Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/sU2NfKWCTe3LW9LaAIuXi9acrvs.roa
File: sU2NfKWCTe3LW9LaAIuXi9acrvs.roa (raw, json)
Hash identifier: 2G3oV4x4FZx9yOPQQzNCMvuO4mNHDbsWRE/e7B205XM=
Subject key identifier: B1:4D:8D:7C:A5:82:4D:ED:CB:5B:D2:DA:00:8B:97:8B:D6:9C:AE:FB
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018735C6812970EAB8334495131C3AE76EF5
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/sU2NfKWCTe3LW9LaAIuXi9acrvs.roa
Signing time: Fri 31 Mar 2023 03:46:54 +0000
ROA not before: Fri 31 Mar 2023 03:46:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 103.47.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:35:c6:81:29:70:ea:b8:33:44:95:13:1c:3a:e7:6e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Mar 31 03:46:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b14d8d7ca5824dedcb5bd2da008b978bd69caefb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:36:04:f7:c6:55:5b:10:11:6d:29:18:21:97:
f0:2e:fb:93:c9:d5:4c:2e:50:5f:1c:64:b3:bb:e4:
65:d7:c5:2c:66:5b:b7:4d:f3:62:75:41:6b:1c:24:
47:ae:a7:18:db:cb:00:bb:b8:73:6f:ab:9e:e0:2f:
16:31:c4:3a:e5:38:29:5c:c4:91:ad:73:c3:5b:1c:
73:92:00:5c:27:cb:70:6c:92:b9:5c:a3:d4:92:ef:
ac:ad:ee:fc:87:8a:d6:59:2b:93:ee:d4:0d:8f:c7:
26:39:66:cc:20:55:ad:d5:c6:7f:0d:f8:97:05:f1:
2b:92:d4:8a:75:df:30:e5:38:2b:b8:eb:3e:58:c1:
fe:dc:7f:fc:2c:2f:5a:a8:47:84:da:65:a9:6d:9e:
89:e6:49:0d:b9:53:e8:2c:30:09:5b:fc:0a:58:ea:
fd:0e:dd:43:a9:70:99:ae:2a:20:0a:7d:d4:f6:e6:
fd:c6:1f:85:19:19:c4:a4:8b:13:d9:2d:a2:74:fb:
f6:a0:67:ba:92:ee:8c:05:0c:96:af:ed:e2:2d:4e:
a0:5d:73:06:3d:b0:e1:93:39:86:a8:ab:a0:78:71:
ca:7e:e9:48:f9:2a:d8:3d:bb:4b:60:3a:a5:25:80:
0c:c7:f6:c9:08:dd:63:6e:64:5a:7c:89:35:fb:d3:
5d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:4D:8D:7C:A5:82:4D:ED:CB:5B:D2:DA:00:8B:97:8B:D6:9C:AE:FB
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/sU2NfKWCTe3LW9LaAIuXi9acrvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:9f:36:57:ed:f8:29:5e:d1:68:31:3d:71:e2:c8:d3:95:63:
d5:2a:53:4e:83:84:e9:11:76:c3:41:55:60:7b:14:c8:97:7d:
ca:76:67:80:f1:42:6b:63:7e:8e:08:00:5e:7e:bc:e0:27:dc:
48:48:8d:fb:02:df:df:3b:d6:40:42:e2:8d:b1:4f:7f:db:1d:
fe:96:c7:ac:08:f6:bc:31:c9:1e:17:b6:d9:2b:2d:cc:23:68:
01:91:3f:a9:4b:47:c7:3a:45:4e:9d:16:fe:a3:89:b3:70:97:
bc:5a:45:d2:fa:18:80:30:1e:6c:26:f3:31:ee:92:e8:cb:28:
7c:fd:19:ae:99:e9:2d:0b:a8:10:d4:0f:2e:5a:4c:a6:1d:d6:
f0:03:36:39:44:bd:7b:82:ef:31:43:94:2b:b1:8a:b9:57:63:
13:59:4b:d7:37:e0:66:71:e7:06:1b:2d:2e:ce:93:ba:ad:79:
a6:4a:e0:58:b6:bd:b8:ed:9a:8e:39:8f:a8:b2:23:bb:60:1b:
47:41:1c:02:54:29:1a:75:90:05:87:d9:18:cd:ef:1e:54:2a:
3c:4e:8a:e4:af:39:b3:0b:d0:8a:fa:6b:58:6a:a1:fc:9c:d1:
d7:61:d4:ef:00:06:cd:30:d7:ad:05:0b:f1:bd:20:8e:62:c7:
79:6c:f0:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc1xoEpcOq4M0SVExw65271MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwMzMxMDM0NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTRkOGQ3Y2E1ODI0ZGVkY2I1YmQyZGEwMDhiOTc4YmQ2OWNhZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTYE98ZVWxARbSkYIZfwLvuTydVM
LlBfHGSzu+Rl18UsZlu3TfNidUFrHCRHrqcY28sAu7hzb6ue4C8WMcQ65TgpXMSR
rXPDWxxzkgBcJ8twbJK5XKPUku+sre78h4rWWSuT7tQNj8cmOWbMIFWt1cZ/DfiX
BfErktSKdd8w5TgruOs+WMH+3H/8LC9aqEeE2mWpbZ6J5kkNuVPoLDAJW/wKWOr9
Dt1DqXCZriogCn3U9ub9xh+FGRnEpIsT2S2idPv2oGe6ku6MBQyWr+3iLU6gXXMG
PbDhkzmGqKugeHHKfulI+SrYPbtLYDqlJYAMx/bJCN1jbmRafIk1+9Nd7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFNjXylgk3ty1vS2gCLl4vWnK77MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvc1UyTmZLV0NUZTNMVzlMYUFJdVhpOWFjcnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZy87MA0G
CSqGSIb3DQEBCwUAA4IBAQC8nzZX7fgpXtFoMT1x4sjTlWPVKlNOg4TpEXbDQVVg
exTIl33KdmeA8UJrY36OCABefrzgJ9xISI37At/fO9ZAQuKNsU9/2x3+lsesCPa8
MckeF7bZKy3MI2gBkT+pS0fHOkVOnRb+o4mzcJe8WkXS+hiAMB5sJvMx7pLoyyh8
/RmumektC6gQ1A8uWkymHdbwAzY5RL17gu8xQ5QrsYq5V2MTWUvXN+BmcecGGy0u
zpO6rXmmSuBYtr247ZqOOY+osiO7YBtHQRwCVCkadZAFh9kYze8eVCo8Torkrzmz
C9CK+mtYaqH8nNHXYdTvAAbNMNetBQvxvSCOYsd5bPC9
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:47 2025 by rpki-client