Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/slokWgrYlc6xabuDBesZk6quhSQ.roa
File: slokWgrYlc6xabuDBesZk6quhSQ.roa (raw, json)
Hash identifier: o7ZEUwujobwGjuhq+Zn26Y9x0DjP26XjLfArOk5vvuo=
Subject key identifier: B2:5A:24:5A:0A:D8:95:CE:B1:69:BB:83:05:EB:19:93:AA:AE:85:24
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0184ECAD0CC77CBE89C209FE7D7DD5515E63
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/slokWgrYlc6xabuDBesZk6quhSQ.roa
Signing time: Wed 07 Dec 2022 13:01:14 +0000
ROA not before: Wed 07 Dec 2022 13:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 163.5.95.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.197.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:ad:0c:c7:7c:be:89:c2:09:fe:7d:7d:d5:51:5e:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 7 13:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b25a245a0ad895ceb169bb8305eb1993aaae8524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:78:27:27:9c:eb:95:12:c4:1a:74:ed:f9:68:
13:55:1d:ad:50:cf:ab:7c:42:83:f8:ac:9e:92:77:
83:ea:4d:b2:1c:e6:4a:d0:f5:0d:18:8f:73:53:c3:
5f:e3:86:d8:1a:8c:c4:f8:45:d4:e8:38:29:2e:f5:
14:0e:cd:0d:72:92:37:f6:02:5a:57:2f:28:05:00:
01:2b:0a:35:73:8d:16:1f:4c:f8:09:ef:39:c1:73:
e1:a5:a2:06:09:f4:cd:34:dd:b9:33:79:fe:4c:ff:
66:29:ee:99:ce:3c:81:ff:c5:55:64:e1:92:20:30:
ec:52:19:dd:64:81:bf:0f:35:62:cb:c2:ff:d6:e0:
07:03:39:9c:8c:08:27:74:ce:15:86:ab:d1:c9:bc:
30:69:10:90:57:ef:b5:12:a6:81:4d:5b:dc:17:81:
88:07:8c:12:9e:47:fb:75:44:83:b8:c7:8a:92:91:
da:d5:29:af:c9:b8:5f:0d:5d:7a:ad:ae:a6:ef:f2:
18:c3:1f:77:d2:fe:ca:11:76:41:87:81:0f:bb:01:
a6:b8:c4:ea:15:78:c7:f8:d5:a4:23:17:02:b3:cb:
6c:5f:78:2d:01:41:a0:1b:c4:d7:9e:c9:02:6b:29:
6c:19:66:1c:b3:bb:ca:b2:3c:03:12:a7:32:5b:2a:
fa:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:5A:24:5A:0A:D8:95:CE:B1:69:BB:83:05:EB:19:93:AA:AE:85:24
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/slokWgrYlc6xabuDBesZk6quhSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.94.0/23
163.5.113.0/24
163.5.116.0/24
163.5.132.0/23
163.5.135.0-163.5.136.255
163.5.142.0/24
163.5.173.0/24
163.5.186.0/24
163.5.195.0-163.5.197.255
Signature Algorithm: sha256WithRSAEncryption
a2:f3:62:41:87:db:b3:d9:75:ca:7c:37:04:40:fe:ab:43:80:
f1:97:09:26:9b:78:ea:4c:32:bb:58:c5:0f:fb:29:f8:fa:41:
cb:e8:b4:8a:19:00:3c:4b:4e:0c:5a:d1:1a:ea:c4:95:ff:d0:
63:55:6c:8d:51:15:84:53:ac:58:e8:69:0e:5d:8d:c5:14:c3:
19:e3:4e:81:f4:11:ae:ec:88:60:9a:ba:be:99:13:24:e3:8e:
d7:50:3a:06:3b:76:39:c6:73:02:e3:26:31:8a:06:3e:05:f7:
b9:05:02:4c:bb:47:4c:0a:28:6f:38:5a:16:dd:df:d0:2f:e6:
45:9b:2d:43:3a:19:1c:39:4b:2d:c5:29:16:f6:99:99:33:a0:
a2:a5:38:54:2f:41:fb:e0:06:b1:8d:3c:46:41:5a:f4:d7:04:
5c:3e:ee:9f:e1:7a:dc:b3:2e:cd:46:32:0a:48:38:72:34:7d:
0f:f5:22:26:f9:fe:3a:97:4e:be:78:ef:16:37:44:ff:08:ac:
a9:63:da:d1:21:6e:cb:47:c1:73:c0:7a:66:3b:5b:b5:c4:d5:
58:03:c3:a1:67:67:4a:37:96:4a:21:3f:87:fc:ad:64:91:a0:
d7:fc:82:25:8c:46:8a:cd:70:50:30:72:55:93:90:1a:a7:59:
5f:26:e2:86
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYTsrQzHfL6Jwgn+fX3VUV5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjA3MTMwMTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjVhMjQ1YTBhZDg5NWNlYjE2OWJiODMwNWViMTk5M2FhYWU4NTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3gnJ5zrlRLEGnTt+WgTVR2tUM+r
fEKD+KyekneD6k2yHOZK0PUNGI9zU8Nf44bYGozE+EXU6DgpLvUUDs0NcpI39gJa
Vy8oBQABKwo1c40WH0z4Ce85wXPhpaIGCfTNNN25M3n+TP9mKe6ZzjyB/8VVZOGS
IDDsUhndZIG/DzViy8L/1uAHAzmcjAgndM4VhqvRybwwaRCQV++1EqaBTVvcF4GI
B4wSnkf7dUSDuMeKkpHa1SmvybhfDV16ra6m7/IYwx930v7KEXZBh4EPuwGmuMTq
FXjH+NWkIxcCs8tsX3gtAUGgG8TXnskCaylsGWYcs7vKsjwDEqcyWyr6tQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFLJaJFoK2JXOsWm7gwXrGZOqroUkMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvc2xva1dncllsYzZ4YWJ1REJlc1prNnF1aFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAowUgAwQB
owVeAwQAowVxAwQAowV0AwQBowWEMAwDBACjBYcDBACjBYgDBACjBY4DBACjBa0D
BACjBbowDAMEAKMFwwMEAaMFxDANBgkqhkiG9w0BAQsFAAOCAQEAovNiQYfbs9l1
ynw3BED+q0OA8ZcJJpt46kwyu1jFD/sp+PpBy+i0ihkAPEtODFrRGurElf/QY1Vs
jVEVhFOsWOhpDl2NxRTDGeNOgfQRruyIYJq6vpkTJOOO11A6Bjt2OcZzAuMmMYoG
PgX3uQUCTLtHTAoobzhaFt3f0C/mRZstQzoZHDlLLcUpFvaZmTOgoqU4VC9B++AG
sY08RkFa9NcEXD7un+F63LMuzUYyCkg4cjR9D/UiJvn+OpdOvnjvFjdE/wisqWPa
0SFuy0fBc8B6ZjtbtcTVWAPDoWdnSjeWSiE/h/ytZJGg1/yCJYxGis1wUDByVZOQ
GqdZXybihg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org