Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Mh1kJDiiv0sw4q9Uaz3H6XAFJ1Q.roa
File: Mh1kJDiiv0sw4q9Uaz3H6XAFJ1Q.roa (raw, json)
Hash identifier: fJwcXguXmmlrGlrjoZLjGipp9uYaHG62hniJjH/5Uzo=
Subject key identifier: 32:1D:64:24:38:A2:BF:4B:30:E2:AF:54:6B:3D:C7:E9:70:05:27:54
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018735188DC416349075281B364989A03CEB
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Mh1kJDiiv0sw4q9Uaz3H6XAFJ1Q.roa
Signing time: Fri 31 Mar 2023 00:36:54 +0000
ROA not before: Fri 31 Mar 2023 00:36:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 103.47.58.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:35:18:8d:c4:16:34:90:75:28:1b:36:49:89:a0:3c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Mar 31 00:36:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=321d642438a2bf4b30e2af546b3dc7e970052754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:50:32:5a:a1:58:6c:0a:71:2e:64:90:12:d0:
9b:e0:57:da:40:42:5b:2d:de:11:15:0d:c4:3e:3b:
80:bf:28:83:e7:8d:9e:31:e2:e9:39:01:04:50:4d:
1d:10:28:24:aa:c7:7e:75:de:c7:26:2e:8d:67:28:
1d:1b:5f:22:8d:02:a5:fe:02:2c:34:50:e5:85:85:
98:1b:7b:d6:7b:97:69:86:1d:ea:33:2a:53:ed:e2:
60:5d:23:35:2d:c6:82:59:72:b0:cd:1c:19:e8:67:
f7:e3:bf:fd:bb:8e:5d:00:ca:8d:c9:73:33:9f:ba:
d7:77:eb:d1:b5:56:a0:22:cd:61:29:e4:3c:33:06:
c1:b4:16:91:74:ef:d4:df:7f:ca:64:3c:75:e4:47:
2f:5d:f2:1c:77:bf:2b:b9:03:ea:0d:b2:7b:e0:34:
53:95:3d:fe:9b:24:0c:17:6f:93:24:12:3c:30:56:
95:32:61:89:76:67:c4:30:86:22:de:52:3a:f1:d8:
65:dc:4d:21:01:ae:75:4f:d8:37:15:d7:10:59:41:
d0:b3:88:eb:c0:13:6e:49:f7:1e:b4:4f:70:97:46:
ea:8d:ab:a4:19:77:37:68:a1:c6:9f:f3:a7:86:e4:
0e:4c:2b:d1:ea:48:a8:c3:43:26:ba:19:08:7c:f4:
14:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:1D:64:24:38:A2:BF:4B:30:E2:AF:54:6B:3D:C7:E9:70:05:27:54
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Mh1kJDiiv0sw4q9Uaz3H6XAFJ1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.47.58.0/23
Signature Algorithm: sha256WithRSAEncryption
85:98:10:05:58:50:01:86:74:cc:d7:57:9e:f7:46:57:32:e2:
5a:30:83:17:dc:55:5b:64:49:9c:f5:ce:0f:21:8a:10:94:31:
d2:a0:7f:32:0a:85:d6:ee:58:5e:80:56:27:a3:a3:29:43:16:
09:68:fc:65:d2:0c:76:9b:b0:1f:55:8a:68:17:a0:8c:76:43:
f6:bc:ca:a5:c3:be:ee:d0:38:12:fb:ad:8b:0e:72:05:2c:b7:
f3:02:4d:b1:a5:e1:be:95:f9:dc:ff:4c:44:66:75:d2:6c:e3:
45:fc:ff:75:39:3f:df:74:5e:55:1e:c7:c5:fa:38:f0:ce:d6:
eb:58:ed:4b:a0:d2:0c:9f:90:cd:bd:af:0b:09:2e:e2:bb:4b:
e1:5d:6c:1c:fa:88:8e:11:cb:05:ca:34:2b:f8:a2:9b:58:a2:
84:d9:7e:ef:69:be:19:01:f9:63:69:e2:91:cd:e5:25:c9:9a:
41:c3:00:3f:44:30:ff:fa:07:bf:b5:33:89:d7:69:f6:31:31:
e1:90:d4:2f:e8:b8:09:40:60:e1:bd:f3:da:09:3a:5d:41:0f:
a7:e6:52:c6:65:54:9e:9a:bd:79:59:98:0b:f8:98:21:b0:a8:
73:0b:9f:3d:3d:d7:7e:d7:1e:95:77:b9:a5:dc:cd:62:98:d3:
69:42:aa:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc1GI3EFjSQdSgbNkmJoDzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwMzMxMDAzNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjFkNjQyNDM4YTJiZjRiMzBlMmFmNTQ2YjNkYzdlOTcwMDUyNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFAyWqFYbApxLmSQEtCb4FfaQEJb
Ld4RFQ3EPjuAvyiD542eMeLpOQEEUE0dECgkqsd+dd7HJi6NZygdG18ijQKl/gIs
NFDlhYWYG3vWe5dphh3qMypT7eJgXSM1LcaCWXKwzRwZ6Gf347/9u45dAMqNyXMz
n7rXd+vRtVagIs1hKeQ8MwbBtBaRdO/U33/KZDx15EcvXfIcd78ruQPqDbJ74DRT
lT3+myQMF2+TJBI8MFaVMmGJdmfEMIYi3lI68dhl3E0hAa51T9g3FdcQWUHQs4jr
wBNuSfcetE9wl0bqjaukGXc3aKHGn/OnhuQOTCvR6kiow0MmuhkIfPQUJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDIdZCQ4or9LMOKvVGs9x+lwBSdUMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvTWgxa0pEaWl2MHN3NHE5VWF6M0g2WEFGSjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZy86MA0G
CSqGSIb3DQEBCwUAA4IBAQCFmBAFWFABhnTM11ee90ZXMuJaMIMX3FVbZEmc9c4P
IYoQlDHSoH8yCoXW7lhegFYno6MpQxYJaPxl0gx2m7AfVYpoF6CMdkP2vMqlw77u
0DgS+62LDnIFLLfzAk2xpeG+lfnc/0xEZnXSbONF/P91OT/fdF5VHsfF+jjwztbr
WO1LoNIMn5DNva8LCS7iu0vhXWwc+oiOEcsFyjQr+KKbWKKE2X7vab4ZAfljaeKR
zeUlyZpBwwA/RDD/+ge/tTOJ12n2MTHhkNQv6LgJQGDhvfPaCTpdQQ+n5lLGZVSe
mr15WZgL+JghsKhzC589Pdd+1x6Vd7ml3M1imNNpQqqO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:23 2025 by rpki-client