Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/ZGgTusqNHQY7KV22qj1BG8NJ1sw.roa
File: ZGgTusqNHQY7KV22qj1BG8NJ1sw.roa (raw, json)
Hash identifier: F9ZDgeld70GDkNaXQ4OPXZ4ylIMS1znRMwR36E4c/D0=
Subject key identifier: 64:68:13:BA:CA:8D:1D:06:3B:29:5D:B6:AA:3D:41:1B:C3:49:D6:CC
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018B66C4AABCFFBDE61FE038645BB3A31569
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/ZGgTusqNHQY7KV22qj1BG8NJ1sw.roa
Signing time: Wed 25 Oct 2023 12:17:26 +0000
ROA not before: Wed 25 Oct 2023 12:17:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216167
IP address blocks: 103.102.228.0/24 maxlen: 24
203.55.81.0/24 maxlen: 24
2a13:c7c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:c4:aa:bc:ff:bd:e6:1f:e0:38:64:5b:b3:a3:15:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Oct 25 12:17:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=646813baca8d1d063b295db6aa3d411bc349d6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f2:65:e3:5b:c7:ab:2d:d7:cc:a1:a0:22:9b:
82:2a:5b:f6:11:9f:2c:fd:30:cf:c8:e4:cb:92:ee:
9b:0f:e2:12:e6:28:28:e3:78:0c:fa:4c:8d:d3:a2:
18:48:14:50:9f:c5:d9:36:68:c3:b5:3b:ba:ba:fe:
76:34:92:09:e4:f5:ff:08:96:f8:75:44:91:13:2b:
0d:12:e8:a7:c2:73:01:3e:0e:90:08:1d:fa:bf:b5:
40:f2:71:e1:c6:5f:96:c8:4f:46:85:cf:8f:34:da:
dc:91:38:85:4a:bb:bd:9e:f3:c7:3f:09:8a:08:4e:
f7:75:e3:32:2f:9a:60:42:d0:7e:e0:28:71:92:aa:
9a:04:dc:56:d3:c4:f7:68:a3:bf:a5:10:fb:08:65:
f6:85:be:4c:36:ea:c7:d0:27:b2:4f:00:10:d9:d2:
dc:24:f3:4e:ed:01:01:a5:23:76:fa:20:5a:41:33:
5c:28:6c:90:d7:a4:ab:1e:f7:a4:07:71:d8:a8:2e:
ac:bd:ef:47:70:93:22:f1:12:da:5c:00:07:af:d4:
26:bc:05:51:d1:df:b3:f4:9e:17:fa:ee:df:ee:0b:
6a:58:85:02:be:11:03:1b:2b:fa:37:06:f5:a3:8d:
24:da:a1:99:2e:87:a2:1d:0d:1b:da:33:cd:0b:8c:
6c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:68:13:BA:CA:8D:1D:06:3B:29:5D:B6:AA:3D:41:1B:C3:49:D6:CC
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/ZGgTusqNHQY7KV22qj1BG8NJ1sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.228.0/24
203.55.81.0/24
IPv6:
2a13:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
59:6e:55:00:51:f5:87:34:e6:c5:14:f0:ab:1c:63:78:f6:5c:
48:4f:8a:9f:42:45:69:92:5d:4d:bc:c3:a0:aa:c4:42:64:c0:
8c:e9:dc:8b:27:db:9c:eb:fa:c5:3e:50:0e:2b:28:41:34:88:
57:76:89:b4:8a:0b:a4:0e:a9:af:82:f8:1c:11:8c:b3:43:eb:
5e:b1:02:68:3e:67:80:c8:f1:8c:71:f9:37:64:25:04:f4:c0:
88:c1:20:47:f9:2c:81:1b:6b:8c:4a:79:c2:7b:9a:a0:e8:6a:
db:ba:05:5c:0c:f2:b7:35:34:f9:93:da:a8:89:3d:ce:a0:67:
55:e1:d0:57:db:c9:b0:32:e7:dd:34:1c:8a:ed:5f:c9:59:43:
7c:24:44:af:54:c9:60:2a:e9:14:49:27:a4:5b:b7:f7:c6:7c:
b4:a4:f4:f0:3e:cc:e6:08:6d:a7:ad:f6:0b:ae:26:bd:e5:ed:
a0:27:2d:e6:72:9b:c3:ed:b2:a5:86:c5:cd:20:88:ca:63:1f:
3b:fd:52:31:b1:b3:1c:df:63:7a:8f:5c:73:09:ad:2d:54:0c:
e6:02:62:07:cd:27:5a:b9:21:6c:22:30:79:fb:7a:41:bb:9e:
7c:39:61:23:f3:cf:14:5c:3d:1b:f6:aa:29:db:13:85:35:b2:
a9:98:94:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYtmxKq8/73mH+A4ZFuzoxVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjMxMDI1MTIxNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDY4MTNiYWNhOGQxZDA2M2IyOTVkYjZhYTNkNDExYmMzNDlkNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/Jl41vHqy3XzKGgIpuCKlv2EZ8s
/TDPyOTLku6bD+IS5igo43gM+kyN06IYSBRQn8XZNmjDtTu6uv52NJIJ5PX/CJb4
dUSREysNEuinwnMBPg6QCB36v7VA8nHhxl+WyE9Ghc+PNNrckTiFSru9nvPHPwmK
CE73deMyL5pgQtB+4ChxkqqaBNxW08T3aKO/pRD7CGX2hb5MNurH0CeyTwAQ2dLc
JPNO7QEBpSN2+iBaQTNcKGyQ16SrHvekB3HYqC6sve9HcJMi8RLaXAAHr9QmvAVR
0d+z9J4X+u7f7gtqWIUCvhEDGyv6Nwb1o40k2qGZLoeiHQ0b2jPNC4xsIwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGRoE7rKjR0GOyldtqo9QRvDSdbMMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvWkdnVHVzcU5IUVk3S1YyMnFqMUJHOE5KMXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAZ2bkAwQA
yzdRMA0EAgACMAcDBQAqE8fAMA0GCSqGSIb3DQEBCwUAA4IBAQBZblUAUfWHNObF
FPCrHGN49lxIT4qfQkVpkl1NvMOgqsRCZMCM6dyLJ9uc6/rFPlAOKyhBNIhXdom0
igukDqmvgvgcEYyzQ+tesQJoPmeAyPGMcfk3ZCUE9MCIwSBH+SyBG2uMSnnCe5qg
6GrbugVcDPK3NTT5k9qoiT3OoGdV4dBX28mwMufdNByK7V/JWUN8JESvVMlgKukU
SSekW7f3xny0pPTwPszmCG2nrfYLria95e2gJy3mcpvD7bKlhsXNIIjKYx87/VIx
sbMc32N6j1xzCa0tVAzmAmIHzSdauSFsIjB5+3pBu558OWEj888UXD0b9qop2xOF
NbKpmJQ0
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:52:55 2025 by rpki-client