Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/yTwjtwQE-gxcbidQaCAGhSBw2Uw.roa
File: yTwjtwQE-gxcbidQaCAGhSBw2Uw.roa (raw, json)
Hash identifier: 4co1kTyT/3Z94E+5P8m1S62mtRlTElmbYZkxEp9DjDE=
Subject key identifier: C9:3C:23:B7:04:04:FA:0C:5C:6E:27:50:68:20:06:85:20:70:D9:4C
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018AD84A1081A4075BE7270E1F186D06C63D
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/yTwjtwQE-gxcbidQaCAGhSBw2Uw.roa
Signing time: Wed 27 Sep 2023 20:17:27 +0000
ROA not before: Wed 27 Sep 2023 20:17:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39421
IP address blocks: 203.55.81.0/24 maxlen: 24
2a13:c7c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d8:4a:10:81:a4:07:5b:e7:27:0e:1f:18:6d:06:c6:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Sep 27 20:17:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c93c23b70404fa0c5c6e2750682006852070d94c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:91:81:c8:78:86:d1:44:8d:30:05:3e:68:5e:
5c:cf:34:71:27:57:fc:8f:00:25:de:74:d5:4e:e4:
a7:c3:8e:ed:d7:bd:5d:64:73:69:b6:0e:9c:e4:26:
43:f3:0a:73:02:9d:99:41:d8:55:83:5d:e5:d4:a4:
e2:8b:9a:96:88:40:11:88:26:ce:16:6a:01:1d:88:
17:d2:fe:6d:ef:a3:fd:ac:eb:8a:fe:e7:40:2a:d9:
f6:bb:44:ee:87:32:53:51:25:9a:bd:34:90:3a:58:
5b:fb:cb:49:b6:8a:2d:29:69:ea:99:fd:3f:68:06:
f3:b7:a1:3f:f9:44:30:8d:d3:71:25:93:24:74:72:
8c:ff:ed:a6:7e:3a:e1:e9:9b:6f:eb:9d:f1:ee:4a:
aa:d7:f6:36:10:db:64:f6:57:d1:86:f8:04:85:1b:
6d:5b:e3:71:48:f6:06:4a:c5:37:75:ea:93:7b:fa:
6e:55:0d:e3:db:0b:1c:1a:1e:95:c3:1d:c8:e4:fb:
ba:b7:de:6c:ca:99:40:b7:89:bd:01:96:60:5f:82:
76:5e:07:9c:bd:ee:6e:df:52:02:9d:c1:a8:74:c9:
22:24:4e:bf:54:f8:e9:f8:f4:ee:d9:c3:ea:2f:34:
75:d1:64:58:ed:bb:51:54:81:f6:17:b1:e4:66:86:
cf:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3C:23:B7:04:04:FA:0C:5C:6E:27:50:68:20:06:85:20:70:D9:4C
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/yTwjtwQE-gxcbidQaCAGhSBw2Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.55.81.0/24
IPv6:
2a13:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
2b:cb:66:f5:3f:96:b6:a0:e7:c4:d3:aa:0a:13:21:3b:8f:45:
ae:96:28:e3:07:41:23:54:e2:85:68:22:5a:02:0d:36:90:48:
d0:fa:a5:19:6c:aa:e9:1a:97:c3:14:90:58:2b:e8:eb:9c:77:
52:9f:c0:ee:2b:8f:05:9b:5a:64:85:c7:35:3e:6e:71:c0:33:
3d:d2:e9:f8:07:91:8d:68:ce:ca:ad:34:1a:a8:6d:94:13:ff:
9f:8a:e7:7b:fc:ce:23:1f:99:cd:c4:0a:82:84:dc:18:31:aa:
c6:7c:91:d2:51:f3:29:36:26:ae:b4:39:fe:71:a6:70:aa:d5:
49:93:7e:b4:39:b2:41:86:f9:3a:99:cd:16:1f:85:9d:0a:af:
af:aa:92:1c:fc:ab:1a:54:2f:db:37:3c:af:11:09:53:a1:8d:
d1:90:51:43:e2:5d:3d:7a:e1:d5:f6:25:47:bb:65:2e:7d:92:
1f:a6:a1:d0:e9:30:49:b4:74:85:fd:6a:34:86:23:ee:dd:3d:
2b:09:bc:0d:73:16:73:5c:e4:e4:d9:31:91:8b:15:10:cf:b5:
ac:24:16:fa:40:ba:10:a0:bb:7b:83:86:73:e6:f8:50:d3:06:
b5:9f:b8:01:89:62:df:ca:ab:dc:31:e8:f8:1c:9b:a9:20:a2:
d6:ca:fc:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrYShCBpAdb5ycOHxhtBsY9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjMwOTI3MjAxNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTNjMjNiNzA0MDRmYTBjNWM2ZTI3NTA2ODIwMDY4NTIwNzBkOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJGByHiG0USNMAU+aF5czzRxJ1f8
jwAl3nTVTuSnw47t171dZHNptg6c5CZD8wpzAp2ZQdhVg13l1KTii5qWiEARiCbO
FmoBHYgX0v5t76P9rOuK/udAKtn2u0TuhzJTUSWavTSQOlhb+8tJtootKWnqmf0/
aAbzt6E/+UQwjdNxJZMkdHKM/+2mfjrh6Ztv653x7kqq1/Y2ENtk9lfRhvgEhRtt
W+NxSPYGSsU3deqTe/puVQ3j2wscGh6Vwx3I5Pu6t95syplAt4m9AZZgX4J2Xgec
ve5u31ICncGodMkiJE6/VPjp+PTu2cPqLzR10WRY7btRVIH2F7HkZobPnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMk8I7cEBPoMXG4nUGggBoUgcNlMMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEveVR3anR3UUUtZ3hjYmlkUWFDQUdoU0J3MlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAyzdRMA0E
AgACMAcDBQAqE8fAMA0GCSqGSIb3DQEBCwUAA4IBAQAry2b1P5a2oOfE06oKEyE7
j0WulijjB0EjVOKFaCJaAg02kEjQ+qUZbKrpGpfDFJBYK+jrnHdSn8DuK48Fm1pk
hcc1Pm5xwDM90un4B5GNaM7KrTQaqG2UE/+fiud7/M4jH5nNxAqChNwYMarGfJHS
UfMpNiautDn+caZwqtVJk360ObJBhvk6mc0WH4WdCq+vqpIc/KsaVC/bNzyvEQlT
oY3RkFFD4l09euHV9iVHu2UufZIfpqHQ6TBJtHSF/Wo0hiPu3T0rCbwNcxZzXOTk
2TGRixUQz7WsJBb6QLoQoLt7g4Zz5vhQ0wa1n7gBiWLfyqvcMej4HJupIKLWyvx5
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:48:15 2025 by rpki-client