Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/7z10qtjct7-CVawKro9YTgESmZs.roa
File: 7z10qtjct7-CVawKro9YTgESmZs.roa (raw, json)
Hash identifier: 3Y1xD0SzYlNlfOBdRb0qmVvA+d+2jkhQfAnTDDF2X/4=
Subject key identifier: EF:3D:74:AA:D8:DC:B7:BF:82:55:AC:0A:AE:8F:58:4E:01:12:99:9B
Certificate issuer: /CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Certificate serial: 01856C53C8847379FCE2A19C048DAA44529E
Authority key identifier: C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/7z10qtjct7-CVawKro9YTgESmZs.roa
Signing time: Sun 01 Jan 2023 07:55:08 +0000
ROA not before: Sun 01 Jan 2023 07:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208888
IP address blocks: 103.23.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:c8:84:73:79:fc:e2:a1:9c:04:8d:aa:44:52:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Validity
Not Before: Jan 1 07:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef3d74aad8dcb7bf8255ac0aae8f584e0112999b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:30:22:59:a2:16:ba:65:48:e0:1c:b5:16:66:
eb:71:25:87:52:cc:76:fc:fd:ac:17:67:07:cf:c8:
ae:b7:84:55:d5:47:56:94:74:4e:ff:8b:5a:95:ae:
1e:74:cf:cc:89:e2:21:03:4a:1f:be:8b:99:d2:0e:
5a:d6:e6:10:38:4a:d4:e5:ab:78:9f:de:4e:62:47:
4d:0e:cc:da:6b:9f:aa:50:b9:db:3b:e9:2e:00:ef:
ea:3d:f7:e5:cd:89:37:bc:e5:41:29:a5:5e:e4:d3:
87:65:88:34:e9:8f:54:a4:47:3e:9f:5a:dc:8b:f9:
33:b6:a0:32:1f:0e:52:36:50:f6:19:17:10:53:07:
ea:16:51:9b:b0:69:28:9f:c3:51:fa:39:4a:c2:3a:
67:4b:15:5c:87:2c:ae:54:37:b8:8a:78:5e:a2:4a:
b0:b9:db:78:25:ef:1b:2f:24:6f:ee:ff:f0:46:2b:
1a:a4:09:69:d0:d0:f1:4b:a7:41:0b:14:f8:7a:1e:
1c:83:f7:bb:8f:ae:68:b0:58:a4:2f:fc:ac:8f:3f:
45:5a:93:67:47:b5:0c:63:b9:54:d9:a7:13:e2:47:
21:83:8b:ef:19:b3:49:66:08:32:92:f8:68:44:9f:
07:85:13:da:7f:01:7b:44:aa:bb:0b:d6:df:28:42:
5a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:3D:74:AA:D8:DC:B7:BF:82:55:AC:0A:AE:8F:58:4E:01:12:99:9B
X509v3 Authority Key Identifier:
keyid:C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/7z10qtjct7-CVawKro9YTgESmZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.23.62.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:79:3f:ed:91:e5:db:e7:9a:0c:f6:a1:ad:ee:a7:4e:cb:ef:
d5:34:84:29:bd:cb:9f:4d:d8:54:77:2b:e5:00:76:86:1d:f2:
1f:da:3d:f9:f6:88:6f:8e:92:55:68:d6:c7:22:af:b0:d1:20:
ec:d1:02:cf:5f:fa:09:58:30:80:b1:8f:48:af:93:d8:c0:94:
02:02:8c:7d:42:53:9f:7d:42:0d:88:1f:ff:e1:94:be:e7:dd:
8f:80:a7:38:9f:56:f5:75:22:d4:d3:f7:07:09:e0:88:d5:69:
2a:db:9a:f2:8f:bb:56:d2:ac:03:3a:03:56:13:7f:11:42:d4:
76:2c:77:16:67:77:37:b3:3c:34:e7:41:3c:b8:a6:14:13:32:
f0:90:0d:08:c8:45:69:bb:e1:cd:58:d4:09:31:09:65:e7:5f:
f4:c5:62:71:bf:f2:8b:e1:5c:bf:a4:5b:96:ff:22:50:1f:a3:
94:28:d8:81:51:17:36:85:ec:30:19:e7:b1:bf:bf:c0:af:31:
16:78:43:32:ec:b6:09:ae:94:67:82:a9:95:8b:d8:c8:b0:6a:
48:ed:87:c5:cc:4a:1f:5c:9b:b2:f5:4d:4c:38:c4:26:fd:3e:
d4:0c:fa:f2:ab:91:07:17:8c:94:03:fa:10:51:e9:c6:ad:fd:
b2:20:ed:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU8iEc3n84qGcBI2qRFKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZTU0OWZkY2VlYjAyOTEyYzhhODc0MWM4MTY4MDZiYmUx
OWM0NDgwHhcNMjMwMTAxMDc1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjNkNzRhYWQ4ZGNiN2JmODI1NWFjMGFhZThmNTg0ZTAxMTI5OTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDAiWaIWumVI4By1FmbrcSWHUsx2
/P2sF2cHz8iut4RV1UdWlHRO/4tala4edM/MieIhA0ofvouZ0g5a1uYQOErU5at4
n95OYkdNDszaa5+qULnbO+kuAO/qPfflzYk3vOVBKaVe5NOHZYg06Y9UpEc+n1rc
i/kztqAyHw5SNlD2GRcQUwfqFlGbsGkon8NR+jlKwjpnSxVchyyuVDe4inheokqw
udt4Je8bLyRv7v/wRisapAlp0NDxS6dBCxT4eh4cg/e7j65osFikL/ysjz9FWpNn
R7UMY7lU2acT4kchg4vvGbNJZggykvhoRJ8HhRPafwF7RKq7C9bfKEJafQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO89dKrY3Le/glWsCq6PWE4BEpmbMB8GA1UdIwQY
MBaAFMDlSf3O6wKRLIqHQcgWgGu+GcRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMt
YWQyZmRhNDc5ODhlLzEvN3oxMHF0amN0Ny1DVmF3S3JvOVlUZ0VTbVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMtYWQyZmRhNDc5ODhl
LzEvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZxc+MA0G
CSqGSIb3DQEBCwUAA4IBAQB+eT/tkeXb55oM9qGt7qdOy+/VNIQpvcufTdhUdyvl
AHaGHfIf2j359ohvjpJVaNbHIq+w0SDs0QLPX/oJWDCAsY9Ir5PYwJQCAox9QlOf
fUINiB//4ZS+592PgKc4n1b1dSLU0/cHCeCI1Wkq25ryj7tW0qwDOgNWE38RQtR2
LHcWZ3c3szw050E8uKYUEzLwkA0IyEVpu+HNWNQJMQll51/0xWJxv/KL4Vy/pFuW
/yJQH6OUKNiBURc2hewwGeexv7/ArzEWeEMy7LYJrpRngqmVi9jIsGpI7YfFzEof
XJuy9U1MOMQm/T7UDPryq5EHF4yUA/oQUenGrf2yIO30
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:03:04 2025 by rpki-client