Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/dALudY50IKSj3DRwpKC2CYCuSvE.roa
File: dALudY50IKSj3DRwpKC2CYCuSvE.roa (raw, json)
Hash identifier: r6Uyeq0JNyd/8iSEodOSuSUfuk9E80aaUs3TiNvJ+O8=
Subject key identifier: 74:02:EE:75:8E:74:20:A4:A3:DC:34:70:A4:A0:B6:09:80:AE:4A:F1
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018B8C01E48C9BE29F288D6E456189E1A37C
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/dALudY50IKSj3DRwpKC2CYCuSvE.roa
Signing time: Wed 01 Nov 2023 17:50:16 +0000
ROA not before: Wed 01 Nov 2023 17:50:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198825
IP address blocks: 103.102.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:01:e4:8c:9b:e2:9f:28:8d:6e:45:61:89:e1:a3:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Nov 1 17:50:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7402ee758e7420a4a3dc3470a4a0b60980ae4af1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:10:ba:18:d9:fd:b0:a7:94:d3:b3:8e:ce:ee:
87:27:fa:58:ac:b1:f2:0e:23:b2:98:cd:ce:b9:38:
8f:8c:a8:fa:49:2d:85:4d:15:ea:0a:7a:50:9d:ce:
a2:9d:09:34:28:e9:19:ba:ce:b0:57:ef:61:4f:bd:
ce:7b:62:dd:38:bc:9f:a0:49:e3:18:d7:5c:ca:20:
25:81:5f:bd:6d:8e:25:64:2b:d0:60:ed:5b:25:3a:
80:04:47:7f:78:0a:f8:e8:cc:92:bd:3e:d1:b5:c3:
ef:be:50:0c:59:44:19:75:00:88:af:c6:c8:d1:bc:
58:9b:b4:e8:c0:c6:88:3d:27:d0:47:e0:8e:5d:16:
08:7a:ec:12:da:5c:0b:03:51:8a:3a:a8:8f:78:e7:
51:4c:08:18:92:b5:2b:0a:96:b3:6c:e6:66:82:5e:
72:3b:ca:d7:eb:15:67:d4:37:0f:0a:27:20:32:6c:
b2:cb:0d:95:c6:39:aa:d4:79:e3:5f:ac:b6:76:d2:
91:8b:1f:9b:ea:ea:cc:cc:7a:00:e0:be:b0:fa:0f:
65:36:63:44:02:47:f8:bc:a2:4d:d3:d6:70:38:69:
32:dd:09:83:94:56:08:59:34:3f:0e:84:bb:a2:bb:
f5:2b:a8:10:f4:c1:f6:cf:f3:61:a7:e7:98:f6:a5:
4e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:02:EE:75:8E:74:20:A4:A3:DC:34:70:A4:A0:B6:09:80:AE:4A:F1
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/dALudY50IKSj3DRwpKC2CYCuSvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.230.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:c4:e8:1c:3f:73:76:8b:ca:93:67:a2:da:34:1d:e7:46:99:
6c:c8:6e:a1:ad:d4:55:4f:ce:39:f4:29:dc:d6:55:0d:8f:66:
58:a5:e6:3d:d1:97:2d:f4:5d:91:ea:c4:a6:2a:70:ea:2f:72:
fc:1b:29:cc:f5:3d:87:66:ae:17:16:43:bc:a1:5f:8b:ec:3f:
90:8e:bb:98:aa:65:1c:b8:4f:a6:f5:37:17:d2:8d:4e:8b:26:
d7:27:95:b5:a6:18:36:89:67:84:4e:38:de:03:f4:9d:bc:1c:
b8:ff:05:06:12:90:e2:4e:c9:99:f4:f3:39:b8:c0:ce:1e:7a:
b0:c0:c3:58:8c:26:49:39:53:bf:d9:7f:79:5c:f2:93:99:4d:
da:a6:80:b1:5c:09:b0:4e:d9:d7:d1:05:80:33:32:51:cd:9f:
e4:b6:3a:44:6b:17:97:cb:ff:70:b2:0d:8a:55:9c:39:24:4b:
c7:d9:5e:7e:42:b4:59:0f:d9:b9:cb:5d:79:84:a1:97:ff:9e:
3b:15:1e:12:73:ad:34:fc:5a:27:f5:10:03:c2:d2:6e:c9:40:
c1:f0:91:dd:05:79:9d:74:c5:9f:0e:64:49:de:fc:1e:ac:6b:
29:02:18:1b:5f:07:c6:d1:1a:15:0f:0d:9e:b1:d7:f0:66:89:
76:46:01:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuMAeSMm+KfKI1uRWGJ4aN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjMxMTAxMTc1MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDAyZWU3NThlNzQyMGE0YTNkYzM0NzBhNGEwYjYwOTgwYWU0YWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhC6GNn9sKeU07OOzu6HJ/pYrLHy
DiOymM3OuTiPjKj6SS2FTRXqCnpQnc6inQk0KOkZus6wV+9hT73Oe2LdOLyfoEnj
GNdcyiAlgV+9bY4lZCvQYO1bJTqABEd/eAr46MySvT7RtcPvvlAMWUQZdQCIr8bI
0bxYm7TowMaIPSfQR+COXRYIeuwS2lwLA1GKOqiPeOdRTAgYkrUrCpazbOZmgl5y
O8rX6xVn1DcPCicgMmyyyw2Vxjmq1HnjX6y2dtKRix+b6urMzHoA4L6w+g9lNmNE
Akf4vKJN09ZwOGky3QmDlFYIWTQ/DoS7orv1K6gQ9MH2z/Nhp+eY9qVOkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQC7nWOdCCko9w0cKSgtgmArkrxMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvZEFMdWRZNTBJS1NqM0RSd3BLQzJDWUN1U3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2bmMA0G
CSqGSIb3DQEBCwUAA4IBAQAKxOgcP3N2i8qTZ6LaNB3nRplsyG6hrdRVT8459Cnc
1lUNj2ZYpeY90Zct9F2R6sSmKnDqL3L8GynM9T2HZq4XFkO8oV+L7D+QjruYqmUc
uE+m9TcX0o1OiybXJ5W1phg2iWeETjjeA/SdvBy4/wUGEpDiTsmZ9PM5uMDOHnqw
wMNYjCZJOVO/2X95XPKTmU3apoCxXAmwTtnX0QWAMzJRzZ/ktjpEaxeXy/9wsg2K
VZw5JEvH2V5+QrRZD9m5y115hKGX/547FR4Sc600/Fon9RADwtJuyUDB8JHdBXmd
dMWfDmRJ3vwerGspAhgbXwfG0RoVDw2esdfwZol2RgFI
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:42:43 2025 by rpki-client