Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/Ox1h9JspxNGErWlqNkrF2S5lhsE.roa
File: Ox1h9JspxNGErWlqNkrF2S5lhsE.roa (raw, json)
Hash identifier: dOwcqgRPlmGD8MtmYonYQ0hmNXIhK5PhXTiUe4cNMr0=
Subject key identifier: 3B:1D:61:F4:9B:29:C4:D1:84:AD:69:6A:36:4A:C5:D9:2E:65:86:C1
Certificate issuer: /CN=418d54b55b192a248b847234dba512f9760cabfa
Certificate serial: 018653E9BD653E7D884F562BB3A6BB647EEE
Authority key identifier: 41:8D:54:B5:5B:19:2A:24:8B:84:72:34:DB:A5:12:F9:76:0C:AB:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QY1UtVsZKiSLhHI026US-XYMq_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/Ox1h9JspxNGErWlqNkrF2S5lhsE.roa
Signing time: Wed 15 Feb 2023 07:11:12 +0000
ROA not before: Wed 15 Feb 2023 07:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48252
IP address blocks: 185.14.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:53:e9:bd:65:3e:7d:88:4f:56:2b:b3:a6:bb:64:7e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=418d54b55b192a248b847234dba512f9760cabfa
Validity
Not Before: Feb 15 07:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b1d61f49b29c4d184ad696a364ac5d92e6586c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:13:9f:68:ea:a7:5f:dd:c9:dc:c8:2e:2f:12:
07:04:75:07:e5:be:d9:68:1c:88:d9:bb:20:ff:e0:
6d:84:05:67:e2:5a:16:2d:01:f3:bd:78:80:f7:40:
e2:64:69:dd:48:68:2e:0e:89:db:81:23:79:64:9a:
b6:07:c0:da:c9:ca:22:e1:60:8c:bd:c8:44:4a:73:
d4:a1:fe:c8:21:99:86:e0:2e:30:54:b0:1e:a9:76:
ad:e4:de:3e:cc:a9:ff:1c:c9:f1:c7:4c:db:98:4b:
f1:89:d4:fb:1c:dd:1c:46:56:81:48:95:af:72:a6:
f0:40:12:f3:c0:ea:65:e4:bc:01:1b:72:de:bf:82:
49:12:5f:da:fa:c9:35:cf:16:d5:7a:eb:f5:ea:cb:
09:42:20:04:c9:de:de:77:13:9d:cf:53:8b:89:24:
49:9b:99:62:43:68:d4:4d:04:0c:7d:f7:57:de:93:
44:b5:7c:b5:80:db:2e:fc:f9:c5:f2:aa:27:c3:82:
d4:e8:91:8d:35:75:90:ce:9b:7b:d8:57:ea:46:a6:
d7:1a:8c:9a:1d:1c:af:f3:7d:30:d7:31:a3:05:db:
94:67:b0:c8:0c:a3:46:35:a4:ce:93:f3:05:af:24:
ca:65:f4:7a:08:a0:67:27:0e:77:09:97:e0:a9:ab:
5b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:1D:61:F4:9B:29:C4:D1:84:AD:69:6A:36:4A:C5:D9:2E:65:86:C1
X509v3 Authority Key Identifier:
keyid:41:8D:54:B5:5B:19:2A:24:8B:84:72:34:DB:A5:12:F9:76:0C:AB:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QY1UtVsZKiSLhHI026US-XYMq_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/Ox1h9JspxNGErWlqNkrF2S5lhsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.99.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:34:17:c7:62:99:17:03:4e:a3:60:a6:c4:13:50:0f:5f:2a:
