Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yFiXrUghqmxkPhhUvrqLURpQXTY.roa
File: yFiXrUghqmxkPhhUvrqLURpQXTY.roa (raw, json)
Hash identifier: BfOfeogEL85XwiNTqvI1XRKqHyGLM8FkFStCGfaBeF8=
Subject key identifier: C8:58:97:AD:48:21:AA:6C:64:3E:18:54:BE:BA:8B:51:1A:50:5D:36
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0183AED4520844BC07C04B5B7075E72FBAB4
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yFiXrUghqmxkPhhUvrqLURpQXTY.roa
Signing time: Thu 06 Oct 2022 19:44:53 +0000
ROA not before: Thu 06 Oct 2022 19:44:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 163.5.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ae:d4:52:08:44:bc:07:c0:4b:5b:70:75:e7:2f:ba:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 6 19:44:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c85897ad4821aa6c643e1854beba8b511a505d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0f:92:8e:83:47:ed:64:c3:4c:b3:25:91:2b:
80:f2:37:d9:2f:de:58:cf:c2:66:84:94:42:46:5e:
75:8a:bc:fd:f5:90:30:2c:fd:76:17:b6:b5:a6:6f:
b0:1b:f4:5e:c5:44:c6:57:70:a5:5c:8f:6a:74:51:
b3:16:f7:05:95:9a:c3:bd:23:e7:16:b2:21:e2:de:
cd:06:ac:6d:76:71:de:18:7e:f4:ed:40:1c:81:f6:
3b:2b:16:74:55:4d:b1:5f:96:b2:d5:de:5c:88:ab:
83:a5:0d:23:38:df:03:f8:cd:c4:4c:f5:34:83:94:
85:ab:a0:50:1c:1f:14:6a:e4:4b:8f:31:71:43:0f:
6f:ff:60:22:96:87:6e:77:2d:cf:86:bf:fb:40:69:
67:38:f1:c2:93:16:0e:c6:57:5b:f3:e7:09:91:bd:
48:d6:d3:27:cf:c3:ea:c4:68:b4:5b:dd:3e:ce:a0:
f4:16:f7:15:0c:a8:e2:3c:6a:c4:c7:0d:36:f9:92:
30:b8:b2:7b:6d:61:a6:13:6b:eb:23:13:9a:53:23:
ef:8d:8f:7f:b6:1b:c8:69:0d:a2:ad:14:1f:28:00:
e4:7a:0b:e4:db:73:75:74:c1:ed:8d:74:0f:a1:33:
d5:fd:77:9a:2b:94:d2:da:f8:0b:3b:59:20:ba:c6:
09:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:58:97:AD:48:21:AA:6C:64:3E:18:54:BE:BA:8B:51:1A:50:5D:36
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yFiXrUghqmxkPhhUvrqLURpQXTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.125.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:d6:a4:59:71:09:c2:7e:72:b1:2e:44:17:08:1f:66:59:03:
01:20:8e:b5:85:ac:01:a8:3e:94:16:4d:5a:8e:c3:5d:84:ce:
ce:66:95:c2:17:a0:21:97:60:8b:cc:27:91:98:03:7c:88:15:
45:74:a1:a8:ed:36:0b:d7:39:7d:d9:34:1d:f9:4d:e0:ec:11:
f4:5c:9a:ed:34:1f:eb:33:fe:58:fb:f4:d0:66:c7:5d:ea:8e:
79:f1:78:ac:69:b3:6b:8e:68:b9:8e:17:17:28:a4:64:30:84:
46:ca:b8:72:c4:4a:5b:3d:e2:2f:12:ee:81:c8:20:07:d9:ba:
8d:bc:d1:21:1b:d5:04:6b:39:cf:e6:ab:c0:09:55:e9:81:7d:
03:b4:22:81:eb:15:f9:53:35:80:d1:54:1c:52:21:1b:b6:46:
2b:73:ba:3c:33:8a:41:7c:36:83:22:b0:70:80:6c:e4:2d:5c:
07:28:49:3c:16:6f:bb:0e:3d:1b:60:0e:a4:82:6b:0b:21:2d:
27:db:9f:e9:ed:26:9b:67:4b:1c:7c:3c:fb:a9:1a:54:c5:97:
71:7e:52:2e:71:fd:20:4a:72:01:9a:cd:23:00:3c:45:f8:9d:
38:7f:0f:08:4c:ca:ad:0d:db:71:95:e5:bc:75:7f:00:6b:ed:
64:ce:80:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOu1FIIRLwHwEtbcHXnL7q0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDA2MTk0NDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODU4OTdhZDQ4MjFhYTZjNjQzZTE4NTRiZWJhOGI1MTFhNTA1ZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1w+SjoNH7WTDTLMlkSuA8jfZL95Y
z8JmhJRCRl51irz99ZAwLP12F7a1pm+wG/RexUTGV3ClXI9qdFGzFvcFlZrDvSPn
FrIh4t7NBqxtdnHeGH707UAcgfY7KxZ0VU2xX5ay1d5ciKuDpQ0jON8D+M3ETPU0
g5SFq6BQHB8UauRLjzFxQw9v/2Ailodudy3Phr/7QGlnOPHCkxYOxldb8+cJkb1I
1tMnz8PqxGi0W90+zqD0FvcVDKjiPGrExw02+ZIwuLJ7bWGmE2vrIxOaUyPvjY9/
thvIaQ2irRQfKADkegvk23N1dMHtjXQPoTPV/XeaK5TS2vgLO1kgusYJ7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhYl61IIapsZD4YVL66i1EaUF02MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveUZpWHJVZ2hxbXhrUGhoVXZycUxVUnBRWFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowV9MA0G
CSqGSIb3DQEBCwUAA4IBAQBP1qRZcQnCfnKxLkQXCB9mWQMBII61hawBqD6UFk1a
jsNdhM7OZpXCF6Ahl2CLzCeRmAN8iBVFdKGo7TYL1zl92TQd+U3g7BH0XJrtNB/r
M/5Y+/TQZsdd6o558XisabNrjmi5jhcXKKRkMIRGyrhyxEpbPeIvEu6ByCAH2bqN
vNEhG9UEaznP5qvACVXpgX0DtCKB6xX5UzWA0VQcUiEbtkYrc7o8M4pBfDaDIrBw
gGzkLVwHKEk8Fm+7Dj0bYA6kgmsLIS0n25/p7SabZ0scfDz7qRpUxZdxflIucf0g
SnIBms0jADxF+J04fw8ITMqtDdtxleW8dX8Aa+1kzoB1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:23 2023 by rpki-client on console-fra.rpki-client.org