Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/l8xMzWOARW47AY9dhkV64QHBflU.roa
File: l8xMzWOARW47AY9dhkV64QHBflU.roa (raw, json)
Hash identifier: 3JnnLJPhfwaB3E7aP0XhdEJj5aksd8xl5HRs+JJfxdc=
Subject key identifier: 97:CC:4C:CD:63:80:45:6E:3B:01:8F:5D:86:45:7A:E1:01:C1:7E:55
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018B8C000F78B5259AF18CAE1DF0F734AC54
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/l8xMzWOARW47AY9dhkV64QHBflU.roa
Signing time: Wed 01 Nov 2023 17:48:16 +0000
ROA not before: Wed 01 Nov 2023 17:48:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216167
IP address blocks: 103.102.228.0/22 maxlen: 24
203.55.81.0/24 maxlen: 24
2a13:c7c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:00:0f:78:b5:25:9a:f1:8c:ae:1d:f0:f7:34:ac:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Nov 1 17:48:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97cc4ccd6380456e3b018f5d86457ae101c17e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e7:50:fa:f0:2e:df:c7:da:a4:8e:0e:24:83:
6d:0e:f5:5f:16:54:f5:63:81:c5:5e:f4:e0:33:91:
f8:90:ec:bf:15:b6:45:e7:90:63:88:3d:9e:ad:07:
9d:da:47:0c:7b:28:be:44:a9:cd:03:f0:b5:87:e7:
1b:e3:3d:a2:30:43:8f:ad:dd:e9:70:36:f9:32:2d:
76:62:0f:39:13:47:c5:65:81:52:64:dd:92:df:8b:
89:1b:0e:11:e4:76:aa:ba:c1:5d:66:6e:1a:b5:e8:
9d:f1:c1:0b:ca:b7:b6:7d:5d:b1:10:a3:2f:8d:a0:
fc:27:57:11:85:3d:b9:01:2d:a4:3f:f2:98:d8:f9:
2a:a1:d0:a0:bc:74:ce:b6:90:74:8e:62:97:53:8c:
4e:8f:71:fe:74:da:68:6b:2b:f7:36:5c:be:6e:42:
9d:be:f0:df:3e:86:48:56:1d:ef:22:df:73:3e:79:
c0:fa:2d:2b:d2:7a:63:6d:6a:bf:9b:a3:ce:46:2c:
87:1c:f2:fa:48:6b:fb:ba:8f:65:aa:30:a9:7c:14:
dc:3d:8e:99:38:c5:de:27:d5:94:a2:98:00:54:77:
3b:ed:48:49:ca:c2:db:ca:8c:e8:c1:5d:12:97:9c:
94:f9:3a:9c:68:8c:6b:e2:95:35:2f:28:6e:50:5b:
e0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CC:4C:CD:63:80:45:6E:3B:01:8F:5D:86:45:7A:E1:01:C1:7E:55
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/l8xMzWOARW47AY9dhkV64QHBflU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.228.0/22
203.55.81.0/24
IPv6:
2a13:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
0b:f1:5a:9d:b3:a4:68:be:90:a4:48:b8:06:95:f1:54:f3:44:
1b:ad:57:ed:cc:37:90:7f:57:45:5f:f6:46:73:49:f2:7c:82:
9b:c7:de:2e:a5:3f:da:18:1f:b2:45:5a:2e:e0:15:ab:10:01:
61:00:33:2e:c6:b8:74:e1:6a:01:5b:77:42:e1:40:eb:4f:f5:
f3:95:84:be:b8:62:ee:83:73:e5:79:34:50:00:5d:1c:70:8e:
18:26:a4:90:0d:d5:15:ef:87:68:ae:22:ad:ce:09:d7:a2:8b:
69:20:3d:18:13:d2:c8:5c:3a:50:b1:6c:21:1a:ff:b3:b9:a7:
18:73:02:09:40:ac:4f:74:5c:54:44:97:9b:9f:48:ed:37:2d:
80:b0:13:75:14:6c:41:23:5e:30:ce:d2:74:cb:e0:75:fd:15:
f1:33:8d:e0:0b:c4:8f:98:b8:31:e7:43:99:94:92:12:fe:a2:
3b:1f:c4:1c:a5:8a:20:ed:c7:2c:7a:93:0b:ad:f6:ac:f5:47:
51:62:c5:84:b4:8a:6e:80:02:93:d8:1c:c3:40:48:34:b4:48:
ed:42:d4:b9:4b:50:86:9f:b7:2c:42:74:98:bb:0b:b4:36:44:
7d:3c:1f:e8:8e:09:e6:61:6f:7c:c5:e9:29:37:f4:ba:c4:45:
bb:66:78:cf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuMAA94tSWa8YyuHfD3NKxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjMxMTAxMTc0ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2NjNGNjZDYzODA0NTZlM2IwMThmNWQ4NjQ1N2FlMTAxYzE3ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+dQ+vAu38fapI4OJINtDvVfFlT1
Y4HFXvTgM5H4kOy/FbZF55BjiD2erQed2kcMeyi+RKnNA/C1h+cb4z2iMEOPrd3p
cDb5Mi12Yg85E0fFZYFSZN2S34uJGw4R5HaqusFdZm4ateid8cELyre2fV2xEKMv
jaD8J1cRhT25AS2kP/KY2PkqodCgvHTOtpB0jmKXU4xOj3H+dNpoayv3Nly+bkKd
vvDfPoZIVh3vIt9zPnnA+i0r0npjbWq/m6PORiyHHPL6SGv7uo9lqjCpfBTcPY6Z
OMXeJ9WUopgAVHc77UhJysLbyozowV0Sl5yU+TqcaIxr4pU1LyhuUFvgOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJfMTM1jgEVuOwGPXYZFeuEBwX5VMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvbDh4TXpXT0FSVzQ3QVk5ZGhrVjY0UUhCZmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ2bkAwQA
yzdRMA0EAgACMAcDBQAqE8fAMA0GCSqGSIb3DQEBCwUAA4IBAQAL8Vqds6RovpCk
SLgGlfFU80QbrVftzDeQf1dFX/ZGc0nyfIKbx94upT/aGB+yRVou4BWrEAFhADMu
xrh04WoBW3dC4UDrT/XzlYS+uGLug3PleTRQAF0ccI4YJqSQDdUV74doriKtzgnX
ootpID0YE9LIXDpQsWwhGv+zuacYcwIJQKxPdFxURJebn0jtNy2AsBN1FGxBI14w
ztJ0y+B1/RXxM43gC8SPmLgx50OZlJIS/qI7H8QcpYog7ccsepMLrfas9UdRYsWE
tIpugAKT2BzDQEg0tEjtQtS5S1CGn7csQnSYuwu0NkR9PB/ojgnmYW98xekpN/S6
xEW7ZnjP
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:38:05 2025 by rpki-client