Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/8PoMMmRnUfdJY63TYNxSir3oELM.roa
File: 8PoMMmRnUfdJY63TYNxSir3oELM.roa (raw, json)
Hash identifier: jI0hFUtXeeK5YftKOIy0rXxXU6NTmJs3IqXtB8M7Hfs=
Subject key identifier: F0:FA:0C:32:64:67:51:F7:49:63:AD:D3:60:DC:52:8A:BD:E8:10:B3
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018C5946A10AAEFE41E918FB9D2A066A8349
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/8PoMMmRnUfdJY63TYNxSir3oELM.roa
Signing time: Mon 11 Dec 2023 14:27:30 +0000
ROA not before: Mon 11 Dec 2023 14:27:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213382
IP address blocks: 103.102.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:59:46:a1:0a:ae:fe:41:e9:18:fb:9d:2a:06:6a:83:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Dec 11 14:27:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0fa0c32646751f74963add360dc528abde810b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e0:d6:e5:cc:28:a0:73:d8:91:2b:a1:b8:84:
ff:88:f1:57:3f:40:dc:0c:93:b4:e1:be:fd:b8:47:
f1:6a:d7:2d:97:b1:f9:ab:ff:d3:a9:7d:ac:00:4c:
b7:b4:ed:bb:23:9b:37:fb:23:6f:98:1b:82:cf:1e:
0d:55:cc:45:20:84:b2:43:49:41:05:5d:a6:11:91:
09:5f:36:bd:e4:e7:b9:f0:b7:c7:0f:98:a3:ae:3e:
73:f4:85:d2:14:8e:70:b9:b0:03:88:3e:0c:e8:c8:
71:3d:11:ae:3c:04:c5:75:4f:cb:e2:0f:f6:77:4d:
05:9b:c7:eb:33:07:e9:b1:e6:8c:a3:93:94:7b:4c:
df:59:a4:0f:45:eb:df:93:b0:b0:af:a1:6e:26:45:
76:22:83:21:14:f2:1c:75:4f:0e:bd:c9:a3:44:e2:
cf:a5:37:bf:9e:94:2b:8b:c9:cf:3d:90:d3:66:be:
f5:26:a6:78:f2:de:79:d3:41:5b:a7:07:ce:4c:e5:
e8:3b:bb:9a:6c:23:5a:d0:35:4c:16:35:00:7f:e7:
40:f8:cd:d4:5d:f4:27:fb:46:74:30:9a:aa:19:90:
6f:c3:61:df:d5:7b:03:c8:29:ec:44:04:a2:e1:d1:
f3:80:82:d9:eb:8b:c7:5b:ae:1c:eb:93:5f:31:de:
0c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:FA:0C:32:64:67:51:F7:49:63:AD:D3:60:DC:52:8A:BD:E8:10:B3
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/8PoMMmRnUfdJY63TYNxSir3oELM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.230.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:f5:a1:fa:07:73:de:b5:40:c1:7c:bc:ba:83:3d:be:da:f0:
0a:f2:a0:ad:f3:bc:98:a4:84:b5:72:bd:33:4f:e0:fe:35:5c:
e2:59:bf:15:e3:2d:3a:45:7d:05:b2:7f:70:2d:c4:77:f6:7f:
59:7a:b7:f5:7a:3a:99:f4:9d:42:4a:00:4f:ef:22:aa:a6:18:
1a:4a:0c:89:ce:3a:73:ea:ba:a0:0e:2c:81:58:17:31:eb:c8:
ff:04:fa:1f:86:3d:62:b2:c0:74:c0:db:e5:e1:e3:a4:f1:5f:
b4:08:96:df:52:63:93:c9:79:9a:de:32:2f:f0:93:db:d4:11:
62:13:b8:b0:92:97:5c:0a:1e:c9:69:48:c3:67:f4:04:40:5d:
9e:74:a8:76:9c:4d:d4:67:a7:12:b2:a7:fd:0c:93:34:9a:02:
22:b5:57:e8:39:db:82:bc:79:7d:36:86:2c:7a:76:0d:05:f3:
64:7f:9f:7b:ec:b2:47:db:d9:05:da:52:b9:0e:5b:18:32:db:
69:6f:5b:1c:f8:f3:d4:8f:5a:79:03:aa:83:b8:70:e2:17:8b:
00:b9:e9:66:0e:aa:b1:1b:ac:93:bd:02:fd:9c:9b:77:a5:44:
60:df:f4:7d:38:a4:54:67:03:60:d7:b2:d9:b4:76:37:c3:76:
d4:db:43:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxZRqEKrv5B6Rj7nSoGaoNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjMxMjExMTQyNzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGZhMGMzMjY0Njc1MWY3NDk2M2FkZDM2MGRjNTI4YWJkZTgxMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+DW5cwooHPYkSuhuIT/iPFXP0Dc
DJO04b79uEfxatctl7H5q//TqX2sAEy3tO27I5s3+yNvmBuCzx4NVcxFIISyQ0lB
BV2mEZEJXza95Oe58LfHD5ijrj5z9IXSFI5wubADiD4M6MhxPRGuPATFdU/L4g/2
d00Fm8frMwfpseaMo5OUe0zfWaQPRevfk7Cwr6FuJkV2IoMhFPIcdU8OvcmjROLP
pTe/npQri8nPPZDTZr71JqZ48t5500FbpwfOTOXoO7uabCNa0DVMFjUAf+dA+M3U
XfQn+0Z0MJqqGZBvw2Hf1XsDyCnsRASi4dHzgILZ64vHW64c65NfMd4M8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPD6DDJkZ1H3SWOt02DcUoq96BCzMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvOFBvTU1tUm5VZmRKWTYzVFlOeFNpcjNvRUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2bmMA0G
CSqGSIb3DQEBCwUAA4IBAQBv9aH6B3PetUDBfLy6gz2+2vAK8qCt87yYpIS1cr0z
T+D+NVziWb8V4y06RX0Fsn9wLcR39n9Zerf1ejqZ9J1CSgBP7yKqphgaSgyJzjpz
6rqgDiyBWBcx68j/BPofhj1issB0wNvl4eOk8V+0CJbfUmOTyXma3jIv8JPb1BFi
E7iwkpdcCh7JaUjDZ/QEQF2edKh2nE3UZ6cSsqf9DJM0mgIitVfoOduCvHl9NoYs
enYNBfNkf5977LJH29kF2lK5DlsYMttpb1sc+PPUj1p5A6qDuHDiF4sAuelmDqqx
G6yTvQL9nJt3pURg3/R9OKRUZwNg17LZtHY3w3bU20OA
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:27:40 2025 by rpki-client