Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/wLGsSubANa430HuZTbwIw3Zm27Q.roa
File: wLGsSubANa430HuZTbwIw3Zm27Q.roa (raw, json)
Hash identifier: 0pfJIX6Of9XfqUNxVMP/uoHo+e97wbrQVgmYlYuofEE=
Subject key identifier: C0:B1:AC:4A:E6:C0:35:AE:37:D0:7B:99:4D:BC:08:C3:76:66:DB:B4
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018B38CDFFF965E90CE41FFFB8143963C7A1
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/wLGsSubANa430HuZTbwIw3Zm27Q.roa
Signing time: Mon 16 Oct 2023 14:05:06 +0000
ROA not before: Mon 16 Oct 2023 14:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.47.56.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
14.102.229.0/24 maxlen: 24
14.102.231.0/24 maxlen: 24
14.102.228.0/22 maxlen: 24
14.102.228.0/24 maxlen: 24
14.102.236.0/24 maxlen: 24
14.102.237.0/24 maxlen: 24
14.102.238.0/24 maxlen: 24
14.102.239.0/24 maxlen: 24
14.102.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:cd:ff:f9:65:e9:0c:e4:1f:ff:b8:14:39:63:c7:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Oct 16 14:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0b1ac4ae6c035ae37d07b994dbc08c37666dbb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:05:6c:3d:6a:2e:94:21:71:ad:8d:31:ee:1d:
93:04:75:39:35:43:d6:14:c5:2f:95:63:58:ea:0b:
66:31:fa:5f:48:2b:0e:d2:44:8b:9c:20:33:c3:92:
d4:0e:6c:1a:f2:64:c3:cc:72:17:02:96:c1:be:0a:
5a:fc:9d:fe:d6:85:bf:b0:17:58:5c:23:ce:22:c4:
83:62:4e:0a:af:f8:09:a2:1d:20:74:d3:6c:2d:c4:
b9:c1:a6:41:a2:d7:5b:46:b7:05:2e:a4:10:ec:fc:
b4:06:f9:da:ac:e3:3d:c8:81:b2:88:47:38:3b:a1:
76:a4:f8:6d:84:03:d6:a3:bb:8e:35:4b:05:9f:7e:
5a:92:82:cf:06:cc:f3:43:5f:32:02:f5:77:da:0a:
7e:19:8f:c6:ec:0a:e2:e2:b9:37:75:06:51:5c:54:
ef:f1:4d:6b:67:67:e9:95:6b:c3:ef:9e:cd:85:d4:
bb:e4:75:46:d3:4f:60:4e:9f:63:09:9c:bd:69:7d:
6f:05:57:67:ab:e3:0f:df:af:89:c0:c2:ab:37:90:
8f:b2:14:41:75:54:f8:9a:99:7b:ba:fd:68:a3:86:
05:39:7c:06:8e:71:a5:5a:9b:de:7a:2d:d0:10:5f:
8d:11:90:af:3b:c8:82:9f:a9:d2:32:2d:bf:18:d8:
18:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B1:AC:4A:E6:C0:35:AE:37:D0:7B:99:4D:BC:08:C3:76:66:DB:B4
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/wLGsSubANa430HuZTbwIw3Zm27Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.228.0/22
14.102.234.0/24
14.102.236.0/22
103.47.56.0/24
103.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:4b:8f:a3:8d:75:33:9d:8b:e8:cf:85:dd:7f:dc:fc:7f:bc:
52:8a:1f:cd:98:d6:3c:35:07:77:e0:b4:b4:90:82:a1:8d:9a:
aa:23:13:6e:c3:0e:42:6f:9d:11:8b:f4:aa:b4:4f:6d:19:8a:
ca:cf:d4:d6:15:91:95:aa:09:14:be:2e:e4:cf:da:c6:5b:d6:
e5:49:bf:b9:34:ea:57:74:c3:9d:24:80:7d:e7:1d:e9:19:11:
2c:bb:01:46:48:84:51:24:4d:eb:32:7c:33:9e:41:74:68:b5:
7f:a2:50:17:b2:d5:52:82:38:5a:10:f1:62:5e:86:10:a9:77:
ac:2d:fa:bc:7e:ed:d1:94:b2:8c:84:37:a6:8e:13:5f:ef:1a:
fc:da:03:44:d9:6f:c9:e9:3b:97:99:72:18:0a:cb:25:fa:61:
0f:7e:e9:e5:7f:93:e7:ce:55:f7:bf:99:53:76:8e:06:b1:bd:
8f:96:31:6c:a9:4b:26:de:8b:d1:0e:a6:f5:39:6c:2b:1e:2a:
19:35:b6:15:d5:0b:fe:44:2a:0a:9c:e5:06:39:27:42:f4:ac:
03:7d:9b:91:b4:d5:4c:13:63:ac:b8:b4:d1:01:5c:69:ff:51:
f6:97:b5:ce:a9:45:82:34:b9:c0:27:dc:39:a9:e0:17:c4:5c:
bc:a2:f0:c9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYs4zf/5ZekM5B//uBQ5Y8ehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMxMDE2MTQwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGIxYWM0YWU2YzAzNWFlMzdkMDdiOTk0ZGJjMDhjMzc2NjZkYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwVsPWoulCFxrY0x7h2TBHU5NUPW
FMUvlWNY6gtmMfpfSCsO0kSLnCAzw5LUDmwa8mTDzHIXApbBvgpa/J3+1oW/sBdY
XCPOIsSDYk4Kr/gJoh0gdNNsLcS5waZBotdbRrcFLqQQ7Py0BvnarOM9yIGyiEc4
O6F2pPhthAPWo7uONUsFn35akoLPBszzQ18yAvV32gp+GY/G7Ari4rk3dQZRXFTv
8U1rZ2fplWvD757NhdS75HVG009gTp9jCZy9aX1vBVdnq+MP36+JwMKrN5CPshRB
dVT4mpl7uv1oo4YFOXwGjnGlWpveei3QEF+NEZCvO8iCn6nSMi2/GNgYGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMCxrErmwDWuN9B7mU28CMN2Ztu0MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvd0xHc1N1YkFOYTQzMEh1WlRid0l3M1ptMjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCDmbkAwQA
DmbqAwQCDmbsAwQAZy84AwQAZy87MA0GCSqGSIb3DQEBCwUAA4IBAQDES4+jjXUz
nYvoz4Xdf9z8f7xSih/NmNY8NQd34LS0kIKhjZqqIxNuww5Cb50Ri/SqtE9tGYrK
z9TWFZGVqgkUvi7kz9rGW9blSb+5NOpXdMOdJIB95x3pGREsuwFGSIRRJE3rMnwz
nkF0aLV/olAXstVSgjhaEPFiXoYQqXesLfq8fu3RlLKMhDemjhNf7xr82gNE2W/J
6TuXmXIYCssl+mEPfunlf5PnzlX3v5lTdo4Gsb2PljFsqUsm3ovRDqb1OWwrHioZ
NbYV1Qv+RCoKnOUGOSdC9KwDfZuRtNVME2OsuLTRAVxp/1H2l7XOqUWCNLnAJ9w5
qeAXxFy8ovDJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:30 2025 by rpki-client