Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/_FOp3XKGenPHicenYO2muT-fIlU.roa
File: _FOp3XKGenPHicenYO2muT-fIlU.roa (raw, json)
Hash identifier: oxUi/NLHFAl2iSy4w/BzvGpHGcQMKnaYB4a0XXI4TjE=
Subject key identifier: FC:53:A9:DD:72:86:7A:73:C7:89:C7:A7:60:ED:A6:B9:3F:9F:22:55
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018B3A0D874578EA3F440F6EBC7D1761BC1B
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/_FOp3XKGenPHicenYO2muT-fIlU.roa
Signing time: Mon 16 Oct 2023 19:54:06 +0000
ROA not before: Mon 16 Oct 2023 19:54:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216291
IP address blocks: 103.102.230.0/24 maxlen: 24
2a13:c7c1:10::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3a:0d:87:45:78:ea:3f:44:0f:6e:bc:7d:17:61:bc:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Oct 16 19:54:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc53a9dd72867a73c789c7a760eda6b93f9f2255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:20:96:e6:5d:be:d8:c9:2a:5c:c2:2c:7d:d6:
8a:34:3e:ce:8f:3c:5c:b5:36:c7:bc:d7:c4:4e:4b:
cd:d8:3c:d4:2b:c9:0b:10:75:eb:51:81:c0:e5:b9:
c1:64:05:62:ea:57:fc:ca:d0:d7:f0:0d:cf:cb:d2:
a6:c5:ae:1f:40:c6:a3:0d:73:45:41:7d:83:fc:82:
12:96:75:c1:30:34:dc:d9:bc:fa:24:4a:65:70:b7:
28:af:ec:33:84:12:36:91:9b:b2:b7:7c:aa:1f:3e:
53:ea:1b:78:99:de:35:e0:aa:af:58:63:f0:c9:b3:
ee:91:6b:f2:6c:df:1d:0f:34:04:b6:4d:ad:bd:ba:
28:42:08:21:89:97:4d:f6:1b:6c:3f:f2:7e:91:40:
7e:e9:22:d2:7d:b2:b7:6e:b9:7c:95:dc:07:90:e0:
82:4b:de:aa:d8:cb:78:f3:10:bb:32:96:c1:1a:78:
1c:c2:be:15:35:9c:e9:9d:bc:29:08:8f:31:76:00:
fe:0d:ce:67:a6:19:3b:9f:33:f3:2e:53:28:42:13:
4e:e8:7f:6f:15:fd:aa:ea:14:fa:c8:b1:c5:ce:ab:
ce:0e:e0:dd:dd:4a:de:f0:8b:04:e0:93:cc:06:6c:
f7:68:32:6a:b3:ca:15:7c:aa:3c:14:f6:79:24:16:
56:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:53:A9:DD:72:86:7A:73:C7:89:C7:A7:60:ED:A6:B9:3F:9F:22:55
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/_FOp3XKGenPHicenYO2muT-fIlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.230.0/24
IPv6:
2a13:c7c1:10::/44
Signature Algorithm: sha256WithRSAEncryption
b4:c5:56:9f:40:2a:13:41:65:fc:c3:40:9c:3d:48:26:35:47:
76:b7:9e:ba:cf:f9:60:9d:d2:c8:7a:bd:bb:d5:c5:3e:20:7e:
7d:3a:30:a1:ec:69:7e:33:92:8c:ad:c4:2d:e9:2a:e5:ca:50:
20:1e:df:b5:91:18:d5:76:f2:60:83:fd:c8:25:3e:68:95:97:
d4:40:7b:ef:19:72:ce:1c:43:99:75:ee:f3:01:1f:9f:bd:8d:
0a:7c:c9:96:7b:48:b9:fa:ec:45:b7:f2:d2:bb:b1:04:d1:41:
ff:41:bb:dd:58:45:c1:bf:5f:af:24:31:d1:93:dd:8d:8f:d9:
0c:63:e0:b3:b5:09:d8:3c:b5:59:4c:db:8a:fe:86:21:5a:05:
0f:3b:a8:f1:6d:60:47:fa:bd:9e:d5:96:67:c1:b6:67:3e:da:
bb:e6:10:01:55:ec:76:a5:60:1f:9f:8d:3f:26:49:77:38:e8:
98:3b:72:95:78:1d:35:0c:68:30:3f:dc:c9:70:57:47:8e:35:
d6:00:ab:8e:da:8f:b8:d4:b3:fc:aa:62:0a:43:a4:d2:7f:30:
4b:f2:83:48:08:7e:a1:69:5d:24:63:94:96:9b:4e:d7:43:7a:
9d:6e:fc:fa:56:67:13:c0:a7:9b:8c:2d:f6:9f:f1:6c:08:60:
b9:c6:34:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs6DYdFeOo/RA9uvH0XYbwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjMxMDE2MTk1NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzUzYTlkZDcyODY3YTczYzc4OWM3YTc2MGVkYTZiOTNmOWYyMjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyCW5l2+2MkqXMIsfdaKND7Ojzxc
tTbHvNfETkvN2DzUK8kLEHXrUYHA5bnBZAVi6lf8ytDX8A3Py9Kmxa4fQMajDXNF
QX2D/IISlnXBMDTc2bz6JEplcLcor+wzhBI2kZuyt3yqHz5T6ht4md414KqvWGPw
ybPukWvybN8dDzQEtk2tvbooQgghiZdN9htsP/J+kUB+6SLSfbK3brl8ldwHkOCC
S96q2Mt48xC7MpbBGngcwr4VNZzpnbwpCI8xdgD+Dc5nphk7nzPzLlMoQhNO6H9v
Ff2q6hT6yLHFzqvODuDd3Ure8IsE4JPMBmz3aDJqs8oVfKo8FPZ5JBZWRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPxTqd1yhnpzx4nHp2Dtprk/nyJVMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvX0ZPcDNYS0dlblBIaWNlbllPMm11VC1mSWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAZ2bmMA8E
AgACMAkDBwQqE8fBABAwDQYJKoZIhvcNAQELBQADggEBALTFVp9AKhNBZfzDQJw9
SCY1R3a3nrrP+WCd0sh6vbvVxT4gfn06MKHsaX4zkoytxC3pKuXKUCAe37WRGNV2
8mCD/cglPmiVl9RAe+8Zcs4cQ5l17vMBH5+9jQp8yZZ7SLn67EW38tK7sQTRQf9B
u91YRcG/X68kMdGT3Y2P2Qxj4LO1Cdg8tVlM24r+hiFaBQ87qPFtYEf6vZ7VlmfB
tmc+2rvmEAFV7HalYB+fjT8mSXc46Jg7cpV4HTUMaDA/3MlwV0eONdYAq47aj7jU
s/yqYgpDpNJ/MEvyg0gIfqFpXSRjlJabTtdDep1u/PpWZxPAp5uMLfaf8WwIYLnG
NHw=
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:29:58 2025 by rpki-client