Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Z6jCzUkzR2qRJLuv5cWLhCd-a7Q.roa
File: Z6jCzUkzR2qRJLuv5cWLhCd-a7Q.roa (raw, json)
Hash identifier: nUaAvFGibxfHpXoCeOAXZrxubWCykdW2OLBFO6n1sxE=
Subject key identifier: 67:A8:C2:CD:49:33:47:6A:91:24:BB:AF:E5:C5:8B:84:27:7E:6B:B4
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0189AE254F53A1D2A0E3111336D3132AED37
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Z6jCzUkzR2qRJLuv5cWLhCd-a7Q.roa
Signing time: Mon 31 Jul 2023 22:50:27 +0000
ROA not before: Mon 31 Jul 2023 22:50:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.47.56.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
14.102.226.0/24 maxlen: 24
14.102.229.0/24 maxlen: 24
14.102.230.0/24 maxlen: 24
14.102.231.0/24 maxlen: 24
14.102.227.0/24 maxlen: 24
14.102.228.0/22 maxlen: 24
14.102.228.0/24 maxlen: 24
14.102.236.0/24 maxlen: 24
14.102.237.0/24 maxlen: 24
14.102.238.0/24 maxlen: 24
14.102.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ae:25:4f:53:a1:d2:a0:e3:11:13:36:d3:13:2a:ed:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jul 31 22:50:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67a8c2cd4933476a9124bbafe5c58b84277e6bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6d:fe:ff:c5:90:bd:43:94:34:81:1a:af:63:
84:33:30:5d:37:08:a1:59:74:2e:ac:46:b1:c9:a4:
04:8a:7e:bc:2f:b1:d1:41:a5:84:e6:c7:86:3b:81:
7a:06:d7:e8:37:b7:67:ac:e2:97:34:25:af:e7:3f:
c4:f7:6a:3c:31:d0:c8:23:0b:db:ed:82:6e:35:1c:
0c:fd:2e:4e:49:70:f6:0e:8f:d6:ac:76:41:26:3c:
b9:c9:4d:31:b4:45:92:66:c9:40:f5:58:2e:8f:67:
c9:78:95:e9:80:6d:93:7d:12:b6:eb:64:13:b4:48:
82:af:c5:3b:5c:83:a1:80:85:81:6c:49:14:76:35:
21:ae:72:48:25:cb:b7:20:84:4d:28:07:5b:1e:80:
b1:1e:c0:5a:bd:74:c8:14:dc:96:c5:70:fa:0c:3b:
68:8d:d8:cc:6c:ef:26:d2:fa:a2:f3:15:c9:87:3a:
02:ae:75:ea:c1:52:ec:86:1d:3c:70:bd:48:04:99:
ce:ee:34:0b:4e:d2:37:e3:04:cc:b0:09:b0:02:35:
94:c4:73:a3:1b:06:34:5e:4e:07:14:57:1b:63:33:
91:5c:8c:e2:f6:db:9a:08:2a:bd:84:f4:95:26:56:
35:5f:c2:39:68:5d:00:58:55:2c:92:ed:7c:91:53:
a9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A8:C2:CD:49:33:47:6A:91:24:BB:AF:E5:C5:8B:84:27:7E:6B:B4
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Z6jCzUkzR2qRJLuv5cWLhCd-a7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0-14.102.231.255
14.102.234.0/24
14.102.236.0-14.102.238.255
103.47.56.0/24
103.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
69:7c:15:27:fe:36:18:6e:7e:ad:d0:8e:f2:6b:48:af:1e:35:
c2:83:5b:13:b9:c8:aa:39:b8:66:91:3d:ba:18:56:d2:18:cc:
37:57:64:c2:17:27:1f:c1:4b:67:d4:73:76:40:91:67:cf:92:
82:84:ad:d0:ef:6e:7d:f5:82:a0:bb:b5:04:1c:b6:7f:9b:c0:
b4:09:62:c8:38:94:28:9b:fd:d6:36:20:6a:de:d8:cb:ee:5a:
be:6c:62:67:ab:e3:08:e0:61:e8:d9:23:f8:c8:b8:d1:f9:a7:
13:b6:d2:24:56:80:59:7d:60:5c:ad:3e:4f:46:8a:34:55:9a:
92:54:ac:3e:66:95:60:62:ab:2d:9b:7e:6c:f1:3c:13:88:cc:
5d:e6:b5:47:6a:de:df:c1:bc:b9:ef:0f:af:02:aa:f7:e5:07:
77:09:a5:95:96:cb:95:5d:ef:3d:07:6a:9b:da:45:e7:44:9f:
61:87:1d:fc:e5:8e:45:b9:e0:c3:a6:db:14:a3:1f:cb:80:e0:
8d:ae:ef:71:be:46:f1:58:ea:e9:40:09:78:ca:3e:7d:01:09:
69:ed:1f:3e:9f:79:04:e8:eb:9f:cf:f6:5e:e7:99:18:61:db:
d3:97:52:b9:74:1b:2a:a0:8e:e8:35:8d:2b:2c:2d:f2:a5:5a:
5d:ab:ac:f2
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYmuJU9TodKg4xETNtMTKu03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNzMxMjI1MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E4YzJjZDQ5MzM0NzZhOTEyNGJiYWZlNWM1OGI4NDI3N2U2YmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhW3+/8WQvUOUNIEar2OEMzBdNwih
WXQurEaxyaQEin68L7HRQaWE5seGO4F6BtfoN7dnrOKXNCWv5z/E92o8MdDIIwvb
7YJuNRwM/S5OSXD2Do/WrHZBJjy5yU0xtEWSZslA9Vguj2fJeJXpgG2TfRK262QT
tEiCr8U7XIOhgIWBbEkUdjUhrnJIJcu3IIRNKAdbHoCxHsBavXTIFNyWxXD6DDto
jdjMbO8m0vqi8xXJhzoCrnXqwVLshh08cL1IBJnO7jQLTtI34wTMsAmwAjWUxHOj
GwY0Xk4HFFcbYzORXIzi9tuaCCq9hPSVJlY1X8I5aF0AWFUsku18kVOpwwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGeows1JM0dqkSS7r+XFi4Qnfmu0MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvWjZqQ3pVa3pSMnFSSkx1djVjV0xoQ2QtYTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAEOZuID
BAMOZuADBAAOZuowDAMEAg5m7AMEAA5m7gMEAGcvOAMEAGcvOzANBgkqhkiG9w0B
AQsFAAOCAQEAaXwVJ/42GG5+rdCO8mtIrx41woNbE7nIqjm4ZpE9uhhW0hjMN1dk
whcnH8FLZ9RzdkCRZ8+SgoSt0O9uffWCoLu1BBy2f5vAtAliyDiUKJv91jYgat7Y
y+5avmxiZ6vjCOBh6Nkj+Mi40fmnE7bSJFaAWX1gXK0+T0aKNFWaklSsPmaVYGKr
LZt+bPE8E4jMXea1R2re38G8ue8PrwKq9+UHdwmllZbLlV3vPQdqm9pF50SfYYcd
/OWORbngw6bbFKMfy4Dgja7vcb5G8Vjq6UAJeMo+fQEJae0fPp95BOjrn8/2XueZ
GGHb05dSuXQbKqCO6DWNKywt8qVaXaus8g==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:03 2025 by rpki-client