Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/uXVsr77nTGYwoALp33kq85MLljo.roa
File: uXVsr77nTGYwoALp33kq85MLljo.roa (raw, json)
Hash identifier: UMbz1Jzxds21sCmgijVplkamd2JRyLGXDPYtpDxsWIc=
Subject key identifier: B9:75:6C:AF:BE:E7:4C:66:30:A0:02:E9:DF:79:2A:F3:93:0B:96:3A
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018BAF44B486580E66914F8F4B499C8C8A49
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/uXVsr77nTGYwoALp33kq85MLljo.roa
Signing time: Wed 08 Nov 2023 14:09:57 +0000
ROA not before: Wed 08 Nov 2023 14:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216167
IP address blocks: 103.102.228.0/22 maxlen: 24
203.55.81.0/24 maxlen: 24
2a13:c7c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:44:b4:86:58:0e:66:91:4f:8f:4b:49:9c:8c:8a:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Nov 8 14:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9756cafbee74c6630a002e9df792af3930b963a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:97:4f:a2:66:b3:cd:91:6a:ae:9a:2e:6d:6a:
0d:1d:8f:14:13:23:b1:bd:77:4f:2f:91:b4:a4:f2:
30:5c:44:21:14:73:93:b2:3c:a0:aa:e9:d9:7c:4e:
3f:05:04:80:3b:7b:25:d7:78:73:24:c6:43:10:6a:
92:84:d6:22:d4:82:e7:d1:00:6e:d0:19:7c:ed:18:
78:0d:ed:0f:27:0f:b7:63:f4:df:b9:23:bd:d1:78:
a6:ad:57:c9:6f:04:d3:73:ff:10:43:9b:3e:23:c7:
f8:f3:9a:84:29:c0:d9:e8:fd:36:a3:73:cd:2a:f0:
e8:d3:16:5f:24:5a:bf:28:a0:75:8e:cc:55:f9:03:
f4:66:73:f7:77:24:1d:62:ad:85:1d:a9:02:5c:b0:
19:01:f8:21:b2:c9:47:ce:6b:a6:ef:b9:ef:13:64:
bf:da:88:0b:4b:c6:2a:e4:a9:96:bc:c4:b7:37:6c:
48:c7:2a:83:a0:40:06:f8:20:35:23:9a:44:4e:6b:
24:ee:e5:41:a9:a8:63:b8:89:21:1d:d0:1d:9b:d6:
e7:4b:fa:fe:10:c0:74:a7:78:0a:67:03:e2:c9:81:
6b:ce:24:dd:b6:a1:bd:77:e9:1c:8b:4e:51:3e:46:
fc:70:1b:6c:0a:18:09:7a:e5:65:9b:cb:a0:cf:54:
f3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:75:6C:AF:BE:E7:4C:66:30:A0:02:E9:DF:79:2A:F3:93:0B:96:3A
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/uXVsr77nTGYwoALp33kq85MLljo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.228.0/22
203.55.81.0/24
IPv6:
2a13:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
16:02:cc:53:dc:58:5b:ef:7d:47:87:df:cd:bd:1b:50:40:90:
e5:39:3a:c1:a7:de:73:c5:fa:78:eb:0b:be:5b:0a:1a:2d:c6:
14:65:43:59:de:a4:44:2c:fc:d8:66:6a:2a:21:59:ba:cd:3a:
17:ca:e1:de:78:04:ff:51:e9:4b:5d:2e:2d:40:7c:a8:a9:cf:
da:e2:27:92:37:00:ed:bd:0c:92:24:3e:f1:6f:cc:ae:87:d4:
5f:78:1d:e7:2c:85:45:0b:30:40:42:fb:7c:86:14:d6:95:06:
f8:ca:52:6d:f5:8c:9e:c3:ff:d4:ea:f4:1e:5f:a0:9a:29:44:
2c:dd:7d:03:cd:ce:fd:16:07:ac:35:77:cb:cc:29:80:45:e7:
f4:e6:7d:cb:95:e5:56:0b:e5:70:22:21:8a:0e:11:71:f5:8e:
56:ed:99:bb:69:5e:53:ec:ff:da:28:97:90:da:79:b0:30:b7:
7c:c2:e9:28:8f:2c:41:3e:0d:61:62:e2:6b:0d:3e:c9:61:53:
ec:93:d6:34:79:cf:25:8c:eb:10:47:3e:72:e6:62:bb:a1:d1:
07:7e:1c:2c:47:a4:29:df:86:ff:ad:3c:46:a6:75:de:04:c4:
63:6d:65:69:9d:0e:fb:e3:b7:6b:bd:f3:90:23:b4:38:06:49:
4b:4f:6a:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuvRLSGWA5mkU+PS0mcjIpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjMxMTA4MTQwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTc1NmNhZmJlZTc0YzY2MzBhMDAyZTlkZjc5MmFmMzkzMGI5NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5dPomazzZFqrpoubWoNHY8UEyOx
vXdPL5G0pPIwXEQhFHOTsjygqunZfE4/BQSAO3sl13hzJMZDEGqShNYi1ILn0QBu
0Bl87Rh4De0PJw+3Y/TfuSO90XimrVfJbwTTc/8QQ5s+I8f485qEKcDZ6P02o3PN
KvDo0xZfJFq/KKB1jsxV+QP0ZnP3dyQdYq2FHakCXLAZAfghsslHzmum77nvE2S/
2ogLS8Yq5KmWvMS3N2xIxyqDoEAG+CA1I5pETmsk7uVBqahjuIkhHdAdm9bnS/r+
EMB0p3gKZwPiyYFrziTdtqG9d+kci05RPkb8cBtsChgJeuVlm8ugz1TzGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLl1bK++50xmMKAC6d95KvOTC5Y6MB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvdVhWc3I3N25UR1l3b0FMcDMza3E4NU1MbGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ2bkAwQA
yzdRMA0EAgACMAcDBQAqE8fAMA0GCSqGSIb3DQEBCwUAA4IBAQAWAsxT3Fhb731H
h9/NvRtQQJDlOTrBp95zxfp46wu+WwoaLcYUZUNZ3qRELPzYZmoqIVm6zToXyuHe
eAT/UelLXS4tQHyoqc/a4ieSNwDtvQySJD7xb8yuh9RfeB3nLIVFCzBAQvt8hhTW
lQb4ylJt9Yyew//U6vQeX6CaKUQs3X0Dzc79FgesNXfLzCmARef05n3LleVWC+Vw
IiGKDhFx9Y5W7Zm7aV5T7P/aKJeQ2nmwMLd8wukojyxBPg1hYuJrDT7JYVPsk9Y0
ec8ljOsQRz5y5mK7odEHfhwsR6Qp34b/rTxGpnXeBMRjbWVpnQ7747drvfOQI7Q4
BklLT2oJ
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:32:15 2025 by rpki-client