Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/5BMFnuhsz_mV7FBeVe8DB61WS-Q.roa
File: 5BMFnuhsz_mV7FBeVe8DB61WS-Q.roa (raw, json)
Hash identifier: xp9vBsb3RVwOfRnVS7vwh/bfbrgg4FUFDmhARBM+f4o=
Subject key identifier: E4:13:05:9E:E8:6C:CF:F9:95:EC:50:5E:55:EF:03:07:AD:56:4B:E4
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018B290EC53D664DD503B386BBA09FFE9E66
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/5BMFnuhsz_mV7FBeVe8DB61WS-Q.roa
Signing time: Fri 13 Oct 2023 12:41:55 +0000
ROA not before: Fri 13 Oct 2023 12:41:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216256
IP address blocks: 103.102.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:0e:c5:3d:66:4d:d5:03:b3:86:bb:a0:9f:fe:9e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Oct 13 12:41:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e413059ee86ccff995ec505e55ef0307ad564be4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:91:89:36:87:cf:a2:26:9e:5b:f1:21:f6:2b:
f0:d4:2e:a6:75:1a:fe:ea:bc:6e:43:44:14:36:0f:
74:75:cf:2b:2e:f6:04:f1:69:88:ce:86:90:ce:a8:
73:3e:2d:6b:33:1b:3a:42:d7:e8:86:8b:6c:92:d5:
54:4b:26:17:30:fc:10:a9:1f:41:e6:47:05:30:77:
1d:36:e3:39:39:35:d9:79:8c:e3:a8:0a:55:47:45:
03:fe:71:3d:3d:4d:8a:0f:2c:ee:bd:7a:01:c1:bf:
49:ce:93:d7:2f:d9:7b:3e:43:8f:f6:6f:39:50:0d:
7c:f8:16:b1:25:b1:23:5b:13:23:67:06:00:14:36:
50:ea:4c:bd:aa:6e:6f:33:50:fc:6e:9f:3b:90:0d:
e3:7f:3e:72:4e:8b:a7:c4:bf:0c:0a:27:cf:1b:b1:
f9:e0:2d:57:b3:6b:fd:82:7b:57:2e:07:a1:98:33:
a9:7f:c8:0f:a8:42:83:83:a0:19:d0:0b:e6:7f:7c:
26:6e:26:a4:b9:d2:0a:62:c5:2f:70:15:d9:c3:b2:
db:0a:62:a4:a5:da:38:19:f3:c7:c9:4d:db:fa:2f:
52:bc:74:e4:3e:60:f9:19:1a:4d:f7:33:da:c5:37:
22:ae:c2:6a:b5:b4:2f:48:1b:b8:bf:15:59:2b:4b:
2a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:13:05:9E:E8:6C:CF:F9:95:EC:50:5E:55:EF:03:07:AD:56:4B:E4
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/5BMFnuhsz_mV7FBeVe8DB61WS-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.228.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:d4:20:01:b0:4e:ca:b2:52:1e:ef:6d:ac:40:78:3a:28:a8:
69:2d:57:a1:d3:4d:33:32:a2:8b:9e:ac:4e:c2:9e:33:d6:34:
6b:ce:77:7b:c4:1c:13:dd:67:fe:a3:1e:89:e3:6b:78:65:55:
e1:63:cd:dd:60:c0:db:dd:7d:a2:14:eb:47:db:a1:9e:5f:66:
8b:93:d2:cc:0f:22:47:40:32:52:09:d2:ed:93:fe:1c:21:83:
e6:9b:cc:e0:bc:28:a9:08:a0:9c:4b:d0:86:fa:75:d5:72:2f:
f9:d4:22:bf:2b:99:0c:da:7e:2d:61:35:3a:bc:9b:b2:3e:b5:
01:20:f1:fd:f6:7b:f9:85:a2:ff:a7:7d:51:f1:74:ce:21:a3:
6c:b7:49:07:23:73:c9:e6:86:b6:b1:0c:f9:6b:d3:4d:08:65:
70:08:97:b7:f6:58:29:dd:f3:4c:31:12:1f:42:7e:82:a1:3e:
cb:5a:c7:da:d3:49:95:f0:a8:d6:1a:61:ef:30:40:61:80:56:
85:86:87:df:d1:e4:f4:e5:91:b8:c8:76:1c:9c:e2:40:eb:e8:
5d:cb:d5:de:52:a0:45:03:a3:b4:f4:e4:fd:e7:59:1e:f6:cc:
7a:d3:25:60:86:2b:a2:4c:0c:ed:2c:d7:55:b5:39:1e:8a:eb:
39:8e:8d:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYspDsU9Zk3VA7OGu6Cf/p5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjMxMDEzMTI0MTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDEzMDU5ZWU4NmNjZmY5OTVlYzUwNWU1NWVmMDMwN2FkNTY0YmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZGJNofPoiaeW/Eh9ivw1C6mdRr+
6rxuQ0QUNg90dc8rLvYE8WmIzoaQzqhzPi1rMxs6QtfohotsktVUSyYXMPwQqR9B
5kcFMHcdNuM5OTXZeYzjqApVR0UD/nE9PU2KDyzuvXoBwb9JzpPXL9l7PkOP9m85
UA18+BaxJbEjWxMjZwYAFDZQ6ky9qm5vM1D8bp87kA3jfz5yTounxL8MCifPG7H5
4C1Xs2v9gntXLgehmDOpf8gPqEKDg6AZ0Avmf3wmbiakudIKYsUvcBXZw7LbCmKk
pdo4GfPHyU3b+i9SvHTkPmD5GRpN9zPaxTcirsJqtbQvSBu4vxVZK0sq7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQTBZ7obM/5lexQXlXvAwetVkvkMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvNUJNRm51aHN6X21WN0ZCZVZlOERCNjFXUy1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2bkMA0G
CSqGSIb3DQEBCwUAA4IBAQBe1CABsE7KslIe722sQHg6KKhpLVeh000zMqKLnqxO
wp4z1jRrznd7xBwT3Wf+ox6J42t4ZVXhY83dYMDb3X2iFOtH26GeX2aLk9LMDyJH
QDJSCdLtk/4cIYPmm8zgvCipCKCcS9CG+nXVci/51CK/K5kM2n4tYTU6vJuyPrUB
IPH99nv5haL/p31R8XTOIaNst0kHI3PJ5oa2sQz5a9NNCGVwCJe39lgp3fNMMRIf
Qn6CoT7LWsfa00mV8KjWGmHvMEBhgFaFhoff0eT05ZG4yHYcnOJA6+hdy9XeUqBF
A6O09OT951ke9sx60yVghiuiTAztLNdVtTkeius5jo1T
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:23:04 2025 by rpki-client