Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/GT2VhkxkRGiKrf-ISn_Q9b1krR0.roa
File: GT2VhkxkRGiKrf-ISn_Q9b1krR0.roa (raw, json)
Hash identifier: cHESeMWwWkCMUQQ9dagMU66pIhFn6WCgRuHhUalIGiA=
Subject key identifier: 19:3D:95:86:4C:64:44:68:8A:AD:FF:88:4A:7F:D0:F5:BD:64:AD:1D
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01890AE628E97332B366EFC4AC5C0CC6307C
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/GT2VhkxkRGiKrf-ISn_Q9b1krR0.roa
Signing time: Fri 30 Jun 2023 06:03:23 +0000
ROA not before: Fri 30 Jun 2023 06:03:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 103.47.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0a:e6:28:e9:73:32:b3:66:ef:c4:ac:5c:0c:c6:30:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 30 06:03:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=193d95864c6444688aadff884a7fd0f5bd64ad1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e5:0b:e2:15:b4:5f:fe:75:10:fe:b8:ca:e7:
49:7a:db:e7:f6:07:65:d8:01:27:c6:5f:e6:e3:30:
17:8d:ef:fd:3d:2b:c5:80:47:67:3e:c3:a5:0a:10:
5e:59:13:2e:93:d6:1a:e2:0e:af:96:e2:71:7a:e3:
de:cf:58:35:55:dd:a0:49:37:51:1d:1b:ff:a1:67:
32:a4:20:b0:7e:e9:1b:34:f2:0b:95:08:ff:a8:8f:
9b:cc:5c:6f:3f:6c:e9:85:21:27:c8:ae:59:c3:46:
06:fb:14:e6:60:3b:49:d9:26:19:61:da:1f:c4:a2:
70:df:0a:0e:88:ea:e8:f2:9f:c8:8b:e7:3a:a1:bb:
be:4b:70:4b:3e:cc:f9:18:12:ad:23:35:7c:23:f6:
25:98:d2:cc:3d:15:17:d4:87:c5:54:23:c0:02:0e:
be:e8:ad:c2:14:35:14:cf:e3:cc:1a:70:d9:6e:ae:
cb:d0:7a:78:98:82:95:7b:2e:5e:3d:e7:c2:65:7c:
62:4b:40:17:3c:5c:a9:48:7e:04:e3:c8:91:c9:29:
74:5e:54:db:c4:5f:03:77:88:69:47:52:9c:e7:da:
4e:46:6a:d5:d7:c8:f1:8b:24:b6:b5:a6:0a:71:90:
92:2a:f5:4e:62:2d:07:6e:bf:20:1c:39:7c:72:17:
57:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:3D:95:86:4C:64:44:68:8A:AD:FF:88:4A:7F:D0:F5:BD:64:AD:1D
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/GT2VhkxkRGiKrf-ISn_Q9b1krR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.47.57.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:ca:44:87:a1:0e:ef:58:f8:05:ac:80:03:16:8c:24:75:cd:
24:7f:ad:1a:be:83:be:bb:e6:aa:c5:e1:80:00:19:da:68:8a:
6f:ca:5b:c0:af:dc:41:35:f2:59:1f:be:8c:0d:02:9b:9d:0c:
fa:9c:3d:28:c5:15:fc:9d:c9:11:65:c4:71:3f:6c:fb:87:e3:
9f:9b:91:25:f1:49:68:c9:a8:d5:1c:7c:93:40:88:2c:a9:38:
b6:e7:54:18:58:06:58:01:2d:60:7e:64:53:1d:4f:f8:e0:dc:
70:0d:f7:e9:f8:ae:a1:92:9f:97:8f:75:6d:a7:d5:89:c3:c1:
2c:f3:f5:72:54:21:60:fe:4d:df:42:36:bb:39:cc:54:df:2f:
8c:3b:ce:3d:97:ab:02:68:34:75:1e:a0:a2:c1:da:59:56:44:
71:fa:9d:bb:2d:a5:32:01:63:47:b8:35:63:b1:a4:38:b4:5e:
e0:71:57:eb:bd:a0:96:f9:07:9f:a9:8f:7a:34:5d:a8:09:68:
f1:2e:12:f0:1a:1b:93:29:28:e5:72:bb:98:94:76:28:7c:47:
6e:54:36:68:bd:a1:d4:55:4f:8a:6f:ae:c7:69:ca:17:65:3e:
ad:cf:7b:45:7a:9c:e8:a9:92:59:66:47:66:f0:b4:26:97:cd:
fb:43:5b:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkK5ijpczKzZu/ErFwMxjB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNjMwMDYwMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTNkOTU4NjRjNjQ0NDY4OGFhZGZmODg0YTdmZDBmNWJkNjRhZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeUL4hW0X/51EP64yudJetvn9gdl
2AEnxl/m4zAXje/9PSvFgEdnPsOlChBeWRMuk9Ya4g6vluJxeuPez1g1Vd2gSTdR
HRv/oWcypCCwfukbNPILlQj/qI+bzFxvP2zphSEnyK5Zw0YG+xTmYDtJ2SYZYdof
xKJw3woOiOro8p/Ii+c6obu+S3BLPsz5GBKtIzV8I/YlmNLMPRUX1IfFVCPAAg6+
6K3CFDUUz+PMGnDZbq7L0Hp4mIKVey5ePefCZXxiS0AXPFypSH4E48iRySl0XlTb
xF8Dd4hpR1Kc59pORmrV18jxiyS2taYKcZCSKvVOYi0Hbr8gHDl8chdXjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBk9lYZMZERoiq3/iEp/0PW9ZK0dMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvR1QyVmhreGtSR2lLcmYtSVNuX1E5YjFrclIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZy85MA0G
CSqGSIb3DQEBCwUAA4IBAQCLykSHoQ7vWPgFrIADFowkdc0kf60avoO+u+aqxeGA
ABnaaIpvylvAr9xBNfJZH76MDQKbnQz6nD0oxRX8nckRZcRxP2z7h+Ofm5El8Ulo
yajVHHyTQIgsqTi251QYWAZYAS1gfmRTHU/44NxwDffp+K6hkp+Xj3Vtp9WJw8Es
8/VyVCFg/k3fQja7OcxU3y+MO849l6sCaDR1HqCiwdpZVkRx+p27LaUyAWNHuDVj
saQ4tF7gcVfrvaCW+QefqY96NF2oCWjxLhLwGhuTKSjlcruYlHYofEduVDZovaHU
VU+Kb67HacoXZT6tz3tFepzoqZJZZkdm8LQml837Q1v4
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:04 2025 by rpki-client