Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/H3DjFPxAB7OM1GTqDHTn8s-KrDM.roa
File: H3DjFPxAB7OM1GTqDHTn8s-KrDM.roa (raw, json)
Hash identifier: R/iItuqBkWZQes9TclvikhTvVlb7mVRStjbPaFJKzJw=
Subject key identifier: 1F:70:E3:14:FC:40:07:B3:8C:D4:64:EA:0C:74:E7:F2:CF:8A:AC:33
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018735C76B0F1B38DB406E85D22B5FF82420
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/H3DjFPxAB7OM1GTqDHTn8s-KrDM.roa
Signing time: Fri 31 Mar 2023 03:47:54 +0000
ROA not before: Fri 31 Mar 2023 03:47:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.47.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:35:c7:6b:0f:1b:38:db:40:6e:85:d2:2b:5f:f8:24:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Mar 31 03:47:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f70e314fc4007b38cd464ea0c74e7f2cf8aac33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:03:96:47:10:d1:44:7e:ef:1d:b2:4d:1e:ad:
ea:63:95:e8:04:2e:8b:8d:12:52:2e:a3:e3:d0:38:
82:56:89:23:72:7b:3d:9d:91:2d:09:a8:66:be:58:
5a:5a:ff:86:62:d3:38:f5:ed:2b:25:1a:d3:0a:70:
31:54:1e:c6:da:9d:ff:9c:27:7c:d0:10:d0:09:d7:
be:a0:fb:fd:d2:24:66:b6:87:b4:97:78:89:df:74:
63:c6:25:cb:ff:a5:19:97:2c:17:25:37:6d:25:82:
b5:c8:3e:e0:6b:10:d9:ee:6d:75:2b:e9:2c:87:b1:
e1:5e:7b:9a:7d:5b:50:41:98:c1:38:ec:ff:f5:8b:
ec:c3:f0:62:b4:cf:d3:e1:b1:2b:07:e0:8b:3f:a7:
fc:d7:85:43:50:a5:f8:ed:9b:d8:05:d8:be:ed:30:
9f:bb:5c:f5:7f:f7:ad:2e:67:f3:4f:e5:74:b2:2f:
9e:e0:11:9c:8c:82:33:ec:89:c6:da:38:0e:5a:40:
b5:ad:7f:fb:78:d1:1f:1d:b7:be:9b:36:e4:ff:77:
8b:17:20:49:22:66:89:f0:95:1c:8e:15:d9:80:9a:
6b:e1:0d:f2:57:34:26:da:5e:5e:20:1a:a2:b7:1b:
00:3a:39:56:51:6e:42:be:9a:14:d0:0f:db:fd:1b:
5b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:70:E3:14:FC:40:07:B3:8C:D4:64:EA:0C:74:E7:F2:CF:8A:AC:33
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/H3DjFPxAB7OM1GTqDHTn8s-KrDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.47.58.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:8b:ab:8a:38:16:cd:1a:5b:ef:86:94:d2:e9:0b:62:de:bd:
48:c0:d4:01:9d:77:56:c0:64:16:04:d5:c9:43:e5:58:2c:52:
1d:01:30:2a:72:92:4f:d6:22:f9:13:ab:9c:b3:22:e9:45:5d:
6b:17:97:38:62:b5:34:01:63:15:17:41:a0:8c:6b:2e:f4:c6:
17:57:e2:48:4d:46:c4:c6:f5:8e:f9:4b:a8:6f:a2:d4:d7:63:
d7:2a:48:c6:fe:78:13:24:36:00:6a:ef:d9:ac:9b:aa:bb:b6:
f3:27:9b:94:98:dd:a2:32:bf:18:c9:f0:63:49:28:b3:86:58:
1d:ee:b7:63:fc:a8:af:f7:20:1f:58:05:b0:e7:56:74:1d:28:
01:18:d9:b6:13:be:0c:28:96:ae:33:c3:a4:9b:f2:d9:2d:69:
78:27:14:a1:bd:ad:4b:f1:88:4a:16:1b:5a:36:47:bc:f4:a1:
fc:b0:d2:09:05:6e:24:8c:71:2e:7e:20:2c:35:01:1a:8c:9e:
d2:f7:e2:e1:c8:40:d6:72:cb:41:3a:6e:19:32:18:ae:68:b3:
cc:57:57:89:dd:7a:1c:02:bb:06:1e:0b:70:c5:c8:d0:cd:39:
ea:b0:e3:53:84:12:77:fc:e0:03:e7:b5:14:29:7b:3e:9e:c8:
bd:6c:64:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc1x2sPGzjbQG6F0itf+CQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwMzMxMDM0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjcwZTMxNGZjNDAwN2IzOGNkNDY0ZWEwYzc0ZTdmMmNmOGFhYzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAOWRxDRRH7vHbJNHq3qY5XoBC6L
jRJSLqPj0DiCVokjcns9nZEtCahmvlhaWv+GYtM49e0rJRrTCnAxVB7G2p3/nCd8
0BDQCde+oPv90iRmtoe0l3iJ33RjxiXL/6UZlywXJTdtJYK1yD7gaxDZ7m11K+ks
h7HhXnuafVtQQZjBOOz/9Yvsw/BitM/T4bErB+CLP6f814VDUKX47ZvYBdi+7TCf
u1z1f/etLmfzT+V0si+e4BGcjIIz7InG2jgOWkC1rX/7eNEfHbe+mzbk/3eLFyBJ
ImaJ8JUcjhXZgJpr4Q3yVzQm2l5eIBqitxsAOjlWUW5CvpoU0A/b/RtbBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9w4xT8QAezjNRk6gx05/LPiqwzMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvSDNEakZQeEFCN09NMUdUcURIVG44cy1LckRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZy86MA0G
CSqGSIb3DQEBCwUAA4IBAQCoi6uKOBbNGlvvhpTS6Qti3r1IwNQBnXdWwGQWBNXJ
Q+VYLFIdATAqcpJP1iL5E6ucsyLpRV1rF5c4YrU0AWMVF0GgjGsu9MYXV+JITUbE
xvWO+Uuob6LU12PXKkjG/ngTJDYAau/ZrJuqu7bzJ5uUmN2iMr8YyfBjSSizhlgd
7rdj/Kiv9yAfWAWw51Z0HSgBGNm2E74MKJauM8Okm/LZLWl4JxShva1L8YhKFhta
Nke89KH8sNIJBW4kjHEufiAsNQEajJ7S9+LhyEDWcstBOm4ZMhiuaLPMV1eJ3Xoc
ArsGHgtwxcjQzTnqsONThBJ3/OAD57UUKXs+nsi9bGRT
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:18 2025 by rpki-client