Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/r1y27Z7m16-Lmla9e0-HC59Dewk.roa
File: r1y27Z7m16-Lmla9e0-HC59Dewk.roa (raw, json)
Hash identifier: 6jmmVmhB0Yq4NedCqc4C39ODNCk/k/3CRcHGNRvBQjI=
Subject key identifier: AF:5C:B6:ED:9E:E6:D7:AF:8B:9A:56:BD:7B:4F:87:0B:9F:43:7B:09
Certificate issuer: /CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Certificate serial: 01823EA827B81141EF6D5C0B5ADB9335C510
Authority key identifier: 26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/r1y27Z7m16-Lmla9e0-HC59Dewk.roa
Signing time: Wed 27 Jul 2022 07:56:23 +0000
ROA not before: Wed 27 Jul 2022 07:56:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49596
IP address blocks: 103.231.136.0/24 maxlen: 24
103.231.139.0/24 maxlen: 24
103.231.137.0/24 maxlen: 24
103.231.138.0/24 maxlen: 24
185.137.111.0/24 maxlen: 24
185.137.108.0/24 maxlen: 24
185.137.108.0/22 maxlen: 22
185.137.109.0/24 maxlen: 24
185.137.110.0/24 maxlen: 24
2a0a:40c0::/29 maxlen: 29
2a07:387::/32 maxlen: 32
2a07:380::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3e:a8:27:b8:11:41:ef:6d:5c:0b:5a:db:93:35:c5:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Validity
Not Before: Jul 27 07:56:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af5cb6ed9ee6d7af8b9a56bd7b4f870b9f437b09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:46:7f:50:43:c9:9e:5c:45:6f:dd:82:b1:ef:
d5:d6:22:53:bd:8b:a8:98:8e:cd:ce:ba:d2:0f:61:
cf:0e:3e:b5:38:79:d8:3e:e6:cd:31:af:2c:9f:67:
a2:a2:67:ae:2a:05:ce:2b:30:49:78:f6:1f:e5:df:
87:01:a4:93:50:7e:20:05:43:c9:66:ce:34:69:f6:
6c:61:47:da:48:d8:1f:96:1c:81:60:85:0e:bc:f2:
92:eb:75:3a:d9:a1:08:c9:20:fb:e0:0a:1f:80:df:
52:3f:3b:3b:55:0d:cd:61:af:dd:c4:06:48:10:1e:
0c:19:33:61:b8:48:69:70:7a:96:1a:a2:94:f3:2f:
09:cf:c0:fc:b3:a3:f7:ce:5e:be:20:e9:89:0b:ae:
aa:b3:fe:96:36:1f:3c:81:42:1f:02:11:00:a4:16:
49:a6:ac:f6:dc:7f:6b:5d:78:53:23:cf:92:5f:14:
40:c2:3a:40:70:fb:87:b6:bb:ce:1b:70:9a:5b:7e:
4c:ce:66:6f:2b:c1:f9:26:ef:66:a5:a7:c9:1e:27:
8e:71:b9:40:df:99:b7:cd:4e:d5:da:9b:c3:88:b3:
db:e3:45:b3:4c:da:5e:db:85:70:6b:7d:af:f3:40:
0a:da:c8:3b:b7:86:73:0d:7a:2d:9d:f0:39:a8:db:
99:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:5C:B6:ED:9E:E6:D7:AF:8B:9A:56:BD:7B:4F:87:0B:9F:43:7B:09
X509v3 Authority Key Identifier:
keyid:26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/r1y27Z7m16-Lmla9e0-HC59Dewk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.231.136.0/22
185.137.108.0/22
IPv6:
