Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/eCjFlm-i_H2v8mV3ZyYl0jJATb0.roa
File: eCjFlm-i_H2v8mV3ZyYl0jJATb0.roa (raw, json)
Hash identifier: 5pyQxX1WuP7yaOQksZ5ZxEIHxYk7GJHFq0xtYJSA+II=
Subject key identifier: 78:28:C5:96:6F:A2:FC:7D:AF:F2:65:77:67:26:25:D2:32:40:4D:BD
Certificate issuer: /CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Certificate serial: 01856DC1AC3B2FE9D933813EB75F327A4AFF
Authority key identifier: CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/eCjFlm-i_H2v8mV3ZyYl0jJATb0.roa
Signing time: Sun 01 Jan 2023 14:34:47 +0000
ROA not before: Sun 01 Jan 2023 14:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43116
IP address blocks: 213.144.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:ac:3b:2f:e9:d9:33:81:3e:b7:5f:32:7a:4a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Validity
Not Before: Jan 1 14:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7828c5966fa2fc7daff26577672625d232404dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fe:35:89:8c:fd:0a:82:b5:50:f2:d7:c0:ea:
95:08:7b:61:33:56:6f:48:39:1a:bf:04:ab:87:37:
ca:fa:e9:2d:c2:79:62:80:53:3e:5a:49:24:48:6b:
60:ba:05:59:23:ea:9e:2f:27:34:99:b9:27:31:dd:
a5:1d:82:13:fd:f7:c1:91:7a:83:61:0b:ec:ae:18:
bd:44:f3:93:6f:d0:b3:75:ae:bf:39:c5:fa:38:7d:
f5:20:d3:27:e2:76:e6:be:a6:84:07:0b:e8:b3:7c:
e7:27:66:36:5f:1a:e9:63:d9:26:e1:53:71:c3:26:
4e:53:97:40:9c:d5:d7:d0:a9:bd:a1:80:af:21:42:
a6:23:4c:02:f2:69:39:b0:5e:8b:96:71:e6:10:fd:
e8:75:aa:6b:92:2c:ae:61:b1:70:37:f4:64:b8:9a:
15:c9:11:7a:f1:79:0f:cf:69:24:f7:43:f7:a2:99:
94:99:f7:e2:6f:fb:ec:25:4c:6c:f0:2c:37:61:2a:
20:4d:23:6e:40:8f:3a:18:0b:92:45:2d:db:26:b2:
92:ca:f9:ae:0b:84:d0:92:39:03:7d:7e:c0:69:97:
92:28:8c:12:00:8d:53:01:26:77:80:96:79:2d:26:
14:fe:f2:99:61:ae:34:5a:f1:57:2d:fb:31:f6:c7:
94:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:28:C5:96:6F:A2:FC:7D:AF:F2:65:77:67:26:25:D2:32:40:4D:BD
X509v3 Authority Key Identifier:
keyid:CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/eCjFlm-i_H2v8mV3ZyYl0jJATb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.144.102.0/24
Signature Algorithm: sha256WithRSAEncryption
75:61:fb:45:52:bc:8e:61:05:65:8f:6d:9c:1b:28:2c:93:8c:
2c:ea:b8:28:96:90:04:e9:00:95:52:60:e2:61:25:8d:40:0a:
74:82:32:87:1f:0d:63:01:d6:dd:6d:2a:75:39:a8:cd:4c:af:
68:67:8d:dc:c1:88:3e:0e:57:e1:05:2e:00:c1:21:d0:d8:1d:
8b:09:c6:3f:76:53:cc:4c:b8:e9:43:b4:0d:a6:23:79:90:e0:
f6:e9:9b:29:06:c0:38:b4:7a:d4:4a:2b:b1:29:62:7b:da:b0:
82:2e:42:d4:bc:8d:b4:40:f2:84:98:13:39:73:31:e4:dc:05:
91:6a:20:2c:83:74:bb:6b:e7:e0:22:11:3e:e8:e5:72:ef:20:
8d:d5:b2:a3:f6:3e:a7:f7:ef:ef:a9:48:79:f4:0f:8d:52:87:
1e:b7:b7:79:bf:cb:f9:44:fe:ad:42:17:38:6c:b4:48:68:f2:
06:52:99:a2:b3:29:2a:f3:46:0e:6d:3b:3d:37:a4:ff:87:b4:
87:fd:af:56:17:7a:b7:75:89:42:a5:94:00:c0:93:46:e6:9b:
b8:85:b6:02:4a:3b:97:4d:08:a7:54:07:fc:13:f4:25:ec:d1:
c2:94:18:13:cc:e8:a9:e4:e8:e4:f1:ee:a2:56:dc:3e:15:a8:
76:cf:39:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwaw7L+nZM4E+t18yekr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTYyMThjMjBlZmQ4ZmU1M2ZjYTk5OTBiNzI1ZGQ3OTYz
Yzg4NWMwHhcNMjMwMTAxMTQzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODI4YzU5NjZmYTJmYzdkYWZmMjY1Nzc2NzI2MjVkMjMyNDA0ZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf41iYz9CoK1UPLXwOqVCHthM1Zv
SDkavwSrhzfK+uktwnligFM+WkkkSGtgugVZI+qeLyc0mbknMd2lHYIT/ffBkXqD
YQvsrhi9RPOTb9Czda6/OcX6OH31INMn4nbmvqaEBwvos3znJ2Y2XxrpY9km4VNx
wyZOU5dAnNXX0Km9oYCvIUKmI0wC8mk5sF6LlnHmEP3odaprkiyuYbFwN/RkuJoV
yRF68XkPz2kk90P3opmUmffib/vsJUxs8Cw3YSogTSNuQI86GAuSRS3bJrKSyvmu
C4TQkjkDfX7AaZeSKIwSAI1TASZ3gJZ5LSYU/vKZYa40WvFXLfsx9seU+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHgoxZZvovx9r/Jld2cmJdIyQE29MB8GA1UdIwQY
MBaAFMqWIYwg79j+U/ypmQtyXdeWPIhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAt
ZDcxMmQ0NzM4MDQ2LzEvZUNqRmxtLWlfSDJ2OG1WM1p5WWwwakpBVGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAtZDcxMmQ0NzM4MDQ2
LzEveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZBmMA0G
CSqGSIb3DQEBCwUAA4IBAQB1YftFUryOYQVlj22cGygsk4ws6rgolpAE6QCVUmDi
YSWNQAp0gjKHHw1jAdbdbSp1OajNTK9oZ43cwYg+DlfhBS4AwSHQ2B2LCcY/dlPM
TLjpQ7QNpiN5kOD26ZspBsA4tHrUSiuxKWJ72rCCLkLUvI20QPKEmBM5czHk3AWR
aiAsg3S7a+fgIhE+6OVy7yCN1bKj9j6n9+/vqUh59A+NUocet7d5v8v5RP6tQhc4
bLRIaPIGUpmisykq80YObTs9N6T/h7SH/a9WF3q3dYlCpZQAwJNG5pu4hbYCSjuX
TQinVAf8E/Ql7NHClBgTzOip5Ojk8e6iVtw+Fah2zzmS
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:01:27 2025 by rpki-client