Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/pSSJ6kGw8AJTqM-KfZawAlzCE4k.roa
File: pSSJ6kGw8AJTqM-KfZawAlzCE4k.roa (raw, json)
Hash identifier: T3+UhaE9+FSEmHeBPf5uiZ2yNMmlfj7Y/yq+C1HrItw=
Subject key identifier: A5:24:89:EA:41:B0:F0:02:53:A8:CF:8A:7D:96:B0:02:5C:C2:13:89
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01874800091A2A854ED86E164D7204F914F3
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/pSSJ6kGw8AJTqM-KfZawAlzCE4k.roa
Signing time: Mon 03 Apr 2023 16:42:54 +0000
ROA not before: Mon 03 Apr 2023 16:42:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.47.58.0/24 maxlen: 24
14.102.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:48:00:09:1a:2a:85:4e:d8:6e:16:4d:72:04:f9:14:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Apr 3 16:42:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a52489ea41b0f00253a8cf8a7d96b0025cc21389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2e:06:90:bf:e9:e4:be:73:30:c1:92:c3:d5:
e8:e2:23:8e:3a:bd:41:fe:f2:4d:77:df:64:cc:e7:
19:48:f0:f8:32:03:1f:36:4d:2d:ce:7c:5b:a8:16:
53:53:52:50:0b:73:03:a4:f7:be:7a:7c:30:fe:87:
8b:7a:06:fb:44:3b:54:e0:99:12:99:cf:b9:91:3a:
cb:c9:7c:4b:7e:b9:bd:1c:d9:e0:2c:9e:d5:fd:bb:
a2:4a:f2:20:93:4d:21:2e:84:e5:4e:f9:54:db:7e:
61:7f:de:c6:d4:06:21:bd:f9:64:1b:55:53:07:e3:
82:7e:68:25:17:1c:9d:e8:5f:c0:f7:cd:49:bf:ff:
15:34:5d:a2:b1:80:55:e6:11:a7:c6:3c:79:78:cf:
84:86:3b:7b:8f:3d:7e:d0:09:b0:5b:41:3a:06:c2:
3c:b2:c4:a5:bc:a6:35:ad:27:35:ac:6a:e2:b5:69:
8f:96:52:10:45:54:f2:97:e4:bb:13:f7:68:55:56:
23:79:06:91:0b:8f:4b:62:41:59:83:1b:9e:34:62:
73:ed:48:f9:dd:8d:bf:56:cc:f1:09:c0:b4:df:40:
04:d9:fd:18:62:d5:6a:34:d0:a9:7b:68:36:ce:47:
d6:c5:0c:78:bc:90:ff:10:50:be:76:fd:fa:c2:13:
8d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:24:89:EA:41:B0:F0:02:53:A8:CF:8A:7D:96:B0:02:5C:C2:13:89
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/pSSJ6kGw8AJTqM-KfZawAlzCE4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.233.0/24
103.47.58.0/24
Signature Algorithm: sha256WithRSAEncryption
08:25:72:4c:86:12:77:f4:35:ec:51:8e:a5:a9:55:3d:1e:4e:
69:d4:1e:25:d8:5d:2c:03:46:10:63:e8:a9:e9:7f:df:6a:3d:
3a:00:ae:74:64:94:c0:ba:d3:bb:da:cc:e7:5f:36:77:fb:4c:
4e:5a:bd:14:7f:b6:48:e7:9e:78:4c:86:3b:0e:4f:b4:3a:6f:
d8:42:93:32:42:14:88:fe:ce:5c:62:ba:70:34:1d:48:6b:63:
f7:6c:31:02:9e:2b:69:85:8e:e6:d9:c1:73:9c:ad:f0:5f:94:
b5:42:92:ef:9f:b6:bd:19:f1:43:79:b5:5b:a6:9f:d0:2f:cc:
6c:aa:e9:8d:50:37:8a:a6:76:0a:db:92:64:bb:d9:f2:7f:7e:
91:91:25:87:82:d0:2c:92:35:32:d6:cf:30:8a:b6:66:02:ea:
f1:35:55:c7:f8:9d:06:31:bf:0e:d3:38:7c:df:b0:1c:ac:d0:
d9:ea:f8:60:8a:2c:e9:f8:c9:70:ab:a2:a6:a0:1c:a1:97:c2:
be:6b:63:4e:8e:fd:ae:49:45:59:56:90:ac:d8:97:01:2c:51:
59:cd:99:f5:c3:76:72:2b:6a:55:2e:21:b2:5e:b0:e5:07:60:
da:22:ff:f9:68:6d:90:e4:b3:b9:ed:3d:24:8e:f4:69:3b:2e:
2f:cd:61:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdIAAkaKoVO2G4WTXIE+RTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNDAzMTY0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTI0ODllYTQxYjBmMDAyNTNhOGNmOGE3ZDk2YjAwMjVjYzIxMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS4GkL/p5L5zMMGSw9Xo4iOOOr1B
/vJNd99kzOcZSPD4MgMfNk0tznxbqBZTU1JQC3MDpPe+enww/oeLegb7RDtU4JkS
mc+5kTrLyXxLfrm9HNngLJ7V/buiSvIgk00hLoTlTvlU235hf97G1AYhvflkG1VT
B+OCfmglFxyd6F/A981Jv/8VNF2isYBV5hGnxjx5eM+Ehjt7jz1+0AmwW0E6BsI8
ssSlvKY1rSc1rGritWmPllIQRVTyl+S7E/doVVYjeQaRC49LYkFZgxueNGJz7Uj5
3Y2/VszxCcC030AE2f0YYtVqNNCpe2g2zkfWxQx4vJD/EFC+dv36whONiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKUkiepBsPACU6jPin2WsAJcwhOJMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvcFNTSjZrR3c4QUpUcU0tS2ZaYXdBbHpDRTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQADmbpAwQA
Zy86MA0GCSqGSIb3DQEBCwUAA4IBAQAIJXJMhhJ39DXsUY6lqVU9Hk5p1B4l2F0s
A0YQY+ip6X/faj06AK50ZJTAutO72sznXzZ3+0xOWr0Uf7ZI5554TIY7Dk+0Om/Y
QpMyQhSI/s5cYrpwNB1Ia2P3bDECnitphY7m2cFznK3wX5S1QpLvn7a9GfFDebVb
pp/QL8xsqumNUDeKpnYK25Jku9nyf36RkSWHgtAskjUy1s8wirZmAurxNVXH+J0G
Mb8O0zh837AcrNDZ6vhgiizp+Mlwq6KmoByhl8K+a2NOjv2uSUVZVpCs2JcBLFFZ
zZn1w3ZyK2pVLiGyXrDlB2DaIv/5aG2Q5LO57T0kjvRpOy4vzWGQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:46 2025 by rpki-client