Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/fpGXhMYZ3GHrAf00YoFes1p5k1Q.roa
File: fpGXhMYZ3GHrAf00YoFes1p5k1Q.roa (raw, json)
Hash identifier: m1gXS49g2rSFJVy4s12PBXqIDk0RryMhwPwf4c+xHzY=
Subject key identifier: 7E:91:97:84:C6:19:DC:61:EB:01:FD:34:62:81:5E:B3:5A:79:93:54
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 0971B93F
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/fpGXhMYZ3GHrAf00YoFes1p5k1Q.roa
Signing time: Tue 12 Apr 2022 11:49:32 +0000
ROA not before: Tue 12 Apr 2022 11:49:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211261
IP address blocks: 103.226.194.0/23 maxlen: 23
185.237.212.0/24 maxlen: 24
185.145.71.0/24 maxlen: 24
185.145.70.0/24 maxlen: 24
185.223.176.0/22 maxlen: 22
103.229.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158447935 (0x971b93f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Apr 12 11:49:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e919784c619dc61eb01fd3462815eb35a799354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ca:ef:0f:cf:24:de:44:3b:35:12:c7:e6:18:
82:fd:b1:b9:b7:89:70:19:84:3b:c4:b4:9f:df:e0:
94:7f:2b:da:b6:81:1f:3f:2b:cf:fa:83:41:41:23:
0a:4e:a0:6e:f0:d7:ce:77:5d:6d:fa:4b:66:24:59:
a0:19:24:77:4b:5e:8c:45:71:fa:24:44:3c:c9:d5:
b6:f7:c9:9a:b4:3e:5d:9c:f5:fa:f5:4c:8b:e7:97:
ac:49:c8:93:9a:a3:bc:95:6b:17:96:51:8d:85:a8:
58:4e:59:1a:4c:d6:08:1b:a7:1a:7e:9d:bd:df:78:
1e:b1:72:0f:d3:90:72:c1:5b:48:b9:29:67:2d:81:
db:1b:9d:ff:43:4d:11:99:ef:a1:e0:29:c9:d5:9b:
d0:07:fc:c0:dd:b4:14:f0:b3:e6:ef:08:3c:2d:78:
7a:d7:50:2b:c1:5d:08:40:0e:4b:ad:6f:6a:8e:f8:
41:a2:79:37:5a:ad:81:54:df:41:e3:8d:4e:fc:d9:
40:c2:54:22:17:f5:7c:0a:fb:26:aa:99:44:b1:58:
c0:9f:fc:fc:8b:ef:e8:00:c0:95:8d:84:07:f6:d3:
7f:d6:81:be:f4:2b:a4:be:9b:e1:3f:5a:80:b6:85:
e6:1b:bc:9d:82:90:75:48:58:f4:5c:da:15:71:e3:
35:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:91:97:84:C6:19:DC:61:EB:01:FD:34:62:81:5E:B3:5A:79:93:54
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/fpGXhMYZ3GHrAf00YoFes1p5k1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.226.194.0/23
103.229.168.0/24
185.145.70.0/23
185.223.176.0/22
185.237.212.0/24
Signature Algorithm: sha256WithRSAEncryption
be:70:8e:28:1f:9c:b1:de:77:8f:86:51:b2:8c:16:39:8d:12:
4e:b0:ca:dc:29:77:4f:1e:74:78:48:61:9d:9f:94:3f:6f:16:
6a:d7:75:31:bb:7c:aa:e8:81:2b:ba:85:76:f8:8b:da:e6:ba:
