Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vibCzN_MdUYNGB_orWrmfApiOvw.roa
File: vibCzN_MdUYNGB_orWrmfApiOvw.roa (raw, json)
Hash identifier: Csm4QYhZOFIebDCgS88c4Lav4sB57PLfXI/CCShpYrk=
Subject key identifier: BE:26:C2:CC:DF:CC:75:46:0D:18:1F:E8:AD:6A:E6:7C:0A:62:3A:FC
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01841F9A8437BE8089EC1D5CE70D04B931E5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vibCzN_MdUYNGB_orWrmfApiOvw.roa
Signing time: Fri 28 Oct 2022 17:18:50 +0000
ROA not before: Fri 28 Oct 2022 17:18:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61320
IP address blocks: 163.5.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1f:9a:84:37:be:80:89:ec:1d:5c:e7:0d:04:b9:31:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 28 17:18:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be26c2ccdfcc75460d181fe8ad6ae67c0a623afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fd:19:5d:76:da:eb:42:95:65:39:d0:6b:0a:
3d:23:0c:9d:c0:c2:64:4d:a8:62:b9:20:f0:8a:36:
61:00:5e:98:de:61:8a:ca:ce:bf:55:8c:4b:2b:58:
c1:22:18:d0:87:da:ae:af:6b:db:6f:ec:1c:a6:20:
d9:7b:6c:1f:b4:85:50:cd:06:43:65:31:28:e6:31:
e5:5a:d7:73:18:fa:94:02:1c:7a:9c:3e:10:70:d4:
5a:da:80:17:d4:ef:c5:db:58:e0:69:6d:86:6e:00:
df:29:1a:a9:cc:cd:24:fe:8f:f7:0c:97:21:19:0e:
3d:20:d4:ba:e6:94:8d:68:62:a6:44:26:63:c4:c3:
a9:0e:1c:53:ff:b2:b3:49:86:88:7f:69:47:a1:27:
4f:09:6b:31:f0:2e:b0:13:7c:cd:15:51:4f:af:fa:
f7:c8:82:ba:3b:6b:c3:cb:ce:ed:0c:83:58:b2:14:
29:a8:5f:24:dd:0c:ce:1e:48:57:c5:7e:46:13:87:
f5:89:04:5f:fd:e6:8f:41:0e:68:19:5f:6e:3d:d8:
bb:59:03:0a:39:11:66:78:65:02:fe:80:ab:fc:e3:
79:7d:ee:0c:71:77:71:57:30:cc:c0:11:ec:7b:fc:
d2:62:50:c0:5b:7a:17:32:4b:9f:8a:4b:fc:58:2b:
67:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:26:C2:CC:DF:CC:75:46:0D:18:1F:E8:AD:6A:E6:7C:0A:62:3A:FC
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vibCzN_MdUYNGB_orWrmfApiOvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.112.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:d5:9d:34:59:2a:7b:51:76:c6:d8:9e:1f:d9:32:37:06:ad:
1a:24:ba:07:2d:99:e5:bd:8b:47:da:fa:66:86:25:9d:7f:45:
89:d4:38:4e:07:54:67:c5:1b:85:ea:90:87:2e:ef:c0:c7:64:
6b:69:3f:30:64:25:e0:ad:d1:82:e9:0b:e9:77:9e:71:5b:15:
6f:81:20:8f:ec:52:5a:1b:3d:20:80:f7:ea:36:a3:fb:05:c3:
f0:9a:a8:b0:fd:fe:6a:bb:ba:db:80:7f:ed:88:29:78:ec:f8:
16:3b:4c:3d:8e:e3:a9:7f:8f:57:3b:8d:e0:20:0f:82:35:b8:
69:87:e4:14:5a:eb:e2:21:63:86:62:7e:d1:90:c4:30:45:86:
e1:fb:4a:33:88:d3:9d:c1:3d:87:fe:91:04:35:fc:4c:38:4a:
ea:fb:e4:ef:6d:35:02:e0:51:2c:9c:be:d8:77:18:3c:db:3f:
01:c2:e4:7c:10:e2:e7:d7:7a:2a:59:24:9e:09:f2:27:fc:1d:
79:21:8e:d7:c4:97:ae:55:12:b0:cf:40:b5:f9:5a:a0:66:41:
11:b9:d7:ec:5d:bc:30:b2:82:bb:e1:af:9a:a9:79:05:c0:79:
55:04:ab:81:de:4e:4d:e9:64:f2:47:f3:cb:f3:ce:61:fc:a1:
68:df:d4:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQfmoQ3voCJ7B1c5w0EuTHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDI4MTcxODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTI2YzJjY2RmY2M3NTQ2MGQxODFmZThhZDZhZTY3YzBhNjIzYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf0ZXXba60KVZTnQawo9IwydwMJk
TahiuSDwijZhAF6Y3mGKys6/VYxLK1jBIhjQh9qur2vbb+wcpiDZe2wftIVQzQZD
ZTEo5jHlWtdzGPqUAhx6nD4QcNRa2oAX1O/F21jgaW2GbgDfKRqpzM0k/o/3DJch
GQ49INS65pSNaGKmRCZjxMOpDhxT/7KzSYaIf2lHoSdPCWsx8C6wE3zNFVFPr/r3
yIK6O2vDy87tDINYshQpqF8k3QzOHkhXxX5GE4f1iQRf/eaPQQ5oGV9uPdi7WQMK
ORFmeGUC/oCr/ON5fe4McXdxVzDMwBHse/zSYlDAW3oXMkufikv8WCtn3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL4mwszfzHVGDRgf6K1q5nwKYjr8MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdmliQ3pOX01kVVlOR0Jfb3JXcm1mQXBpT3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowVwMA0G
CSqGSIb3DQEBCwUAA4IBAQCs1Z00WSp7UXbG2J4f2TI3Bq0aJLoHLZnlvYtH2vpm
hiWdf0WJ1DhOB1RnxRuF6pCHLu/Ax2RraT8wZCXgrdGC6Qvpd55xWxVvgSCP7FJa
Gz0ggPfqNqP7BcPwmqiw/f5qu7rbgH/tiCl47PgWO0w9juOpf49XO43gIA+CNbhp
h+QUWuviIWOGYn7RkMQwRYbh+0oziNOdwT2H/pEENfxMOErq++TvbTUC4FEsnL7Y
dxg82z8BwuR8EOLn13oqWSSeCfIn/B15IY7XxJeuVRKwz0C1+VqgZkERudfsXbww
soK74a+aqXkFwHlVBKuB3k5N6WTyR/PL885h/KFo39R3
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:53 2025 by rpki-client