Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RJS9YEUWXLENXSxDb-UgGF6OcGY.roa
File: RJS9YEUWXLENXSxDb-UgGF6OcGY.roa (raw, json)
Hash identifier: TdQsK803IcEB0WjXRntnQ1evSU3+PBfPI9xJ1LA+AKI=
Subject key identifier: 44:94:BD:60:45:16:5C:B1:0D:5D:2C:43:6F:E5:20:18:5E:8E:70:66
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018BEBDEAFFC244DF64788892265A4417CBB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RJS9YEUWXLENXSxDb-UgGF6OcGY.roa
Signing time: Mon 20 Nov 2023 08:35:21 +0000
ROA not before: Mon 20 Nov 2023 08:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7979
IP address blocks: 103.209.231.0/24 maxlen: 24
45.152.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:eb:de:af:fc:24:4d:f6:47:88:89:22:65:a4:41:7c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 20 08:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4494bd6045165cb10d5d2c436fe520185e8e7066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8c:33:0e:29:aa:ab:a1:48:71:dd:e8:63:b7:
96:ed:53:74:1a:ad:e4:42:7b:1c:a1:6c:ce:a6:cc:
42:7e:e3:59:b2:e5:9f:2d:dd:4c:a0:41:b2:29:ac:
1e:e5:ab:cd:24:7a:67:e9:4d:ad:31:aa:5a:67:2f:
d5:c4:16:a5:85:45:3b:59:63:ae:bf:53:28:8a:ad:
9c:77:dd:fd:80:ce:8b:4f:93:ed:a6:f9:24:a8:3e:
48:9a:a9:70:11:f4:d1:21:42:8f:fc:5d:e0:3f:e3:
e4:ff:fb:1d:af:e0:47:44:d5:ee:29:53:8e:74:54:
ca:a5:ec:35:9a:22:f9:19:1c:39:70:b4:14:6b:7c:
2a:b1:46:49:f8:e6:e5:c7:98:60:bc:b9:b7:ec:3a:
b1:dc:71:8d:38:cf:f9:14:38:d0:93:83:6a:e3:3e:
cd:da:4d:db:f2:9f:6e:56:de:37:e9:10:6d:e0:93:
bf:f8:9a:b6:14:6a:b4:d4:88:63:1b:d0:52:20:f1:
1a:50:7a:1d:65:41:37:c7:74:bf:32:dd:f5:c4:f4:
45:8d:90:46:5d:a1:0c:c4:23:d1:83:53:93:97:f0:
09:99:53:c3:89:16:09:87:de:43:b3:f5:13:60:7d:
40:a9:f9:f8:2b:52:3c:c6:23:08:96:af:9a:de:71:
76:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:94:BD:60:45:16:5C:B1:0D:5D:2C:43:6F:E5:20:18:5E:8E:70:66
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RJS9YEUWXLENXSxDb-UgGF6OcGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.197.0/24
103.209.231.0/24
Signature Algorithm: sha256WithRSAEncryption
06:e6:97:02:01:2f:23:ae:32:49:c5:6b:a1:8b:a1:ad:b0:e0:
ba:a2:e7:16:a8:34:a9:82:9b:47:e4:d0:85:0f:8c:36:85:fc:
9b:4c:74:35:c1:f5:e2:73:86:4d:2d:2b:2c:36:49:89:09:a6:
0a:73:49:51:75:6a:88:75:2b:15:58:e0:4b:5b:e8:1e:9e:65:
be:a8:13:5c:67:22:f6:a7:ed:36:94:aa:b8:27:e2:83:d1:1b:
e6:77:c8:26:f9:42:cb:74:ff:e7:7b:4f:ba:68:12:af:a0:9a:
fa:54:64:95:30:e0:cf:2e:55:59:16:80:34:25:5b:ac:8d:90:
14:c7:d6:f7:8d:73:3e:6c:67:b4:23:b7:bc:ea:be:07:6d:47:
fd:18:fc:66:09:fa:3d:9a:29:34:1d:76:d2:e5:71:27:c1:24:
a8:9c:73:88:e5:ce:62:38:9a:44:f4:74:10:c3:55:90:8b:a0:
01:57:b2:a0:aa:e5:20:4b:16:07:40:14:a9:84:8e:33:a3:dd:
99:58:4b:e8:73:a3:06:cb:b4:2b:dd:69:21:84:3c:0a:82:12:
bd:07:35:cf:01:5c:04:92:51:9f:42:fc:59:dc:68:c8:83:5f:
24:ec:b7:18:d4:75:e4:09:80:b5:6c:9b:96:6a:17:f7:37:45:
1b:1a:b2:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvr3q/8JE32R4iJImWkQXy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTIwMDgzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDk0YmQ2MDQ1MTY1Y2IxMGQ1ZDJjNDM2ZmU1MjAxODVlOGU3MDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYwzDimqq6FIcd3oY7eW7VN0Gq3k
QnscoWzOpsxCfuNZsuWfLd1MoEGyKawe5avNJHpn6U2tMapaZy/VxBalhUU7WWOu
v1Moiq2cd939gM6LT5PtpvkkqD5ImqlwEfTRIUKP/F3gP+Pk//sdr+BHRNXuKVOO
dFTKpew1miL5GRw5cLQUa3wqsUZJ+Oblx5hgvLm37Dqx3HGNOM/5FDjQk4Nq4z7N
2k3b8p9uVt436RBt4JO/+Jq2FGq01IhjG9BSIPEaUHodZUE3x3S/Mt31xPRFjZBG
XaEMxCPRg1OTl/AJmVPDiRYJh95Ds/UTYH1Aqfn4K1I8xiMIlq+a3nF28QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFESUvWBFFlyxDV0sQ2/lIBhejnBmMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUkpTOVlFVVdYTEVOWFN4RGItVWdHRjZPY0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZjFAwQA
Z9HnMA0GCSqGSIb3DQEBCwUAA4IBAQAG5pcCAS8jrjJJxWuhi6GtsOC6oucWqDSp
gptH5NCFD4w2hfybTHQ1wfXic4ZNLSssNkmJCaYKc0lRdWqIdSsVWOBLW+genmW+
qBNcZyL2p+02lKq4J+KD0Rvmd8gm+ULLdP/ne0+6aBKvoJr6VGSVMODPLlVZFoA0
JVusjZAUx9b3jXM+bGe0I7e86r4HbUf9GPxmCfo9mik0HXbS5XEnwSSonHOI5c5i
OJpE9HQQw1WQi6ABV7KgquUgSxYHQBSphI4zo92ZWEvoc6MGy7Qr3WkhhDwKghK9
BzXPAVwEklGfQvxZ3GjIg18k7LcY1HXkCYC1bJuWahf3N0UbGrJI
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:19 2025 by rpki-client