Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/vvJXhicBwkQ_gpSAPmGPicIu9fs.roa
File: vvJXhicBwkQ_gpSAPmGPicIu9fs.roa (raw, json)
Hash identifier: 0wsf/reMrh3t6rTtd5ESibg8v6kAZezfgwslFGVES78=
Subject key identifier: BE:F2:57:86:27:01:C2:44:3F:82:94:80:3E:61:8F:89:C2:2E:F5:FB
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 01856F42DA243A0A548A969E19ED1CD50A14
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/vvJXhicBwkQ_gpSAPmGPicIu9fs.roa
Signing time: Sun 01 Jan 2023 21:35:30 +0000
ROA not before: Sun 01 Jan 2023 21:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3177
IP address blocks: 195.28.11.0/24 maxlen: 24
103.215.223.0/24 maxlen: 24
103.215.221.0/24 maxlen: 24
103.215.222.0/24 maxlen: 24
103.215.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:da:24:3a:0a:54:8a:96:9e:19:ed:1c:d5:0a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 21:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bef257862701c2443f8294803e618f89c22ef5fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:56:d8:12:4b:44:cd:5c:c3:09:05:b2:83:04:
05:30:4d:a4:0f:4d:39:97:77:03:27:d9:d7:cb:94:
e9:ad:0a:ad:5e:bb:1a:09:7e:82:5e:4a:b0:01:36:
e2:59:0e:a2:b4:05:19:0c:a7:ad:89:7b:1e:60:9a:
fb:df:a3:7d:21:39:e4:dd:da:35:b9:6a:47:07:ab:
c0:68:49:ea:fc:f1:8a:c6:c6:ae:b6:f7:67:b4:38:
66:3a:97:b0:af:ea:ba:55:8d:12:95:71:6b:59:02:
86:c4:54:68:7e:e2:8a:98:f9:71:d7:0b:65:85:c0:
fc:9e:86:39:44:e9:61:51:70:bc:d3:67:ac:ad:85:
61:8e:dd:07:d8:3e:26:73:d7:c6:21:53:67:dc:e4:
22:fb:32:23:b2:ff:4a:ec:60:be:48:49:85:0e:72:
d0:88:10:e8:fa:b1:4c:68:9d:44:52:66:2a:af:58:
91:63:48:a5:e4:69:91:08:45:0b:47:52:f3:15:94:
f6:d7:5a:09:e9:28:c7:1d:f0:93:23:d1:a1:9e:a2:
ba:5a:ff:c7:77:46:df:15:cd:66:6a:1d:f5:c7:04:
44:90:33:0a:57:a4:22:42:57:54:94:6e:37:92:d6:
45:37:37:a4:74:97:07:a8:47:94:ab:95:29:8d:ff:
ad:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F2:57:86:27:01:C2:44:3F:82:94:80:3E:61:8F:89:C2:2E:F5:FB
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/vvJXhicBwkQ_gpSAPmGPicIu9fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.220.0/22
195.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:03:f5:fa:76:ea:ba:9e:fb:2d:c4:21:2a:7c:62:3e:7d:e4:
0d:db:85:e3:bd:01:35:01:f4:1e:04:09:40:e4:38:32:06:36:
d3:40:e4:48:da:6d:22:10:f4:68:d1:7e:fa:6b:43:d9:88:3e:
04:b7:61:5c:8a:2b:2e:d8:a6:1b:6a:01:c8:36:6c:f3:cd:30:
10:a4:a4:0e:e9:95:c4:d2:b1:40:d0:a1:73:4d:f9:c5:d0:c2:
a3:31:5e:bb:9b:9c:b7:70:87:42:e0:b1:3b:62:5a:d6:2b:56:
1e:b0:f9:fd:5c:eb:76:40:d9:fd:a7:08:df:7d:4f:31:bf:40:
c5:ea:86:a6:d4:c2:5c:56:13:42:d6:f1:c6:14:7d:4f:2b:94:
42:e8:c0:40:39:27:7c:16:1c:f9:9c:12:d2:d2:6d:59:09:ed:
dd:76:5c:e2:8b:82:64:06:47:99:67:99:15:6b:be:4d:15:43:
fd:00:3c:4c:d7:1b:b3:6b:0e:08:02:91:90:b9:00:34:bd:39:
cd:9b:ff:bb:0f:aa:81:f9:95:42:17:72:7f:44:a6:81:eb:db:
de:fe:99:92:01:2f:00:39:33:ef:b2:d8:74:d0:e8:f1:2b:ce:
1f:77:e6:0b:76:a5:11:08:4b:48:72:7c:22:b6:b8:9c:75:cc:
a9:a6:6f:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvQtokOgpUipaeGe0c1QoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjMwMTAxMjEzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWYyNTc4NjI3MDFjMjQ0M2Y4Mjk0ODAzZTYxOGY4OWMyMmVmNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVbYEktEzVzDCQWygwQFME2kD005
l3cDJ9nXy5TprQqtXrsaCX6CXkqwATbiWQ6itAUZDKetiXseYJr736N9ITnk3do1
uWpHB6vAaEnq/PGKxsautvdntDhmOpewr+q6VY0SlXFrWQKGxFRofuKKmPlx1wtl
hcD8noY5ROlhUXC802esrYVhjt0H2D4mc9fGIVNn3OQi+zIjsv9K7GC+SEmFDnLQ
iBDo+rFMaJ1EUmYqr1iRY0il5GmRCEULR1LzFZT211oJ6SjHHfCTI9GhnqK6Wv/H
d0bfFc1mah31xwREkDMKV6QiQldUlG43ktZFNzekdJcHqEeUq5Upjf+t3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL7yV4YnAcJEP4KUgD5hj4nCLvX7MB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvdnZKWGhpY0J3a1FfZ3BTQVBtR1BpY0l1OWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCZ9fcAwQA
wxwLMA0GCSqGSIb3DQEBCwUAA4IBAQAcA/X6duq6nvstxCEqfGI+feQN24XjvQE1
AfQeBAlA5DgyBjbTQORI2m0iEPRo0X76a0PZiD4Et2Fciisu2KYbagHINmzzzTAQ
pKQO6ZXE0rFA0KFzTfnF0MKjMV67m5y3cIdC4LE7YlrWK1YesPn9XOt2QNn9pwjf
fU8xv0DF6oam1MJcVhNC1vHGFH1PK5RC6MBAOSd8Fhz5nBLS0m1ZCe3ddlzii4Jk
BkeZZ5kVa75NFUP9ADxM1xuzaw4IApGQuQA0vTnNm/+7D6qB+ZVCF3J/RKaB69ve
/pmSAS8AOTPvsth00OjxK84fd+YLdqURCEtIcnwitricdcyppm95
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:33 2025 by rpki-client