Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/TZDhtWfl4dYWrP9kQoCNNGgAWho.roa
File: TZDhtWfl4dYWrP9kQoCNNGgAWho.roa (raw, json)
Hash identifier: dxgbI1ZM5SIM6pCupIqzqDkyxqdArL/hHenSIZB+J/I=
Subject key identifier: 4D:90:E1:B5:67:E5:E1:D6:16:AC:FF:64:42:80:8D:34:68:00:5A:1A
Certificate issuer: /CN=46f01771d1cc8fd114c46a616206aa4c59dbdc19
Certificate serial: 0186133E36021F424EC986161681E3E897B8
Authority key identifier: 46:F0:17:71:D1:CC:8F:D1:14:C4:6A:61:62:06:AA:4C:59:DB:DC:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/TZDhtWfl4dYWrP9kQoCNNGgAWho.roa
Signing time: Thu 02 Feb 2023 17:48:09 +0000
ROA not before: Thu 02 Feb 2023 17:48:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49157
IP address blocks: 103.95.118.0/24 maxlen: 24
103.95.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:13:3e:36:02:1f:42:4e:c9:86:16:16:81:e3:e8:97:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46f01771d1cc8fd114c46a616206aa4c59dbdc19
Validity
Not Before: Feb 2 17:48:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d90e1b567e5e1d616acff6442808d3468005a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:89:a5:98:58:97:af:a7:85:4e:89:fb:0b:62:
d0:50:e6:7a:20:96:d9:6d:41:6c:2e:b3:9d:91:37:
44:77:c0:3c:45:25:e8:a3:36:68:74:2e:ef:44:5b:
c4:9a:6d:1b:8b:ae:3a:52:f6:df:88:57:51:46:bc:
0c:7c:18:04:8c:9c:c5:41:fb:35:cd:4e:84:60:c9:
7b:58:1b:ac:45:83:4d:88:28:e9:d8:e9:3b:98:46:
23:eb:99:13:3a:45:4c:bb:5e:a3:76:21:1d:54:d1:
37:51:60:1d:16:15:9b:f7:37:e4:b4:65:ba:0d:06:
20:9c:7b:3e:da:0b:0d:4d:ce:8c:a0:8e:20:d5:6a:
dd:cb:fa:bb:f4:2c:20:54:ed:a2:3d:c3:40:5e:c1:
2e:73:87:6f:38:c9:c7:43:c0:d1:2f:f0:19:e1:e8:
58:c4:6b:54:1d:a6:2a:b9:02:af:64:a2:3a:94:fc:
42:8a:19:09:00:a1:b2:67:c3:30:71:02:1c:ea:d1:
f4:32:7e:42:1c:a4:38:9f:f0:01:5a:a0:99:61:88:
93:08:5a:33:dc:b4:b8:c3:21:6b:29:97:8e:ea:e0:
d6:61:9f:80:d5:2c:85:64:52:98:89:8b:07:c5:e1:
9a:7f:ea:70:0c:80:15:94:ee:08:90:48:60:34:7f:
70:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:90:E1:B5:67:E5:E1:D6:16:AC:FF:64:42:80:8D:34:68:00:5A:1A
X509v3 Authority Key Identifier:
keyid:46:F0:17:71:D1:CC:8F:D1:14:C4:6A:61:62:06:AA:4C:59:DB:DC:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/TZDhtWfl4dYWrP9kQoCNNGgAWho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/RvAXcdHMj9EUxGphYgaqTFnb3Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.95.118.0/23
Signature Algorithm: sha256WithRSAEncryption
81:fc:d7:b1:7f:ec:14:1f:4c:6d:5e:4b:77:cc:db:39:4b:1b:
