Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/RFM6DMqTPAfwapCii1AWy8sb2nA.roa
File: RFM6DMqTPAfwapCii1AWy8sb2nA.roa (raw, json)
Hash identifier: r3Fxr54fFC380DaF2v+ylsEJ3bMDOOhirDSyCRsG3C8=
Subject key identifier: 44:53:3A:0C:CA:93:3C:07:F0:6A:90:A2:8B:50:16:CB:CB:1B:DA:70
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 0186BFB9F4FFF949987BE3107173884AF850
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/RFM6DMqTPAfwapCii1AWy8sb2nA.roa
Signing time: Wed 08 Mar 2023 05:38:00 +0000
ROA not before: Wed 08 Mar 2023 05:38:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206388
IP address blocks: 103.215.221.0/24 maxlen: 24
103.215.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bf:b9:f4:ff:f9:49:98:7b:e3:10:71:73:88:4a:f8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Mar 8 05:38:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44533a0cca933c07f06a90a28b5016cbcb1bda70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:71:0d:1d:c2:b7:6f:27:3b:4d:df:a9:bc:ce:
31:b0:d8:f9:d4:01:f9:d0:7d:37:03:c1:7c:b0:b4:
b2:8b:bd:06:9e:1d:16:44:40:3f:a1:c5:d1:aa:7e:
a8:11:29:19:95:fc:68:db:87:ad:29:8f:f0:4c:c0:
dd:9b:12:f4:25:c0:79:8c:99:ac:4b:6e:d5:8e:49:
f7:62:a7:e2:52:43:ef:dc:cb:87:33:cf:2d:96:bf:
2f:70:b3:fe:1b:a9:ba:c1:97:6a:a8:a8:71:65:bd:
93:96:c3:d3:d2:03:5b:fc:16:6d:e7:b9:ac:83:5d:
5f:e6:65:68:41:f8:c9:64:68:4a:72:9c:7c:37:a5:
49:af:d0:ff:18:21:ba:24:1f:98:b1:42:32:da:e7:
7a:9a:69:39:08:75:2b:97:a6:82:04:c5:d0:58:50:
2d:d0:c0:ca:67:d9:3f:1c:4e:57:84:a8:7f:e6:2d:
9c:5e:5e:cf:bf:4e:0a:22:81:8c:16:b6:41:9e:0c:
49:0b:a4:69:60:b5:53:b0:dc:04:7a:65:e2:ae:d3:
12:f3:3e:6d:02:23:6d:3f:da:17:8a:09:9d:b6:42:
96:56:30:ea:dd:3c:5b:89:0a:44:0e:ad:03:7d:ce:
ee:64:63:8b:af:58:49:b7:bf:92:ff:29:43:2c:23:
21:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:53:3A:0C:CA:93:3C:07:F0:6A:90:A2:8B:50:16:CB:CB:1B:DA:70
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/RFM6DMqTPAfwapCii1AWy8sb2nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.221.0-103.215.222.255
Signature Algorithm: sha256WithRSAEncryption
6d:fd:0e:d4:b0:29:1d:d0:a6:44:d0:80:0d:ff:f0:ee:c6:71:
4c:cb:c3:de:66:c8:c9:c1:7d:26:03:6a:81:2c:7f:cd:0f:4c:
c2:98:00:b1:15:d0:90:a1:b9:de:50:27:69:e6:e0:4c:93:23:
8f:ba:69:fd:d1:6b:9e:d6:55:e1:5f:09:9c:c4:ac:6a:c5:cf:
9c:27:f7:ed:34:a1:16:fe:b3:95:80:6d:94:8f:a8:a0:e3:50:
6d:7d:c9:6b:69:6f:c6:f6:fe:44:a1:f9:a6:45:29:85:00:25:
07:bf:18:28:84:fb:9b:33:2c:6c:c4:f8:d5:61:42:f7:82:79:
38:06:e3:0f:89:8a:f7:f5:51:1c:7a:4f:95:98:b7:ec:80:74:
6a:26:5f:2d:09:98:31:83:9f:f6:00:3f:61:51:74:9d:0d:7f:
b7:14:bd:ef:4f:a1:21:f1:a2:c9:82:63:5d:70:f8:94:75:f2:
83:cc:17:d3:08:77:14:49:81:84:6e:f2:61:42:71:81:46:83:
19:a5:4c:f3:d6:e5:c2:75:cf:9b:a6:2e:e8:fc:ad:0c:2f:0d:
11:d6:6f:f4:45:8b:4f:7e:b7:62:24:cd:97:e7:de:7a:f7:c7:
19:31:cc:2d:66:0c:45:6c:2f:ea:64:32:2b:09:6a:95:c1:81:
0a:ae:ef:c0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYa/ufT/+UmYe+MQcXOISvhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjMwMzA4MDUzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDUzM2EwY2NhOTMzYzA3ZjA2YTkwYTI4YjUwMTZjYmNiMWJkYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXENHcK3byc7Td+pvM4xsNj51AH5
0H03A8F8sLSyi70Gnh0WREA/ocXRqn6oESkZlfxo24etKY/wTMDdmxL0JcB5jJms
S27Vjkn3YqfiUkPv3MuHM88tlr8vcLP+G6m6wZdqqKhxZb2TlsPT0gNb/BZt57ms
g11f5mVoQfjJZGhKcpx8N6VJr9D/GCG6JB+YsUIy2ud6mmk5CHUrl6aCBMXQWFAt
0MDKZ9k/HE5XhKh/5i2cXl7Pv04KIoGMFrZBngxJC6RpYLVTsNwEemXirtMS8z5t
AiNtP9oXigmdtkKWVjDq3TxbiQpEDq0Dfc7uZGOLr1hJt7+S/ylDLCMhMQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFERTOgzKkzwH8GqQootQFsvLG9pwMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvUkZNNkRNcVRQQWZ3YXBDaWkxQVd5OHNiMm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABn190D
BABn194wDQYJKoZIhvcNAQELBQADggEBAG39DtSwKR3QpkTQgA3/8O7GcUzLw95m
yMnBfSYDaoEsf80PTMKYALEV0JChud5QJ2nm4EyTI4+6af3Ra57WVeFfCZzErGrF
z5wn9+00oRb+s5WAbZSPqKDjUG19yWtpb8b2/kSh+aZFKYUAJQe/GCiE+5szLGzE
+NVhQveCeTgG4w+Jivf1URx6T5WYt+yAdGomXy0JmDGDn/YAP2FRdJ0Nf7cUve9P
oSHxosmCY11w+JR18oPMF9MIdxRJgYRu8mFCcYFGgxmlTPPW5cJ1z5umLuj8rQwv
DRHWb/RFi09+t2IkzZfn3nr3xxkxzC1mDEVsL+pkMisJapXBgQqu78A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:26 2025 by rpki-client