Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/i5lmHvHFf1qHD3sSUrTpJBFsm6w.roa
File: i5lmHvHFf1qHD3sSUrTpJBFsm6w.roa (raw, json)
Hash identifier: w9ppWyU6+Nhq4HZyHNUS9dLUSgT0ZobjU11ps1A/9q0=
Subject key identifier: 8B:99:66:1E:F1:C5:7F:5A:87:0F:7B:12:52:B4:E9:24:11:6C:9B:AC
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 0185BFCBC266F8FAE5B5CE762E086966532D
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/i5lmHvHFf1qHD3sSUrTpJBFsm6w.roa
Signing time: Tue 17 Jan 2023 12:54:39 +0000
ROA not before: Tue 17 Jan 2023 12:54:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 216.194.80.0/20 maxlen: 32
43.252.28.0/22 maxlen: 32
103.211.184.0/23 maxlen: 32
37.61.226.0/24 maxlen: 32
103.30.12.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bf:cb:c2:66:f8:fa:e5:b5:ce:76:2e:08:69:66:53:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Jan 17 12:54:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b99661ef1c57f5a870f7b1252b4e924116c9bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bd:54:9c:5d:44:b7:86:e3:68:12:f6:34:22:
bf:61:1c:61:ae:90:52:1d:a3:a6:e8:18:1d:42:a2:
3f:19:c6:4e:a8:50:81:26:42:cd:3c:4f:27:61:02:
c4:2b:de:44:ad:a8:c9:37:bd:e6:c1:6b:d9:e5:6b:
b6:c2:9d:a9:e0:bf:b7:08:de:b3:8a:1f:ef:77:1d:
c8:0d:a1:12:c4:1f:4c:cb:fd:db:c8:af:bd:98:a8:
30:de:38:a7:92:65:3c:e1:24:f6:2f:5f:09:76:6d:
06:ba:bc:18:40:cb:d0:74:75:4d:28:2c:c3:18:14:
d7:a8:71:4b:71:06:0c:3e:59:75:43:57:d0:4a:90:
db:8e:9b:87:08:81:88:44:2e:9d:73:20:32:95:a5:
67:dc:df:f5:af:68:c0:0b:5b:7d:42:b7:68:aa:23:
1f:79:4b:d5:cb:29:29:94:d7:ab:4e:57:4d:3a:dd:
1d:95:87:83:72:45:33:a7:a9:2d:4b:6d:05:02:2e:
97:2b:bd:59:6b:5d:0b:d1:15:33:af:f1:13:66:b8:
c0:b3:04:92:b8:df:97:b7:91:ce:49:d0:b5:16:ef:
42:ba:e5:a4:c1:8f:f5:f6:b7:39:0a:9f:42:1e:6f:
a1:be:fc:b9:51:c3:92:8e:5f:c2:2a:81:ad:62:2a:
c6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:99:66:1E:F1:C5:7F:5A:87:0F:7B:12:52:B4:E9:24:11:6C:9B:AC
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/i5lmHvHFf1qHD3sSUrTpJBFsm6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.226.0/24
43.252.28.0/22
103.30.12.0/22
103.211.184.0/23
216.194.80.0/20
Signature Algorithm: sha256WithRSAEncryption
54:6c:ad:55:e6:3e:ca:7b:02:a5:73:a6:aa:bf:a7:b2:c5:63:
03:44:13:b3:b0:30:a9:12:16:4e:04:fb:26:5c:ef:c2:d1:0c:
1e:ea:7b:14:48:6c:1a:2b:ab:ca:47:b7:ba:fb:0b:e8:48:e3:
52:68:61:0f:d1:6e:0f:29:6b:b2:23:d7:bb:e6:78:db:7a:9a:
6e:c7:63:44:89:de:ab:18:d0:85:11:b0:ca:07:87:b0:d7:80:
51:96:56:8e:4f:f5:10:df:fb:3b:50:4e:34:78:06:19:27:c3:
55:80:d4:10:d7:bc:30:86:e8:ca:67:7e:51:a9:24:94:cc:0f:
06:8a:c5:3f:ed:17:10:aa:68:95:73:61:73:87:8d:fe:bc:f5:
fe:ac:58:e4:37:c6:d2:05:f1:6a:65:d2:ec:1c:94:35:fd:01:
c4:1f:9c:65:8a:7f:b6:d7:ff:fa:54:9d:82:87:1b:f2:7b:8f:
21:16:cc:49:38:93:11:81:78:90:15:81:63:5c:bd:b6:ff:c1:
02:e8:27:f2:06:c8:24:cf:eb:65:38:4f:6e:b6:31:7e:ff:08:
28:2b:6e:49:d1:2e:ea:cc:3c:73:3c:a5:27:ee:00:c5:b4:ba:
82:c2:08:f0:b2:63:b4:87:63:3a:fe:3f:02:ce:3f:fc:c0:86:
75:1f:bf:9e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYW/y8Jm+Prltc52LghpZlMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjMwMTE3MTI1NDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk5NjYxZWYxYzU3ZjVhODcwZjdiMTI1MmI0ZTkyNDExNmM5YmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL1UnF1Et4bjaBL2NCK/YRxhrpBS
HaOm6BgdQqI/GcZOqFCBJkLNPE8nYQLEK95ErajJN73mwWvZ5Wu2wp2p4L+3CN6z
ih/vdx3IDaESxB9My/3byK+9mKgw3jinkmU84ST2L18Jdm0GurwYQMvQdHVNKCzD
GBTXqHFLcQYMPll1Q1fQSpDbjpuHCIGIRC6dcyAylaVn3N/1r2jAC1t9QrdoqiMf
eUvVyykplNerTldNOt0dlYeDckUzp6ktS20FAi6XK71Za10L0RUzr/ETZrjAswSS
uN+Xt5HOSdC1Fu9CuuWkwY/19rc5Cp9CHm+hvvy5UcOSjl/CKoGtYirGzQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIuZZh7xxX9ahw97ElK06SQRbJusMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvaTVsbUh2SEZmMXFIRDNzU1VyVHBKQkZzbTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJT3iAwQC
K/wcAwQCZx4MAwQBZ9O4AwQE2MJQMA0GCSqGSIb3DQEBCwUAA4IBAQBUbK1V5j7K
ewKlc6aqv6eyxWMDRBOzsDCpEhZOBPsmXO/C0Qwe6nsUSGwaK6vKR7e6+wvoSONS
aGEP0W4PKWuyI9e75njbeppux2NEid6rGNCFEbDKB4ew14BRllaOT/UQ3/s7UE40
eAYZJ8NVgNQQ17wwhujKZ35RqSSUzA8GisU/7RcQqmiVc2Fzh43+vPX+rFjkN8bS
BfFqZdLsHJQ1/QHEH5xlin+21//6VJ2Chxvye48hFsxJOJMRgXiQFYFjXL22/8EC
6CfyBsgkz+tlOE9utjF+/wgoK25J0S7qzDxzPKUn7gDFtLqCwgjwsmO0h2M6/j8C
zj/8wIZ1H7+e
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:13 2025 by rpki-client