Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/kwsZ_6drvtuU4FJr3UvEgamioTM.roa
File: kwsZ_6drvtuU4FJr3UvEgamioTM.roa (raw, json)
Hash identifier: EgXgrV5ObfZsbyCvKTu+Wmwi/+whQO6ps8mhBWoPpt4=
Subject key identifier: 93:0B:19:FF:A7:6B:BE:DB:94:E0:52:6B:DD:4B:C4:81:A9:A2:A1:33
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01899D8418B8645FD8905FBB7264A7275C7F
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/kwsZ_6drvtuU4FJr3UvEgamioTM.roa
Signing time: Fri 28 Jul 2023 17:20:27 +0000
ROA not before: Fri 28 Jul 2023 17:20:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.47.56.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
14.102.226.0/24 maxlen: 24
14.102.229.0/24 maxlen: 24
14.102.230.0/24 maxlen: 24
14.102.231.0/24 maxlen: 24
14.102.227.0/24 maxlen: 24
14.102.228.0/22 maxlen: 24
14.102.228.0/24 maxlen: 24
14.102.237.0/24 maxlen: 24
14.102.238.0/24 maxlen: 24
14.102.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9d:84:18:b8:64:5f:d8:90:5f:bb:72:64:a7:27:5c:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jul 28 17:20:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=930b19ffa76bbedb94e0526bdd4bc481a9a2a133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e1:07:e0:96:fd:51:50:8e:42:56:26:0c:09:
67:03:0c:98:ab:b1:45:4e:19:cc:0d:b4:9c:58:38:
ca:3f:4b:a7:58:a0:9a:41:d7:e5:c6:22:36:0e:60:
1e:0e:2a:f5:ca:9b:99:a0:a0:e5:56:4a:71:97:3a:
1e:33:01:e6:16:d0:02:cf:59:6d:f4:a4:0b:97:10:
43:f0:0e:8e:3a:cb:40:7c:2c:5f:72:e8:a7:f1:68:
6d:5d:74:ca:96:36:75:00:cd:a4:01:b1:4c:5a:c4:
68:97:7a:31:fb:0f:b6:04:30:aa:1f:55:81:5a:b8:
f4:97:7a:e3:33:63:e8:4e:f9:47:2f:54:86:a5:ac:
56:a8:1c:5f:50:18:43:11:b9:51:55:a0:ee:a5:18:
06:ae:b1:b2:39:06:9d:ef:12:44:7d:ee:70:dc:1b:
72:57:b5:f5:4a:69:1d:9d:ad:e7:79:15:96:a0:d6:
fe:24:2a:22:bb:08:d7:d0:af:75:2e:fa:97:e7:db:
3c:38:d4:33:d7:36:6c:10:fc:73:d8:f8:fe:d8:2f:
fd:69:2b:a6:66:ca:2b:15:db:47:e9:62:35:84:1d:
99:30:73:44:f4:8f:e0:1b:c5:42:c5:9a:92:a1:d9:
41:c6:33:db:3a:70:46:fa:e5:a2:70:64:b9:c0:3c:
c3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:0B:19:FF:A7:6B:BE:DB:94:E0:52:6B:DD:4B:C4:81:A9:A2:A1:33
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/kwsZ_6drvtuU4FJr3UvEgamioTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0-14.102.231.255
14.102.234.0/24
14.102.237.0-14.102.238.255
103.47.56.0/24
103.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
77:e4:82:aa:df:c8:94:e7:a7:55:d3:25:99:08:64:a6:fb:97:
9c:67:58:f7:cb:36:d2:94:7c:59:87:a7:b2:89:96:39:b3:ee:
8c:c0:97:e1:37:3a:88:13:3e:6d:2d:95:88:45:ed:9d:a3:e3:
4b:e2:20:b5:aa:32:4f:d2:01:20:d3:80:51:b4:cf:ed:8a:63:
9a:99:fa:68:39:cf:d0:03:a3:9f:9c:0a:35:53:4a:bf:8c:e3:
cb:be:2a:66:00:57:ea:42:1b:2d:70:b6:7c:f6:79:6a:25:15:
65:bd:b4:4b:0f:12:d7:7d:f7:d8:17:b2:a0:78:8d:98:a3:e1:
e2:1b:6e:f6:be:e4:6a:a6:94:46:8f:a8:a8:c3:42:12:dc:83:
12:7a:8f:84:eb:16:7d:ec:d8:f5:83:f9:e6:f7:6c:db:52:fb:
75:6d:4c:64:3a:27:50:b9:be:ae:d0:10:46:48:c1:e0:3c:45:
8b:a8:7f:1f:06:10:fa:a0:e4:7b:ff:15:3a:3e:07:17:7f:af:
bc:52:a5:f9:dc:31:09:9e:13:1f:f8:4c:e0:3d:81:5f:4b:e5:
53:dc:d3:27:65:29:7e:1f:3a:cc:03:9e:2c:d4:e6:54:6f:16:
a1:63:65:75:bf:18:13:cd:12:78:f0:dd:de:e6:30:e1:2f:8f:
3b:3f:8d:8d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYmdhBi4ZF/YkF+7cmSnJ1x/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNzI4MTcyMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzBiMTlmZmE3NmJiZWRiOTRlMDUyNmJkZDRiYzQ4MWE5YTJhMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuEH4Jb9UVCOQlYmDAlnAwyYq7FF
ThnMDbScWDjKP0unWKCaQdflxiI2DmAeDir1ypuZoKDlVkpxlzoeMwHmFtACz1lt
9KQLlxBD8A6OOstAfCxfcuin8WhtXXTKljZ1AM2kAbFMWsRol3ox+w+2BDCqH1WB
Wrj0l3rjM2PoTvlHL1SGpaxWqBxfUBhDEblRVaDupRgGrrGyOQad7xJEfe5w3Bty
V7X1Smkdna3neRWWoNb+JCoiuwjX0K91LvqX59s8ONQz1zZsEPxz2Pj+2C/9aSum
ZsorFdtH6WI1hB2ZMHNE9I/gG8VCxZqSodlBxjPbOnBG+uWicGS5wDzDvQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJMLGf+na77blOBSa91LxIGpoqEzMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEva3dzWl82ZHJ2dHVVNEZKcjNVdkVnYW1pb1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAEOZuID
BAMOZuADBAAOZuowDAMEAA5m7QMEAA5m7gMEAGcvOAMEAGcvOzANBgkqhkiG9w0B
AQsFAAOCAQEAd+SCqt/IlOenVdMlmQhkpvuXnGdY98s20pR8WYensomWObPujMCX
4Tc6iBM+bS2ViEXtnaPjS+IgtaoyT9IBINOAUbTP7Ypjmpn6aDnP0AOjn5wKNVNK
v4zjy74qZgBX6kIbLXC2fPZ5aiUVZb20Sw8S13332BeyoHiNmKPh4htu9r7kaqaU
Ro+oqMNCEtyDEnqPhOsWfezY9YP55vds21L7dW1MZDonULm+rtAQRkjB4DxFi6h/
HwYQ+qDke/8VOj4HF3+vvFKl+dwxCZ4TH/hM4D2BX0vlU9zTJ2Upfh86zAOeLNTm
VG8WoWNldb8YE80SePDd3uYw4S+POz+NjQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:25 2025 by rpki-client