97:2b:67:2e:b4:dd:cb:63:ae:bf:15:59:c4:09:ad:05:59:18:
99:8d:b1:ad:3e:c6:b9:fa:63:69:79:5f:d4:74:33:43:dd:6c:
df:9f:75:f3:c9:fb:9d:aa:e2:af:1a:c9:6d:04:34:b1:d1:b3:
01:d7:dc:56:82:92:e9:31:bf:eb:7e:50:d8:ac:c6:d1:9a:51:
ea:3a:63:ed:f9:8a:34:05:84:33:89:20:0d:ee:a2:99:56:94:
b2:cf:8f:c8:5f:9c:00:9b:a7:9f:08:f3:82:68:e0:ea:97:05:
d9:2f:0c:9a:9e:6e:88:89:4b:98:5d:1a:a7:5e:de:88:25:86:
88:6a:92:c1:b9:05:e9:20:11:84:3c:76:0e:4a:13:0c:3c:b5:
ec:23:11:48:d9:bb:16:54:ba:c0:46:37:7e:76:62:2a:65:8a:
5e:e6:e8:d1:18:05:53:0d:45:e2:65:7b:28:d8:39:86:f7:be:
9a:90:db:15:cd:ec:cc:50:82:ab:75:20:a5:a0:97:60:bf:67:
54:9b:e9:b1:c7:2c:9f:85:cc:49:79:f8:eb:6d:dd:e2:75:87:
d1:37:38:2c:fa:19:e8:c9:c5:45:4a:e6:ea:b1:09:5a:87:e0:
f5:72:ab:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZT6b1lPn2IT1Yrs6a7ZH7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOGQ1NGI1NWIxOTJhMjQ4Yjg0NzIzNGRiYTUxMmY5NzYw
Y2FiZmEwHhcNMjMwMjE1MDcxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjFkNjFmNDliMjljNGQxODRhZDY5NmEzNjRhYzVkOTJlNjU4NmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmROfaOqnX93J3MguLxIHBHUH5b7Z
aByI2bsg/+BthAVn4loWLQHzvXiA90DiZGndSGguDonbgSN5ZJq2B8Daycoi4WCM
vchESnPUof7IIZmG4C4wVLAeqXat5N4+zKn/HMnxx0zbmEvxidT7HN0cRlaBSJWv
cqbwQBLzwOpl5LwBG3Lev4JJEl/a+sk1zxbVeuv16ssJQiAEyd7edxOdz1OLiSRJ
m5liQ2jUTQQMffdX3pNEtXy1gNsu/PnF8qonw4LU6JGNNXWQzpt72FfqRqbXGoya
HRyv830w1zGjBduUZ7DIDKNGNaTOk/MFryTKZfR6CKBnJw53CZfgqatbcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsdYfSbKcTRhK1pajZKxdkuZYbBMB8GA1UdIwQY
MBaAFEGNVLVbGSoki4RyNNulEvl2DKv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVkxVXRWc1pLaVNMaEhJMDI2VVMtWFlNcV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iNDM4NTctMDIxYy00MjYyLWIxODMt
MWQ3N2NmMmE3MTAwLzEvT3gxaDlKc3B4TkdFcldscU5rckYyUzVsaHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iNDM4NTctMDIxYy00MjYyLWIxODMtMWQ3N2NmMmE3MTAw
LzEvUVkxVXRWc1pLaVNMaEhJMDI2VVMtWFlNcV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ5jMA0G
CSqGSIb3DQEBCwUAA4IBAQCwNBfHYpkXA06jYKbEE1APXyqXK2cutN3LY66/FVnE
Ca0FWRiZjbGtPsa5+mNpeV/UdDND3Wzfn3XzyfudquKvGsltBDSx0bMB19xWgpLp
Mb/rflDYrMbRmlHqOmPt+Yo0BYQziSAN7qKZVpSyz4/IX5wAm6efCPOCaODqlwXZ
Lwyanm6IiUuYXRqnXt6IJYaIapLBuQXpIBGEPHYOShMMPLXsIxFI2bsWVLrARjd+
dmIqZYpe5ujRGAVTDUXiZXso2DmG976akNsVzezMUIKrdSCloJdgv2dUm+mxxyyf
hcxJefjrbd3idYfRNzgs+hnoycVFSubqsQlah+D1cqv1
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:19:05 2025 by rpki-client