9:52:8c:f8:f0:b3:5a:3f:94:54:12:
23:2a:16:65:ba:91:b4:6e:be:07:5e:4e:c7:17:77:
18:64:ce:fb:23:77:1b:ec:fc:b0:2d:e3:4d:af:5e:
d5:b4:0a:a0:76:78:b9:3b:8b:b5:30:83:40:5d:ac:
2d:63:23:ac:25:fe:88:f8:e0:c6:51:8d:6d:51:9c:
d2:84:65:ea:88:ac:fd:b1:b9:8f:0f:15:db:5f:b2:
22:5a:c9:93:d0:5b:59:b9:6f:c0:f1:64:20:44:b4:
75:7b:8b:71:0e:a1:0b:0f:da:26:4a:84:a0:cd:52:
b1:ba:da:31:1a:75:5e:3d:3d:45:58:81:76:be:d0:
33:05:2e:55:20:b7:9b:87:de:70:f4:51:39:ad:33:
f3:1c:3f:58:66:13:fe:1b:e0:00:58:af:7a:fa:00:
04:67:3e:c4:63:9b:32:2c:ae:1c:b8:77:b3:45:ef:
71:54:eb:7a:01:5c:1c:e2:ee:b7:50:7e:d0:51:f1:
9d:1b:94:59:ef:04:ee:99:c5:dc:f9:2b:4f:92:bd:
72:ba:46:13:7a:37:40:ff:cc:be:e4:98:0c:20:64:
eb:12:5c:0f:12:db:d4:89:ef:a5:d6:2d:6a:c5:56:
97:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:42:4F:1B:6C:CE:E0:1B:80:F8:0E:1E:93:7B:81:2E:07:96:69:05
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rUJPG2zO4BuA-A4ek3uBLgeWaQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.112.0/24
163.5.130.0/24
163.5.140.0-163.5.142.255
163.5.236.0/24
163.5.247.0/24
Signature Algorithm: sha256WithRSAEncryption
36:ca:71:2d:0b:62:2e:db:60:16:12:23:72:20:9e:ec:bd:d2:
7e:b7:98:21:72:a1:df:60:92:7d:ae:fc:c2:dc:fd:2f:3b:29:
83:43:a3:e5:3d:d4:b2:d4:13:3a:73:20:d2:b9:b9:8d:35:62:
50:3c:7c:ba:13:f0:c2:88:0e:98:59:4e:61:3f:2b:a6:c5:1f:
f7:06:33:c8:41:77:a3:7a:39:23:e0:04:d8:6d:af:d6:25:b1:
d3:2e:d5:87:90:df:91:6b:36:91:6d:e0:fe:49:85:fe:b7:8a:
18:ac:07:6b:46:b3:45:12:84:9f:8c:46:76:d5:12:e2:d4:c5:
0c:0c:da:1d:15:55:70:f6:ee:57:8e:d5:fd:29:fb:92:aa:fb:
90:06:28:d4:22:dd:18:10:23:eb:2b:3e:d3:75:0b:c2:7b:4e:
09:8f:d3:59:d0:cf:5f:95:28:a1:4e:f7:71:8a:69:91:6e:1d:
f3:c4:f5:2d:0f:50:e5:f2:6a:14:87:5a:92:b5:80:5c:10:fd:
cd:2f:a1:d9:f6:b7:ad:68:51:8c:0d:69:58:ed:7e:7d:56:bc:
cc:4d:eb:2d:b7:f2:ac:0a:d9:57:56:0d:ca:79:6f:a3:ef:2a:
a5:8a:cb:f7:79:c9:c1:96:4d:8a:b9:58:f7:84:ba:8b:82:f1:
9c:8d:c5:6a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYNfKRJNcCt6efsyYr6dWwNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTIxMDgyNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDQyNGYxYjZjY2VlMDFiODBmODBlMWU5MzdiODEyZTA3OTY2OTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFNKDjVnR+AIe8qGLpzdQyRe+VKM
+PCzWj+UVBIjKhZlupG0br4HXk7HF3cYZM77I3cb7PywLeNNr17VtAqgdni5O4u1
MINAXawtYyOsJf6I+ODGUY1tUZzShGXqiKz9sbmPDxXbX7IiWsmT0FtZuW/A8WQg
RLR1e4txDqELD9omSoSgzVKxutoxGnVePT1FWIF2vtAzBS5VILebh95w9FE5rTPz
HD9YZhP+G+AAWK96+gAEZz7EY5syLK4cuHezRe9xVOt6AVwc4u63UH7QUfGdG5RZ
7wTumcXc+StPkr1yukYTejdA/8y+5JgMIGTrElwPEtvUie+l1i1qxVaXeQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFK1CTxtszuAbgPgOHpN7gS4HlmkFMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvclVKUEcyek80QnVBLUE0ZWszdUJMZ2VXYVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowVwAwQA
owWCMAwDBAKjBYwDBACjBY4DBACjBewDBACjBfcwDQYJKoZIhvcNAQELBQADggEB
ADbKcS0LYi7bYBYSI3Ignuy90n63mCFyod9gkn2u/MLc/S87KYNDo+U91LLUEzpz
INK5uY01YlA8fLoT8MKIDphZTmE/K6bFH/cGM8hBd6N6OSPgBNhtr9YlsdMu1YeQ
35FrNpFt4P5Jhf63ihisB2tGs0UShJ+MRnbVEuLUxQwM2h0VVXD27leO1f0p+5Kq
+5AGKNQi3RgQI+srPtN1C8J7TgmP01nQz1+VKKFO93GKaZFuHfPE9S0PUOXyahSH
WpK1gFwQ/c0vodn2t61oUYwNaVjtfn1WvMxN6y238qwK2VdWDcp5b6PvKqWKy/d5
ycGWTYq5WPeEuouC8ZyNxWo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org