0a:48:ce:0e:a4:30:04:02:da:e0:81:41:f7:96:b0:47:d9:2a:
ee:35:cb:70:14:4a:88:8b:cc:b9:f9:e5:c9:f1:c5:54:14:cb:
22:b3:24:00:78:a0:de:65:bb:ef:dd:d1:f6:0a:c2:c2:aa:09:
ad:c7:96:fe:30:1e:9b:7b:ca:99:fe:7e:cc:fd:db:a6:96:8d:
b2:b6:13:cd:3a:e4:f2:af:0c:cc:b4:93:71:cb:6f:1d:74:0d:
99:1d:4c:84:8b:26:c0:12:fd:f3:88:18:72:3e:01:46:15:7f:
ea:4a:e6:da:d0:e4:d4:2a:09:f9:97:66:95:2a:1a:df:2b:4d:
ae:7f:d1:da:3c:70:c1:02:d5:67:7c:d3:fc:0b:e8:d8:31:1a:
5b:b1:0b:9e:67:f6:a9:15:23:48:51:e3:b1:1e:91:84:4c:19:
f4:82:81:f6:d1:2c:63:94:99:b1:4d:69:23:d3:e4:e5:b0:0e:
c8:d7:7f:30:fc:11:87:e4:2a:36:a3:87:64:65:ec:dd:2d:85:
7f:0b:72:0b:e3:6e:6a:6b:69:3a:30:d2:ba:e7:21:9b:3f:cc:
c7:d4:c0:05:17:8e:e6:3c:d4:c1:96:55:d8:d8:68:2e:e5:ff:
1d:af:98:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYTPjYCH0JOyYYWFoHj6Je4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZjAxNzcxZDFjYzhmZDExNGM0NmE2MTYyMDZhYTRjNTlk
YmRjMTkwHhcNMjMwMjAyMTc0ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDkwZTFiNTY3ZTVlMWQ2MTZhY2ZmNjQ0MjgwOGQzNDY4MDA1YTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmImlmFiXr6eFTon7C2LQUOZ6IJbZ
bUFsLrOdkTdEd8A8RSXoozZodC7vRFvEmm0bi646UvbfiFdRRrwMfBgEjJzFQfs1
zU6EYMl7WBusRYNNiCjp2Ok7mEYj65kTOkVMu16jdiEdVNE3UWAdFhWb9zfktGW6
DQYgnHs+2gsNTc6MoI4g1Wrdy/q79CwgVO2iPcNAXsEuc4dvOMnHQ8DRL/AZ4ehY
xGtUHaYquQKvZKI6lPxCihkJAKGyZ8MwcQIc6tH0Mn5CHKQ4n/ABWqCZYYiTCFoz
3LS4wyFrKZeO6uDWYZ+A1SyFZFKYiYsHxeGaf+pwDIAVlO4IkEhgNH9wywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2Q4bVn5eHWFqz/ZEKAjTRoAFoaMB8GA1UdIwQY
MBaAFEbwF3HRzI/RFMRqYWIGqkxZ29wZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnZBWGNkSE1qOUVVeEdwaFlnYXFURm5iM0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ZTU3YTMtYTE4MS00NWRmLWI0YWUt
MzE2ZjZkYWJmZmJmLzEvVFpEaHRXZmw0ZFlXclA5a1FvQ05OR2dBV2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ZTU3YTMtYTE4MS00NWRmLWI0YWUtMzE2ZjZkYWJmZmJm
LzEvUnZBWGNkSE1qOUVVeEdwaFlnYXFURm5iM0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ192MA0G
CSqGSIb3DQEBCwUAA4IBAQCB/Nexf+wUH0xtXkt3zNs5SxsKSM4OpDAEAtrggUH3
lrBH2SruNctwFEqIi8y5+eXJ8cVUFMsisyQAeKDeZbvv3dH2CsLCqgmtx5b+MB6b
e8qZ/n7M/dumlo2ythPNOuTyrwzMtJNxy28ddA2ZHUyEiybAEv3ziBhyPgFGFX/q
Suba0OTUKgn5l2aVKhrfK02uf9HaPHDBAtVnfNP8C+jYMRpbsQueZ/apFSNIUeOx
HpGETBn0goH20SxjlJmxTWkj0+TlsA7I138w/BGH5Co2o4dkZezdLYV/C3IL425q
a2k6MNK65yGbP8zH1MAFF47mPNTBllXY2Ggu5f8dr5iF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:19 2025 by rpki-client