Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/Qs5drTZ83LuwkZ6HoIyTLmaX45o.roa
File: Qs5drTZ83LuwkZ6HoIyTLmaX45o.roa (raw, json)
Hash identifier: 8KrmlTjS28AW67oy2R0Pu0r0RlHe45pZtXYCyk6LlBM=
Subject key identifier: 42:CE:5D:AD:36:7C:DC:BB:B0:91:9E:87:A0:8C:93:2E:66:97:E3:9A
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 0184C43A5E025F4064C643D1FE1C4F7BA2BC
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/Qs5drTZ83LuwkZ6HoIyTLmaX45o.roa
Signing time: Tue 29 Nov 2022 16:31:10 +0000
ROA not before: Tue 29 Nov 2022 16:31:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150452
IP address blocks: 103.76.85.0/24 maxlen: 24
103.76.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c4:3a:5e:02:5f:40:64:c6:43:d1:fe:1c:4f:7b:a2:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Nov 29 16:31:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42ce5dad367cdcbbb0919e87a08c932e6697e39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a0:29:b5:e8:2c:2b:c7:d4:fd:ec:02:09:8d:
98:46:81:7e:e5:68:b3:e6:41:28:dd:53:3f:4f:fe:
72:50:15:d9:ad:b7:15:07:0e:c0:17:9d:59:57:a4:
c8:3a:e0:12:da:ca:dd:5f:0f:37:0f:a8:db:74:1a:
0b:bd:91:26:94:36:f2:1d:b4:81:e1:18:9a:ce:de:
60:ef:73:14:36:12:14:89:d6:9c:83:9e:39:d6:ff:
2e:a4:ac:63:5e:39:79:80:26:85:86:92:62:09:71:
4c:45:1f:41:b2:65:3c:1c:18:1e:af:1e:25:60:91:
a4:25:91:0b:f3:10:55:e4:8c:b1:5a:76:c1:b3:4b:
31:eb:0b:a8:79:4a:aa:e5:f8:7d:fb:24:a5:3b:f9:
d6:8f:c5:71:99:7d:37:7e:4b:c0:bf:4a:28:10:a9:
c3:71:45:25:74:c5:b2:bd:85:7d:4b:7a:68:ee:5d:
2e:b7:57:d3:57:01:a3:a7:a5:51:f4:f8:76:48:02:
6d:a5:78:08:e2:0d:3a:d4:66:31:8c:0d:e4:35:03:
6c:9a:15:0c:e0:9a:31:0e:18:70:6c:d9:f0:1c:6b:
71:69:9f:bb:47:4e:f4:18:ec:f3:f4:69:f9:a3:b4:
4a:ed:b8:d0:be:91:c3:51:5b:59:a1:a2:85:4b:88:
9f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:CE:5D:AD:36:7C:DC:BB:B0:91:9E:87:A0:8C:93:2E:66:97:E3:9A
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/Qs5drTZ83LuwkZ6HoIyTLmaX45o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.76.85.0/24
103.76.87.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:4b:9b:d3:49:f1:26:d6:b8:ee:b3:09:8f:96:47:a5:f1:3d:
99:de:ca:95:d9:8c:94:1c:74:d0:ce:83:ca:21:e8:dc:d8:4e:
0e:ae:92:b9:9f:50:44:46:22:0c:af:35:c8:aa:66:b8:31:ed:
30:6e:4e:67:26:42:3d:39:b4:96:95:56:7b:20:93:34:82:6f:
c0:8e:4e:7e:25:0f:86:57:1f:7c:fd:88:77:a3:8a:e4:2a:c6:
a4:75:bf:b9:67:88:3e:69:85:f7:c4:11:18:3f:93:4e:3e:db:
eb:dd:ac:45:a2:d8:1c:8f:76:11:e7:d9:a6:15:18:9a:bf:8d:
0c:8a:ec:92:fa:06:cf:b9:8a:41:c1:27:27:51:fa:2d:70:37:
51:5f:d1:05:99:fb:66:2a:d3:08:2d:8c:9e:e8:87:3d:85:6e:
73:58:62:c9:cb:5c:e1:31:5a:34:76:78:71:d9:b2:0d:d2:c5:
0d:1f:72:02:05:29:fa:44:15:8c:bd:ac:64:d2:6c:b3:9e:0c:
21:76:f3:86:ad:cd:6d:d9:96:e5:8d:91:e3:9d:6e:de:45:54:
47:8b:34:62:6b:c1:e8:77:b4:2d:47:11:3a:e7:59:7d:45:83:
17:02:95:c8:b6:3a:b1:fb:b9:81:c8:88:ea:19:b6:00:e5:c7:
9e:4b:a2:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTEOl4CX0BkxkPR/hxPe6K8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjIxMTI5MTYzMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmNlNWRhZDM2N2NkY2JiYjA5MTllODdhMDhjOTMyZTY2OTdlMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqAptegsK8fU/ewCCY2YRoF+5Wiz
5kEo3VM/T/5yUBXZrbcVBw7AF51ZV6TIOuAS2srdXw83D6jbdBoLvZEmlDbyHbSB
4Riazt5g73MUNhIUidacg5451v8upKxjXjl5gCaFhpJiCXFMRR9BsmU8HBgerx4l
YJGkJZEL8xBV5IyxWnbBs0sx6wuoeUqq5fh9+ySlO/nWj8VxmX03fkvAv0ooEKnD
cUUldMWyvYV9S3po7l0ut1fTVwGjp6VR9Ph2SAJtpXgI4g061GYxjA3kNQNsmhUM
4JoxDhhwbNnwHGtxaZ+7R070GOzz9Gn5o7RK7bjQvpHDUVtZoaKFS4ifWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFELOXa02fNy7sJGeh6CMky5ml+OaMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvUXM1ZHJUWjgzTHV3a1o2SG9JeVRMbWFYNDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ0xVAwQA
Z0xXMA0GCSqGSIb3DQEBCwUAA4IBAQCKS5vTSfEm1rjuswmPlkel8T2Z3sqV2YyU
HHTQzoPKIejc2E4OrpK5n1BERiIMrzXIqma4Me0wbk5nJkI9ObSWlVZ7IJM0gm/A
jk5+JQ+GVx98/Yh3o4rkKsakdb+5Z4g+aYX3xBEYP5NOPtvr3axFotgcj3YR59mm
FRiav40MiuyS+gbPuYpBwScnUfotcDdRX9EFmftmKtMILYye6Ic9hW5zWGLJy1zh
MVo0dnhx2bIN0sUNH3ICBSn6RBWMvaxk0myzngwhdvOGrc1t2ZbljZHjnW7eRVRH
izRia8Hod7QtRxE651l9RYMXApXItjqx+7mByIjqGbYA5ceeS6Ks
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:53:51 2025 by rpki-client