Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/un3kD_qmz4ByIGzFKxclYUUWxcg.roa
File: un3kD_qmz4ByIGzFKxclYUUWxcg.roa (raw, json)
Hash identifier: BBRDeckU7JlcNQA3GU6yjXndhDcj2DcW/SlMSKrwqys=
Subject key identifier: BA:7D:E4:0F:FA:A6:CF:80:72:20:6C:C5:2B:17:25:61:45:16:C5:C8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01743BF8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/un3kD_qmz4ByIGzFKxclYUUWxcg.roa
Signing time: Mon 04 Jul 2022 12:12:25 +0000
ROA not before: Mon 04 Jul 2022 12:12:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 163.5.125.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.137.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.152.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24394744 (0x1743bf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 4 12:12:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba7de40ffaa6cf8072206cc52b1725614516c5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4a:14:da:e5:e0:52:14:f6:52:c4:31:a8:47:
6e:13:a1:fd:cd:23:55:7e:be:c6:59:6e:34:07:07:
57:95:07:a2:d7:2f:1a:82:1f:90:e8:93:9b:61:f2:
ba:d2:c2:c5:26:28:3a:c7:76:dd:0f:a5:52:c4:15:
74:92:1e:e2:bf:75:b3:5e:6b:eb:8f:b1:0b:7d:f1:
4b:4a:1e:7e:ff:4d:d8:35:b7:1e:69:6c:33:c8:06:
93:bd:6c:c4:77:e0:36:b6:f0:24:5a:7e:15:2b:04:
44:0d:58:35:1e:3d:e3:6e:25:3f:87:b8:bb:76:66:
c0:e1:4e:e0:43:b6:af:6c:7d:48:96:62:35:e9:7c:
40:16:c0:7a:de:2b:82:82:e4:0d:1b:88:ec:25:09:
21:02:38:37:87:12:ba:21:9a:8f:39:95:b3:92:8d:
c7:8b:bf:e6:ba:ba:92:0e:9d:ad:0b:e3:01:75:d7:
f3:e8:c3:76:5e:7f:cc:5a:e4:4d:a9:b6:70:a5:9b:
73:e2:51:0c:45:2a:03:60:79:ec:d3:d4:ca:d0:43:
6f:3b:8a:d2:4b:69:8b:94:b4:8a:7d:67:04:9c:45:
c0:27:66:d3:13:5e:93:75:b4:1b:5d:55:17:49:ad:
04:df:65:fb:02:df:aa:02:b4:f2:df:03:61:63:56:
a4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:7D:E4:0F:FA:A6:CF:80:72:20:6C:C5:2B:17:25:61:45:16:C5:C8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/un3kD_qmz4ByIGzFKxclYUUWxcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.125.0/24
163.5.127.0-163.5.159.255
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:65:04:c1:4d:b9:a2:bd:97:b5:73:4f:76:51:72:0d:d1:25:
84:6c:a8:8f:78:43:f0:9b:5e:06:bb:9d:36:f5:8c:74:ca:4a:
0b:ce:87:07:1b:53:d3:6f:12:c8:db:86:1d:62:2c:a7:46:2a:
89:42:57:83:17:6f:f5:4f:03:b0:ef:b0:91:90:9d:c5:89:d4:
4c:a4:85:1e:a0:f9:2b:7c:86:f6:c6:8d:5b:f9:c9:5a:3a:74:
66:ee:b0:3a:2c:54:93:95:0a:7e:69:d6:a5:1d:9a:bb:70:d9:
1a:e3:32:d7:c2:c8:22:6b:6f:14:f6:74:91:03:db:7a:d5:9a:
24:7f:03:06:ce:37:3e:13:65:53:ff:d5:01:ca:2a:06:b0:61:
14:f7:17:de:8c:87:a3:ab:0d:e3:a6:91:a3:fe:f4:26:59:1a:
f2:a5:3a:73:3a:f6:d8:de:a7:70:69:b8:5d:48:9c:a2:13:08:
00:34:f9:07:c6:71:1b:40:97:a0:6f:8c:58:99:0e:f7:10:58:
d5:be:a8:ee:61:b6:1c:22:c8:77:1f:ea:cf:23:59:d6:91:09:
61:2d:ae:3a:a4:61:57:6f:34:82:f0:05:77:d5:77:ba:77:25:
9b:cf:56:91:7e:6c:3a:8f:dc:b8:c1:1a:58:99:01:c1:9e:09:
61:16:9e:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEAXQ7+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
Y2U4NTFiNmRkNWQzNjRlZTE5ZTBiMzgyMDFiM2U4ZGYyNjI0YmNiMB4XDTIyMDcw
NDEyMTIyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE3ZGU0MGZmYWE2
Y2Y4MDcyMjA2Y2M1MmIxNzI1NjE0NTE2YzVjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdKFNrl4FIU9lLEMahHbhOh/c0jVX6+xlluNAcHV5UHotcv
GoIfkOiTm2HyutLCxSYoOsd23Q+lUsQVdJIe4r91s15r64+xC33xS0oefv9N2DW3
HmlsM8gGk71sxHfgNrbwJFp+FSsERA1YNR49424lP4e4u3ZmwOFO4EO2r2x9SJZi
Nel8QBbAet4rgoLkDRuI7CUJIQI4N4cSuiGajzmVs5KNx4u/5rq6kg6drQvjAXXX
8+jDdl5/zFrkTam2cKWbc+JRDEUqA2B57NPUytBDbzuK0ktpi5S0in1nBJxFwCdm
0xNek3W0G11VF0mtBN9l+wLfqgK08t8DYWNWpFkCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBS6feQP+qbPgHIgbMUrFyVhRRbFyDAfBgNVHSMEGDAWgBQM6FG23V02TuGe
CzggGz6N8mJLyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYwMS8x
L3VuM2tEX3FtejRCeUlHekZLeGNsWVVVV3hjZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
ZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYwMS8xL0RPaFJ0dDFkTms3
aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAKMFfTAMAwQAowV/AwQFowWAAwQA
uf02MA0GCSqGSIb3DQEBCwUAA4IBAQCyZQTBTbmivZe1c092UXIN0SWEbKiPeEPw
m14Gu5029Yx0ykoLzocHG1PTbxLI24YdYiynRiqJQleDF2/1TwOw77CRkJ3FidRM
pIUeoPkrfIb2xo1b+claOnRm7rA6LFSTlQp+adalHZq7cNka4zLXwsgia28U9nSR
A9t61ZokfwMGzjc+E2VT/9UByioGsGEU9xfejIejqw3jppGj/vQmWRrypTpzOvbY
3qdwabhdSJyiEwgANPkHxnEbQJegb4xYmQ73EFjVvqjuYbYcIsh3H+rPI1nWkQlh
La46pGFXbzSC8AV31Xe6dyWbz1aRfmw6j9y4wRpYmQHBnglhFp5T
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:23 2023 by rpki-client on console-fra.rpki-client.org