Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wTG3dVXwJ63GUrFdt5g3lPxS1ZI.roa
File: wTG3dVXwJ63GUrFdt5g3lPxS1ZI.roa (raw, json)
Hash identifier: 0A25Q35rEdru5LyHj8l8v96tAUBr9CEAmFg1DPtFQag=
Subject key identifier: C1:31:B7:75:55:F0:27:AD:C6:52:B1:5D:B7:98:37:94:FC:52:D5:92
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01838CC0311B338C56A142F852C2EE49E383
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wTG3dVXwJ63GUrFdt5g3lPxS1ZI.roa
Signing time: Fri 30 Sep 2022 04:55:49 +0000
ROA not before: Fri 30 Sep 2022 04:55:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64267
IP address blocks: 163.5.115.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8c:c0:31:1b:33:8c:56:a1:42:f8:52:c2:ee:49:e3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 30 04:55:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c131b77555f027adc652b15db7983794fc52d592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:01:83:82:bd:89:b8:ff:19:54:22:8a:19:75:
db:8b:a1:bb:bf:0d:94:b9:ce:58:2d:09:bc:fc:3c:
ef:ba:04:4b:1f:98:b5:ea:ee:d6:73:df:3c:1b:53:
4f:41:d3:fa:be:8b:54:54:37:97:80:e9:6f:9d:a2:
73:46:71:6c:5d:9e:03:12:df:c4:d9:76:24:1e:4b:
2d:af:f9:cb:c7:ba:3c:00:ef:32:8a:d0:4b:94:95:
5b:f4:67:b3:21:f1:c7:a3:04:15:7d:05:01:4b:72:
9b:07:5a:5a:43:5d:49:3d:0f:46:3f:f3:b9:9b:65:
89:0e:bb:cb:67:26:62:fd:43:78:82:f6:06:ae:cb:
b9:28:db:56:22:f8:9c:6d:2b:54:62:2d:63:de:47:
e6:00:5d:85:7e:7e:14:b8:20:83:ff:ca:a5:14:c7:
37:6a:6a:b2:70:c9:ee:0d:ae:a9:75:0a:ab:82:ee:
39:1f:f9:21:5b:df:6d:35:6e:0f:ca:0a:4a:49:20:
9c:e5:29:55:25:41:f5:77:10:d0:2d:a2:ba:fb:0a:
2c:f8:dd:5c:11:c4:f0:ea:d5:e7:f3:0c:5e:6d:6b:
9d:bb:59:35:69:2a:a1:80:1b:70:00:e4:b4:2e:03:
76:18:0e:b3:a0:e0:78:38:d2:96:31:3d:ad:65:8f:
da:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:31:B7:75:55:F0:27:AD:C6:52:B1:5D:B7:98:37:94:FC:52:D5:92
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wTG3dVXwJ63GUrFdt5g3lPxS1ZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.115.0/24
163.5.129.0/24
163.5.134.0/23
Signature Algorithm: sha256WithRSAEncryption
02:2e:75:22:a1:24:63:4a:2f:be:e1:31:60:b5:e1:57:26:cc:
10:27:92:db:23:65:27:3e:10:17:69:ef:0a:97:00:f7:e0:2f:
c2:63:aa:7c:97:cb:0f:c6:54:f7:0f:bc:1a:2f:d6:dc:61:d4:
4c:3f:fe:35:8b:f7:14:75:a3:1b:43:0a:7c:9a:2f:f2:13:37:
ba:b1:c3:d0:9b:10:93:a1:23:27:b7:2f:5f:0c:45:ba:e0:1b:
61:39:19:fb:d8:e6:bf:45:6a:38:57:66:86:8a:1c:58:27:9a:
65:b3:d1:77:7a:b6:d8:25:87:38:45:48:6d:be:fb:80:6e:1e:
3d:66:a0:b0:b9:3a:e5:5a:76:ac:f3:a2:f1:fc:3f:4e:13:db:
5e:be:8c:d9:a7:34:3e:9e:12:8a:2a:f2:37:10:96:98:d5:28:
92:a8:fc:e6:b7:16:cb:17:f9:bd:03:2e:de:74:4c:8d:29:69:
7b:4c:d9:f1:ed:0c:dd:08:d7:8d:36:11:ec:34:57:a7:6e:3f:
4c:17:61:f1:a4:32:fa:17:4d:d8:6d:bd:39:21:37:53:63:78:
dd:39:e8:f1:7e:94:2b:c3:24:2b:93:04:d3:7b:e6:75:79:42:
6e:9a:b9:40:ed:65:43:4d:41:34:3b:93:ed:41:3d:92:15:da:
fc:b2:96:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOMwDEbM4xWoUL4UsLuSeODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTMwMDQ1NTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTMxYjc3NTU1ZjAyN2FkYzY1MmIxNWRiNzk4Mzc5NGZjNTJkNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwGDgr2JuP8ZVCKKGXXbi6G7vw2U
uc5YLQm8/DzvugRLH5i16u7Wc988G1NPQdP6votUVDeXgOlvnaJzRnFsXZ4DEt/E
2XYkHkstr/nLx7o8AO8yitBLlJVb9GezIfHHowQVfQUBS3KbB1paQ11JPQ9GP/O5
m2WJDrvLZyZi/UN4gvYGrsu5KNtWIvicbStUYi1j3kfmAF2Ffn4UuCCD/8qlFMc3
amqycMnuDa6pdQqrgu45H/khW99tNW4PygpKSSCc5SlVJUH1dxDQLaK6+wos+N1c
EcTw6tXn8wxebWudu1k1aSqhgBtwAOS0LgN2GA6zoOB4ONKWMT2tZY/ajwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMExt3VV8CetxlKxXbeYN5T8UtWSMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvd1RHM2RWWHdKNjNHVXJGZHQ1ZzNsUHhTMVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowVzAwQA
owWBAwQBowWGMA0GCSqGSIb3DQEBCwUAA4IBAQACLnUioSRjSi++4TFgteFXJswQ
J5LbI2UnPhAXae8KlwD34C/CY6p8l8sPxlT3D7waL9bcYdRMP/41i/cUdaMbQwp8
mi/yEze6scPQmxCToSMnty9fDEW64BthORn72Oa/RWo4V2aGihxYJ5pls9F3erbY
JYc4RUhtvvuAbh49ZqCwuTrlWnas86Lx/D9OE9tevozZpzQ+nhKKKvI3EJaY1SiS
qPzmtxbLF/m9Ay7edEyNKWl7TNnx7QzdCNeNNhHsNFenbj9MF2HxpDL6F03Ybb05
ITdTY3jdOejxfpQrwyQrkwTTe+Z1eUJumrlA7WVDTUE0O5PtQT2SFdr8spZw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org