Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sMemLNyl5lo0uhQFhGsuq2FtKRU.roa
File: sMemLNyl5lo0uhQFhGsuq2FtKRU.roa (raw, json)
Hash identifier: 3hSfKNSc7jlY5kBP07cxX0d0KwBz2V6ldQIpO3RG4uk=
Subject key identifier: B0:C7:A6:2C:DC:A5:E6:5A:34:BA:14:05:84:6B:2E:AB:61:6D:29:15
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01826D4E48AE7FF5E3DA2F3330F634731106
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sMemLNyl5lo0uhQFhGsuq2FtKRU.roa
Signing time: Fri 05 Aug 2022 09:20:23 +0000
ROA not before: Fri 05 Aug 2022 09:20:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 163.5.196.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.198.0/24 maxlen: 24
163.5.197.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6d:4e:48:ae:7f:f5:e3:da:2f:33:30:f6:34:73:11:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 5 09:20:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0c7a62cdca5e65a34ba1405846b2eab616d2915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a4:7d:2f:7e:a5:de:a7:2f:ab:b0:8e:0c:23:
5f:a1:85:23:0b:5a:8c:06:17:1f:7a:01:34:87:4d:
06:e6:b3:98:6b:fe:ac:b1:ee:6e:8a:bc:49:82:fe:
f7:4e:2b:7b:41:0b:3f:cf:e8:4b:94:3c:38:98:b7:
82:a4:92:a1:d4:be:55:9b:38:4c:f8:e5:4a:95:30:
5f:19:04:31:59:9b:21:b6:28:b1:85:e5:cb:ab:94:
36:9d:61:18:50:6a:2b:b1:0e:60:eb:b1:5e:e0:53:
2e:e7:ee:dc:f5:17:85:90:c1:ff:7c:a7:9c:3d:75:
9d:cd:b3:10:3c:71:f6:11:1c:73:c4:9c:ca:95:64:
ed:d4:7e:5f:29:de:8e:aa:47:59:e3:b8:4b:3c:3a:
eb:0d:50:0d:73:87:a6:8a:74:da:a1:1a:b1:9c:d8:
a0:ea:0a:0e:08:5d:b0:65:bc:48:62:5d:c5:63:c9:
dc:29:23:57:22:54:5b:37:52:05:bd:49:46:44:c2:
93:6e:55:25:34:2b:1c:f5:92:f9:60:17:6e:f2:3c:
33:9a:2e:12:4d:6a:d8:f2:c8:b0:4c:97:f3:08:9e:
f9:c4:f4:cc:b0:6a:86:c3:d9:23:86:57:cb:4b:46:
22:f1:b9:f8:1f:05:4c:69:19:a3:39:1e:7f:ec:e6:
78:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C7:A6:2C:DC:A5:E6:5A:34:BA:14:05:84:6B:2E:AB:61:6D:29:15
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sMemLNyl5lo0uhQFhGsuq2FtKRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.194.0-163.5.199.255
Signature Algorithm: sha256WithRSAEncryption
15:b4:45:50:fc:d9:51:cf:49:69:24:6e:0c:c9:55:6a:50:49:
10:7a:50:eb:26:52:d6:c4:7f:d4:df:65:1f:ef:bc:66:0d:e3:
fe:af:d1:38:2f:63:9f:46:f2:6c:05:1a:12:18:83:58:47:a0:
09:50:12:9b:4a:fd:83:29:7e:fd:c1:4e:fa:37:fb:df:70:cd:
67:a6:23:61:f4:e1:e5:fc:74:1e:f7:a9:ce:28:bf:f9:17:7a:
52:7a:07:52:4a:ef:75:18:54:c0:4e:1c:2d:72:3f:ac:c6:d5:
aa:51:77:17:41:3f:f3:5d:fe:d7:65:4f:65:d5:a7:d2:ad:c6:
39:a6:8d:11:c5:1c:90:94:46:77:88:65:1e:59:3f:d6:17:37:
db:6d:4a:01:ae:51:58:80:ec:92:99:f2:c7:92:33:21:a3:66:
e1:47:8e:a2:f3:b7:c3:71:98:a6:ab:5c:33:38:ba:62:69:3c:
32:80:79:d8:4a:fd:3f:d1:ea:a1:1a:92:93:bc:b7:4b:c6:9c:
b1:ff:bb:91:9d:1e:b4:e0:30:c2:fc:88:62:90:00:20:53:50:
84:42:38:72:5e:42:08:b5:9e:e5:e6:4e:10:0e:77:79:f1:e1:
4b:7b:2d:d0:bf:f3:78:51:52:db:74:dd:ed:8d:ff:7f:8c:a1:
3d:4d:99:bb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYJtTkiuf/Xj2i8zMPY0cxEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODA1MDkyMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGM3YTYyY2RjYTVlNjVhMzRiYTE0MDU4NDZiMmVhYjYxNmQyOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqR9L36l3qcvq7CODCNfoYUjC1qM
BhcfegE0h00G5rOYa/6sse5uirxJgv73Tit7QQs/z+hLlDw4mLeCpJKh1L5VmzhM
+OVKlTBfGQQxWZshtiixheXLq5Q2nWEYUGorsQ5g67Fe4FMu5+7c9ReFkMH/fKec
PXWdzbMQPHH2ERxzxJzKlWTt1H5fKd6OqkdZ47hLPDrrDVANc4eminTaoRqxnNig
6goOCF2wZbxIYl3FY8ncKSNXIlRbN1IFvUlGRMKTblUlNCsc9ZL5YBdu8jwzmi4S
TWrY8siwTJfzCJ75xPTMsGqGw9kjhlfLS0Yi8bn4HwVMaRmjOR5/7OZ4BwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLDHpizcpeZaNLoUBYRrLqthbSkVMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvc01lbUxOeWw1bG8wdWhRRmhHc3VxMkZ0S1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGjBcID
BAOjBcAwDQYJKoZIhvcNAQELBQADggEBABW0RVD82VHPSWkkbgzJVWpQSRB6UOsm
UtbEf9TfZR/vvGYN4/6v0TgvY59G8mwFGhIYg1hHoAlQEptK/YMpfv3BTvo3+99w
zWemI2H04eX8dB73qc4ov/kXelJ6B1JK73UYVMBOHC1yP6zG1apRdxdBP/Nd/tdl
T2XVp9KtxjmmjRHFHJCURneIZR5ZP9YXN9ttSgGuUViA7JKZ8seSMyGjZuFHjqLz
t8NxmKarXDM4umJpPDKAedhK/T/R6qEakpO8t0vGnLH/u5GdHrTgMML8iGKQACBT
UIRCOHJeQgi1nuXmThAOd3nx4Ut7LdC/83hRUtt03e2N/3+MoT1Nmbs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org