Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/g1f8dtP5vObbMfo-Oj2lHPnx7xw.roa
File: g1f8dtP5vObbMfo-Oj2lHPnx7xw.roa (raw, json)
Hash identifier: gVOPrIiLoibZXBrYOAc8w7fVDC4C15tKF5DFS1oEEdA=
Subject key identifier: 83:57:FC:76:D3:F9:BC:E6:DB:31:FA:3E:3A:3D:A5:1C:F9:F1:EF:1C
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 0183E69B11550412E09797317DAFF219DFD8
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/g1f8dtP5vObbMfo-Oj2lHPnx7xw.roa
Signing time: Mon 17 Oct 2022 15:41:05 +0000
ROA not before: Mon 17 Oct 2022 15:41:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 103.226.193.0/24 maxlen: 24
185.237.212.0/22 maxlen: 24
185.237.215.0/24 maxlen: 24
185.145.69.0/24 maxlen: 24
185.145.68.0/22 maxlen: 22
185.145.68.0/24 maxlen: 24
103.229.171.0/24 maxlen: 24
103.229.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e6:9b:11:55:04:12:e0:97:97:31:7d:af:f2:19:df:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Oct 17 15:41:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8357fc76d3f9bce6db31fa3e3a3da51cf9f1ef1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e1:cc:26:7a:6d:e0:2d:c4:cb:0d:f6:57:0b:
34:b3:c4:01:ce:52:a3:f6:de:e4:b7:b1:5c:ce:9c:
28:70:81:7e:23:72:d4:93:1e:8e:f1:30:fc:8b:a1:
14:6e:be:aa:9b:4c:95:e8:1b:dd:10:75:68:52:c0:
66:84:23:4c:f6:b8:bd:45:bd:a4:fb:6a:6c:a5:37:
c2:0b:0a:7e:6b:4b:6a:6c:c2:b8:4d:01:0b:bb:8a:
e0:5f:85:7f:8e:45:9e:04:33:94:a9:61:c7:0e:a1:
60:44:5b:7e:c2:c7:87:16:4e:e0:e5:4e:51:13:e9:
09:ca:0c:a1:4a:30:1d:45:aa:5a:03:58:e6:19:be:
50:06:e1:b0:f0:95:32:76:a6:f2:bf:d2:8a:e5:70:
68:17:4d:c3:b2:fa:a6:56:3c:9f:b7:ce:9d:35:76:
ec:ea:08:1f:c1:fe:d3:ea:51:82:f9:63:a7:b2:27:
5c:d8:29:c4:b6:fa:70:4f:29:b6:9d:c9:b2:01:ef:
67:0c:84:38:5c:30:3d:6d:39:bd:ae:cc:f6:26:ad:
1c:dc:c5:33:93:6a:1e:3b:9a:8b:37:21:61:24:a3:
c7:35:ab:50:46:2a:b5:59:d7:47:ba:68:ec:ab:f0:
5a:49:27:b8:fa:9e:ca:32:6d:b8:8c:3f:9f:e2:64:
ef:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:57:FC:76:D3:F9:BC:E6:DB:31:FA:3E:3A:3D:A5:1C:F9:F1:EF:1C
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/g1f8dtP5vObbMfo-Oj2lHPnx7xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.226.193.0/24
103.229.170.0/23
185.145.68.0/22
185.237.212.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:50:94:b5:49:39:d0:50:78:b8:83:f2:5f:da:ba:3f:42:49:
64:70:d8:9e:e9:08:eb:b5:98:f3:c5:b9:84:e8:f1:d8:b0:ee:
a5:91:6d:62:60:4c:04:95:86:61:2e:5a:52:76:96:c8:9b:b6:
ed:89:55:3e:15:51:7a:8c:30:15:97:b0:b5:8e:31:6f:fc:c0:
69:19:b0:e7:cb:22:bf:64:5a:2e:d5:e7:85:62:aa:da:b8:76:
fa:4e:f2:4b:99:21:bc:94:ab:8e:83:6e:7f:2e:23:97:d0:ff:
68:64:27:e3:ef:91:6e:60:e0:1c:0c:61:83:f6:37:bd:ac:a8:
d0:60:ec:34:4c:35:7b:65:11:b2:a4:a8:5b:76:43:a3:c7:da:
d3:fb:9d:03:e1:3a:b0:e1:84:ec:3c:dc:b1:25:da:98:f7:1b:
9f:24:05:b4:1c:c4:20:5d:09:a0:2f:3a:fb:6e:d3:98:bf:c8:
54:4c:d9:c0:91:db:29:7f:63:73:61:ac:34:67:a8:f1:64:7f:
ca:4c:fa:02:58:d2:6b:59:09:77:84:26:46:3a:bd:55:b0:c0:
c1:a5:44:cf:ae:07:ff:6d:c3:f9:1c:ec:f0:e9:4e:8d:85:c8:
c9:37:2c:1d:25:9d:e5:93:b4:57:87:c1:f8:1a:d9:0d:b3:3c:
8c:3a:d3:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPmmxFVBBLgl5cxfa/yGd/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjIxMDE3MTU0MTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzU3ZmM3NmQzZjliY2U2ZGIzMWZhM2UzYTNkYTUxY2Y5ZjFlZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOHMJnpt4C3Eyw32Vws0s8QBzlKj
9t7kt7FczpwocIF+I3LUkx6O8TD8i6EUbr6qm0yV6BvdEHVoUsBmhCNM9ri9Rb2k
+2pspTfCCwp+a0tqbMK4TQELu4rgX4V/jkWeBDOUqWHHDqFgRFt+wseHFk7g5U5R
E+kJygyhSjAdRapaA1jmGb5QBuGw8JUydqbyv9KK5XBoF03DsvqmVjyft86dNXbs
6ggfwf7T6lGC+WOnsidc2CnEtvpwTym2ncmyAe9nDIQ4XDA9bTm9rsz2Jq0c3MUz
k2oeO5qLNyFhJKPHNatQRiq1WddHumjsq/BaSSe4+p7KMm24jD+f4mTv+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFINX/HbT+bzm2zH6Pjo9pRz58e8cMB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEvZzFmOGR0UDV2T2JiTWZvLU9qMmxIUG54N3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQtMDU0OGQzODk1YTU1
LzEvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAZ+LBAwQB
Z+WqAwQCuZFEAwQCue3UMA0GCSqGSIb3DQEBCwUAA4IBAQCeUJS1STnQUHi4g/Jf
2ro/QklkcNie6QjrtZjzxbmE6PHYsO6lkW1iYEwElYZhLlpSdpbIm7btiVU+FVF6
jDAVl7C1jjFv/MBpGbDnyyK/ZFou1eeFYqrauHb6TvJLmSG8lKuOg25/LiOX0P9o
ZCfj75FuYOAcDGGD9je9rKjQYOw0TDV7ZRGypKhbdkOjx9rT+50D4Tqw4YTsPNyx
JdqY9xufJAW0HMQgXQmgLzr7btOYv8hUTNnAkdspf2NzYaw0Z6jxZH/KTPoCWNJr
WQl3hCZGOr1VsMDBpUTPrgf/bcP5HOzw6U6NhcjJNywdJZ3lk7RXh8H4GtkNszyM
OtME
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:48 2023 by rpki-client on console-fra.rpki-client.org