a1:8f:e8:31:ab:f7:11:b2:ea:ef:64:a6:b2:6c:9b:ec:63:80:
16:cb:88:38:04:b7:93:30:c3:e1:fd:51:5e:13:63:6d:b4:1b:
6c:fc:ed:cc:04:c0:b9:01:3c:f4:ae:7e:b1:89:da:fc:b2:c9:
b7:71:be:21:52:0f:4c:e9:72:3a:f0:34:6a:d9:67:0e:a4:2e:
59:50:0a:81:4b:76:27:ce:bb:d3:1b:2a:6c:29:3c:ab:9e:f5:
05:ca:dd:54:df:a7:22:8f:ae:a4:4a:e1:fa:6d:ae:67:9c:11:
22:ab:ac:53:de:2a:95:ec:63:4c:f7:99:49:96:04:16:89:43:
dd:95:4e:2d:c4:7e:44:16:13:98:26:54:02:ef:7b:3a:76:85:
40:c6:46:18:a3:1c:1a:56:45:c3:62:22:e2:4a:98:4e:bb:0a:
79:87:57:e9:9d:19:34:8b:68:9e:01:60:d5:3a:8a:fb:07:c8:
fc:60:01:67:e1:ce:6f:2f:60:df:94:24:97:2e:14:b4:9b:f2:
ad:78:8b:80
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECXG5PzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjFlNzJmM2QwOTU3ZjVhNmUzYmQxYjg0NGExMmE2MTQ3NDQ5MDI3MB4XDTIyMDQx
MjExNDkzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2U5MTk3ODRjNjE5
ZGM2MWViMDFmZDM0NjI4MTVlYjM1YTc5OTM1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANrK7w/PJN5EOzUSx+YYgv2xubeJcBmEO8S0n9/glH8r2raB
Hz8rz/qDQUEjCk6gbvDXznddbfpLZiRZoBkkd0tejEVx+iREPMnVtvfJmrQ+XZz1
+vVMi+eXrEnIk5qjvJVrF5ZRjYWoWE5ZGkzWCBunGn6dvd94HrFyD9OQcsFbSLkp
Zy2B2xud/0NNEZnvoeApydWb0Af8wN20FPCz5u8IPC14etdQK8FdCEAOS61vao74
QaJ5N1qtgVTfQeONTvzZQMJUIhf1fAr7JqqZRLFYwJ/8/Ivv6ADAlY2EB/bTf9aB
vvQrpL6b4T9agLaF5hu8nYKQdUhY9FzaFXHjNQ8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBR+kZeExhncYesB/TRigV6zWnmTVDAfBgNVHSMEGDAWgBQLHnLz0JV/Wm47
0bhEoSphR0SQJzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0N4NXk4OUNWZjFwdU85RzRSS0VxWVVkRWtDYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvMWE1YTk2LWQzNmUtNGYzYS05YjM0LTA1NDhkMzg5NWE1NS8x
L2ZwR1hoTVlaM0dIckFmMDBZb0ZlczFwNWsxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
MWE1YTk2LWQzNmUtNGYzYS05YjM0LTA1NDhkMzg5NWE1NS8xL0N4NXk4OUNWZjFw
dU85RzRSS0VxWVVkRWtDYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAWfiwgMEAGflqAMEAbmRRgMEArnf
sAMEALnt1DANBgkqhkiG9w0BAQsFAAOCAQEAvnCOKB+csd53j4ZRsowWOY0STrDK
3Cl3Tx50eEhhnZ+UP28Watd1Mbt8quiBK7qFdviL2ua6oY/oMav3EbLq72Smsmyb
7GOAFsuIOAS3kzDD4f1RXhNjbbQbbPztzATAuQE89K5+sYna/LLJt3G+IVIPTOly
OvA0atlnDqQuWVAKgUt2J8670xsqbCk8q571BcrdVN+nIo+upErh+m2uZ5wRIqus
U94qlexjTPeZSZYEFolD3ZVOLcR+RBYTmCZUAu97OnaFQMZGGKMcGlZFw2Ii4kqY
TrsKeYdX6Z0ZNItongFg1TqK+wfI/GABZ+HOby9g35Qkly4UtJvyrXiLgA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:48 2023 by rpki-client on console-fra.rpki-client.org