2a07:380::/29
2a0a:40c0::/29
Signature Algorithm: sha256WithRSAEncryption
53:5f:b5:cc:5a:1c:d4:30:24:d9:11:d5:a9:ae:17:f4:89:20:
a0:62:30:d5:b7:15:75:0f:f5:72:8e:05:00:b3:74:fb:03:2a:
80:17:3a:e9:4b:ee:0e:5f:d2:71:25:e8:83:dc:4d:50:36:4a:
ba:0d:ca:5b:09:42:ee:b5:c1:ec:61:84:5d:72:aa:88:a2:4d:
9a:d9:6e:ad:dc:cd:01:fa:55:8e:42:84:65:72:ce:c1:cb:70:
e3:3c:1e:4a:a3:2b:c5:5c:e4:67:cd:d9:a0:6e:cd:39:6d:dd:
09:46:f2:77:78:7b:85:8e:1f:d5:32:f5:19:af:5a:ef:14:be:
f8:be:d9:f4:6f:64:16:53:75:18:09:f5:ba:79:fb:dc:6e:64:
a8:40:92:3a:76:c4:75:1a:a0:63:b8:7d:44:fd:92:11:ed:a3:
f7:7b:da:69:f8:ce:40:99:a2:99:80:1b:47:22:7e:e5:67:15:
07:06:5f:bb:82:5d:52:b1:d8:9c:51:21:3e:7f:fd:cd:65:e6:
0e:74:84:6b:e0:70:46:59:4c:53:27:35:6a:c4:a1:ca:c3:54:
41:11:bb:6f:29:d1:33:7e:18:ec:02:6b:19:cd:8c:f8:76:1f:
f7:34:1c:5d:c7:fd:e3:5c:0a:0e:1d:15:28:f9:4b:ed:83:63:
c4:85:42:60
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYI+qCe4EUHvbVwLWtuTNcUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmRkYWUwNGRiY2IxZjgyZjU1YjA3ODMwN2JhNGIwODRi
OTk0YmIwHhcNMjIwNzI3MDc1NjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjVjYjZlZDllZTZkN2FmOGI5YTU2YmQ3YjRmODcwYjlmNDM3YjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA80Z/UEPJnlxFb92Cse/V1iJTvYuo
mI7NzrrSD2HPDj61OHnYPubNMa8sn2eiomeuKgXOKzBJePYf5d+HAaSTUH4gBUPJ
Zs40afZsYUfaSNgflhyBYIUOvPKS63U62aEIySD74AofgN9SPzs7VQ3NYa/dxAZI
EB4MGTNhuEhpcHqWGqKU8y8Jz8D8s6P3zl6+IOmJC66qs/6WNh88gUIfAhEApBZJ
pqz23H9rXXhTI8+SXxRAwjpAcPuHtrvOG3CaW35MzmZvK8H5Ju9mpafJHieOcblA
35m3zU7V2pvDiLPb40WzTNpe24Vwa32v80AK2sg7t4ZzDXotnfA5qNuZ1wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFK9ctu2e5tevi5pWvXtPhwufQ3sJMB8GA1UdIwQY
MBaAFCa92uBNvLH4L1WweDB7pLCEuZS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAt
ZjYxNzlhOTEwYjE1LzEvcjF5MjdaN20xNi1MbWxhOWUwLUhDNTlEZXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAtZjYxNzlhOTEwYjE1
LzEvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCZ+eIAwQC
uYlsMBQEAgACMA4DBQMqBwOAAwUDKgpAwDANBgkqhkiG9w0BAQsFAAOCAQEAU1+1
zFoc1DAk2RHVqa4X9IkgoGIw1bcVdQ/1co4FALN0+wMqgBc66UvuDl/ScSXog9xN
UDZKug3KWwlC7rXB7GGEXXKqiKJNmtlurdzNAfpVjkKEZXLOwctw4zweSqMrxVzk
Z83ZoG7NOW3dCUbyd3h7hY4f1TL1Ga9a7xS++L7Z9G9kFlN1GAn1unn73G5kqECS
OnbEdRqgY7h9RP2SEe2j93vaafjOQJmimYAbRyJ+5WcVBwZfu4JdUrHYnFEhPn/9
zWXmDnSEa+BwRllMUyc1asShysNUQRG7bynRM34Y7AJrGc2M+HYf9zQcXcf941wK
Dh0VKPlL7YNjxIVCYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:36 2024 by rpki-client on console-fra.rpki-client.org