Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/dW9gBZcXUjo7twBCwsL7bffdcUA.roa
File: dW9gBZcXUjo7twBCwsL7bffdcUA.roa (raw, json)
Hash identifier: PuAwb5YmRtk7aqfzHz+1Lqxnku1iix1y8Bv01RnXl74=
Subject key identifier: 75:6F:60:05:97:17:52:3A:3B:B7:00:42:C2:C2:FB:6D:F7:DD:71:40
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018BAA06DB4401E5C06AF8B98E373B79826C
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/dW9gBZcXUjo7twBCwsL7bffdcUA.roa
Signing time: Tue 07 Nov 2023 13:44:17 +0000
ROA not before: Tue 07 Nov 2023 13:44:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216167
IP address blocks: 103.102.228.0/22 maxlen: 24
103.102.228.0/24 maxlen: 24
203.55.81.0/24 maxlen: 24
2a13:c7c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:06:db:44:01:e5:c0:6a:f8:b9:8e:37:3b:79:82:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Nov 7 13:44:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=756f60059717523a3bb70042c2c2fb6df7dd7140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c0:58:7d:c6:4a:8d:6c:61:f0:7a:98:f0:a1:
0a:df:95:44:96:fc:51:28:46:69:81:d4:59:42:0e:
ac:c4:8f:34:42:33:6a:13:0d:9b:28:5d:47:09:17:
09:00:9b:95:75:1c:3e:1f:b6:5d:38:74:01:c8:5d:
58:df:b0:9d:3c:dd:82:14:63:0a:1e:c9:94:4b:74:
0c:95:2f:46:3b:6a:07:20:7b:eb:8f:99:bc:32:e9:
69:0c:bc:6c:a8:ac:7f:ea:ef:10:62:6a:92:9c:8f:
03:f9:1c:55:03:93:56:8e:b8:97:aa:f2:b3:08:7e:
5b:b8:83:09:59:01:f4:cc:b9:33:20:67:cf:0d:d8:
9f:37:50:8d:3b:d1:2c:16:cb:7a:65:2e:f6:5e:c8:
f7:d9:2c:d3:ea:90:e7:66:1a:da:7b:04:c8:4b:83:
15:9a:01:35:e0:ff:f1:3e:9b:05:93:1f:83:7c:be:
ea:ca:ff:34:fb:d2:40:0a:61:38:0d:e1:29:69:c9:
ac:aa:49:7e:28:d5:f5:37:c7:4d:5a:1f:1d:fa:69:
36:bc:1b:34:45:45:06:b7:63:2f:6d:e5:27:18:a4:
35:c9:f6:aa:c5:f2:f7:f3:8d:75:17:78:18:40:70:
2b:59:d9:74:46:1a:78:6e:ab:09:2b:6c:a3:b4:f4:
95:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6F:60:05:97:17:52:3A:3B:B7:00:42:C2:C2:FB:6D:F7:DD:71:40
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/dW9gBZcXUjo7twBCwsL7bffdcUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.228.0/22
203.55.81.0/24
IPv6:
2a13:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
61:5f:9a:6b:5e:0a:6a:06:4f:80:ef:a7:92:d4:cb:35:68:e4:
9d:cf:8f:bb:f3:02:52:b7:4b:49:3a:f8:15:6a:d9:5a:87:ae:
ba:d4:47:5f:cb:7f:6d:c7:24:40:fe:ab:a4:d6:8c:ec:e1:89:
e4:3e:c0:1c:45:97:4e:4d:23:b6:c6:b9:15:ee:56:e2:47:44:
c5:48:6d:20:f4:71:70:f8:95:87:08:3e:fc:91:6f:10:37:13:
53:55:5c:51:68:6b:90:b7:d5:ba:09:47:a9:40:2c:43:59:15:
8b:e3:80:06:56:d9:c0:ed:b0:a5:02:2a:82:c6:3a:f7:43:d1:
ec:4b:b2:0e:f2:5b:80:b8:4a:4f:2d:47:b6:bb:c6:14:44:3b:
53:64:1f:ba:48:cd:f1:55:40:eb:39:9a:a3:8f:83:1c:17:95:
d0:1b:86:5a:97:00:f8:a3:16:e8:f9:2f:d0:36:89:2e:2e:50:
f2:b5:b9:a0:f1:a0:c1:c2:2d:9e:5f:86:92:39:1b:51:c8:fb:
25:b0:7c:98:b6:64:6a:72:61:6e:37:e0:b8:46:f4:78:cf:52:
30:5f:10:a2:29:26:b2:52:62:38:e6:74:01:c4:76:98:a7:12:
da:34:18:9e:6a:48:24:59:3d:ec:4b:cc:1b:f3:d9:21:35:30:
24:c8:b9:75
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuqBttEAeXAavi5jjc7eYJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjMxMTA3MTM0NDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZmNjAwNTk3MTc1MjNhM2JiNzAwNDJjMmMyZmI2ZGY3ZGQ3MTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMBYfcZKjWxh8HqY8KEK35VElvxR
KEZpgdRZQg6sxI80QjNqEw2bKF1HCRcJAJuVdRw+H7ZdOHQByF1Y37CdPN2CFGMK
HsmUS3QMlS9GO2oHIHvrj5m8MulpDLxsqKx/6u8QYmqSnI8D+RxVA5NWjriXqvKz
CH5buIMJWQH0zLkzIGfPDdifN1CNO9EsFst6ZS72Xsj32SzT6pDnZhraewTIS4MV
mgE14P/xPpsFkx+DfL7qyv80+9JACmE4DeEpacmsqkl+KNX1N8dNWh8d+mk2vBs0
RUUGt2MvbeUnGKQ1yfaqxfL38411F3gYQHArWdl0Rhp4bqsJK2yjtPSV6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHVvYAWXF1I6O7cAQsLC+2333XFAMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvZFc5Z0JaY1hVam83dHdCQ3dzTDdiZmZkY1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ2bkAwQA
yzdRMA0EAgACMAcDBQAqE8fAMA0GCSqGSIb3DQEBCwUAA4IBAQBhX5prXgpqBk+A
76eS1Ms1aOSdz4+78wJSt0tJOvgVatlah6661Edfy39txyRA/quk1ozs4YnkPsAc
RZdOTSO2xrkV7lbiR0TFSG0g9HFw+JWHCD78kW8QNxNTVVxRaGuQt9W6CUepQCxD
WRWL44AGVtnA7bClAiqCxjr3Q9HsS7IO8luAuEpPLUe2u8YURDtTZB+6SM3xVUDr
OZqjj4McF5XQG4ZalwD4oxbo+S/QNokuLlDytbmg8aDBwi2eX4aSORtRyPslsHyY
tmRqcmFuN+C4RvR4z1IwXxCiKSayUmI45nQBxHaYpxLaNBieakgkWT3sS8wb89kh
NTAkyLl1
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:32:15 2025 by rpki-client