Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/R1kHrEJDhfTCv_EyHJ4f3Nq2bP0.roa
File: R1kHrEJDhfTCv_EyHJ4f3Nq2bP0.roa (raw, json)
Hash identifier: /CUtfxsiquBcU0z+h+1NNL097NGztXd107HMmJ2KhLE=
Subject key identifier: 47:59:07:AC:42:43:85:F4:C2:BF:F1:32:1C:9E:1F:DC:DA:B6:6C:FD
Certificate issuer: /CN=877aad307ad330ebb8cf44ec21389a170436fd53
Certificate serial: 01856CEF1BB5584256398B9CAFAFF16AF3EA
Authority key identifier: 87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/R1kHrEJDhfTCv_EyHJ4f3Nq2bP0.roa
Signing time: Sun 01 Jan 2023 10:44:47 +0000
ROA not before: Sun 01 Jan 2023 10:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199272
IP address blocks: 185.14.25.0/24 maxlen: 24
185.14.27.0/24 maxlen: 24
185.14.26.0/24 maxlen: 24
185.14.24.0/22 maxlen: 22
185.14.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:1b:b5:58:42:56:39:8b:9c:af:af:f1:6a:f3:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=877aad307ad330ebb8cf44ec21389a170436fd53
Validity
Not Before: Jan 1 10:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=475907ac424385f4c2bff1321c9e1fdcdab66cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:64:cc:53:6d:ad:42:83:3b:f3:1a:92:09:2c:
17:c9:87:f6:90:c7:07:0a:f2:d2:da:f7:5d:33:f5:
c4:ac:9c:e3:ed:b4:26:f0:cb:18:8d:96:b7:7a:2c:
55:be:8c:86:5b:53:68:39:64:f5:a2:0c:80:47:e1:
9e:65:09:1c:64:b8:d8:e5:5a:de:5a:bb:c8:1d:bc:
d9:38:85:86:8a:c4:62:05:15:28:11:fe:ea:9d:00:
b1:2d:1e:34:70:27:a8:90:35:10:1f:dc:95:16:47:
78:40:e0:2b:7b:26:90:bd:37:51:9a:dd:74:02:a8:
92:70:68:a4:25:8a:6d:ef:94:63:cf:d2:f2:6c:f8:
d5:02:3a:f1:92:df:ee:7b:0b:6a:d4:a5:6b:c6:c8:
c8:ba:df:44:63:97:03:af:08:31:b3:cb:bb:56:3d:
bc:e3:19:9e:38:80:be:72:18:1b:d2:2d:b3:ee:a0:
ed:66:e5:bd:5f:48:74:64:64:33:fc:e4:ec:b7:a6:
85:97:1a:b2:7d:10:14:99:eb:46:30:fe:da:dd:58:
b0:92:36:6f:f4:1b:d0:06:24:4a:3c:1e:f1:96:90:
7a:a8:aa:c0:2f:26:aa:5a:80:64:6c:e6:21:fb:67:
43:4c:01:dc:ff:22:25:ac:08:3a:50:36:9e:37:d5:
00:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:59:07:AC:42:43:85:F4:C2:BF:F1:32:1C:9E:1F:DC:DA:B6:6C:FD
X509v3 Authority Key Identifier:
keyid:87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/R1kHrEJDhfTCv_EyHJ4f3Nq2bP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.24.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:66:cb:f0:c0:e5:0b:ca:8f:be:1e:3d:7a:5f:8e:84:f4:15:
3f:ed:61:21:60:54:79:ad:dc:12:41:ec:60:08:d3:ec:b5:e0:
32:02:86:2e:ea:1d:68:c3:19:4b:36:e4:fe:e4:42:bf:50:f3:
06:fa:92:8a:fc:34:93:a1:e6:cf:d6:a5:ba:c7:7a:b4:56:bc:
d9:20:7b:65:bf:69:ae:3b:8b:54:e5:03:4c:6c:f8:29:50:9e:
c6:f2:5c:79:1e:80:28:c2:97:3d:b7:d4:54:5c:31:d2:4c:9f:
c8:32:33:53:42:d2:13:d9:88:26:c1:62:97:a8:25:06:d0:e0:
2c:47:93:64:ae:f4:7c:21:26:e5:e8:48:3f:4d:51:1b:19:92:
70:9e:94:51:8e:d5:83:37:9b:a8:02:0f:e2:ea:04:66:e9:c5:
90:e7:35:ec:8e:71:eb:4a:93:ff:d8:a9:a4:91:69:9e:74:9f:
fe:5e:b7:c3:10:49:7d:7a:06:4a:73:2d:f6:8a:49:fa:84:a2:
01:af:ce:80:32:50:d5:82:1f:05:36:4d:5f:08:1e:d0:31:6b:
69:2d:19:6c:b7:f8:0e:91:68:fd:fe:d1:2a:6b:b5:61:25:c1:
19:97:d0:28:bc:29:b1:14:3b:80:8c:f8:55:8e:d5:f9:6f:4b:
52:07:25:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7xu1WEJWOYucr6/xavPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3N2FhZDMwN2FkMzMwZWJiOGNmNDRlYzIxMzg5YTE3MDQz
NmZkNTMwHhcNMjMwMTAxMTA0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzU5MDdhYzQyNDM4NWY0YzJiZmYxMzIxYzllMWZkY2RhYjY2Y2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGTMU22tQoM78xqSCSwXyYf2kMcH
CvLS2vddM/XErJzj7bQm8MsYjZa3eixVvoyGW1NoOWT1ogyAR+GeZQkcZLjY5Vre
WrvIHbzZOIWGisRiBRUoEf7qnQCxLR40cCeokDUQH9yVFkd4QOAreyaQvTdRmt10
AqiScGikJYpt75Rjz9LybPjVAjrxkt/uewtq1KVrxsjIut9EY5cDrwgxs8u7Vj28
4xmeOIC+chgb0i2z7qDtZuW9X0h0ZGQz/OTst6aFlxqyfRAUmetGMP7a3ViwkjZv
9BvQBiRKPB7xlpB6qKrALyaqWoBkbOYh+2dDTAHc/yIlrAg6UDaeN9UAUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdZB6xCQ4X0wr/xMhyeH9zatmz9MB8GA1UdIwQY
MBaAFId6rTB60zDruM9E7CE4mhcENv1TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUt
NTA4MDk5YzEzM2JiLzEvUjFrSHJFSkRoZlRDdl9FeUhKNGYzTnEyYlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUtNTA4MDk5YzEzM2Ji
LzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ4YMA0G
CSqGSIb3DQEBCwUAA4IBAQBMZsvwwOULyo++Hj16X46E9BU/7WEhYFR5rdwSQexg
CNPsteAyAoYu6h1owxlLNuT+5EK/UPMG+pKK/DSToebP1qW6x3q0VrzZIHtlv2mu
O4tU5QNMbPgpUJ7G8lx5HoAowpc9t9RUXDHSTJ/IMjNTQtIT2YgmwWKXqCUG0OAs
R5NkrvR8ISbl6Eg/TVEbGZJwnpRRjtWDN5uoAg/i6gRm6cWQ5zXsjnHrSpP/2Kmk
kWmedJ/+XrfDEEl9egZKcy32ikn6hKIBr86AMlDVgh8FNk1fCB7QMWtpLRlst/gO
kWj9/tEqa7VhJcEZl9AovCmxFDuAjPhVjtX5b0tSByUE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:49 2025 by rpki-client