Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/l02YYe3mL2Zw-G9dFs4HX8hYKa0.roa
File: l02YYe3mL2Zw-G9dFs4HX8hYKa0.roa (raw, json)
Hash identifier: herMtwwjmOX9w0S0DbG7f/FY6raU2CakUgzxu3D4C68=
Subject key identifier: 97:4D:98:61:ED:E6:2F:66:70:F8:6F:5D:16:CE:07:5F:C8:58:29:AD
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 425CFFFA
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/l02YYe3mL2Zw-G9dFs4HX8hYKa0.roa
Signing time: Sat 01 Jan 2022 14:03:02 +0000
ROA not before: Sat 01 Jan 2022 14:03:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20625
IP address blocks: 194.14.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1113391098 (0x425cfffa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=974d9861ede62f6670f86f5d16ce075fc85829ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e3:5c:2b:c8:1e:da:09:4d:44:ca:72:65:4d:
37:4c:ef:b2:d7:43:10:78:0d:06:f8:7a:4f:fe:dc:
c5:f8:fe:b6:64:bd:23:81:23:ea:e2:26:45:0e:c7:
d9:46:65:76:80:b1:de:1e:19:be:3d:a1:b8:39:d7:
9e:db:51:6f:fb:42:e7:d2:74:78:09:c3:51:23:97:
b8:78:71:e6:f4:0b:40:c8:4f:c5:b1:18:73:59:27:
03:ec:8b:ac:73:ce:10:24:24:13:f0:04:0d:51:a0:
0f:b5:ee:40:0c:55:71:97:d0:55:9a:29:f9:f2:03:
07:71:fb:64:43:25:3d:98:3c:ac:04:a1:7f:7f:c2:
d4:47:1b:36:c7:14:37:c8:9a:87:1a:78:f2:ea:bf:
e8:24:2a:21:4c:af:bb:f9:cd:da:59:2c:f5:cc:e9:
9b:28:ae:2a:44:a4:b2:57:e8:7c:8e:99:82:a4:66:
35:ec:76:c1:0d:8e:f0:c0:47:7a:47:bb:d6:ba:23:
5f:cb:5c:0b:30:d6:a0:da:e4:76:05:71:05:15:21:
84:ec:29:84:84:e2:54:f4:33:b8:79:5e:93:c4:a5:
a0:94:d9:b7:a9:8a:f5:e9:8b:82:e3:10:c2:32:8a:
29:06:c9:07:cc:cd:fc:81:e1:14:29:68:36:a0:11:
70:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:4D:98:61:ED:E6:2F:66:70:F8:6F:5D:16:CE:07:5F:C8:58:29:AD
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/l02YYe3mL2Zw-G9dFs4HX8hYKa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.14.103.0/24
Signature Algorithm: sha256WithRSAEncryption
91:6f:32:0e:95:0e:f4:55:b6:d9:06:52:43:39:d8:bb:a5:ad:
7c:00:05:52:eb:f6:6a:cf:2c:73:22:84:0f:c0:41:ea:ab:f0:
e5:27:b7:94:eb:19:43:c3:39:5f:d0:63:79:8b:da:34:7a:34:
c7:b6:e4:d8:59:cb:c7:bd:c0:4c:4a:17:52:68:dd:57:71:0c:
e6:19:87:7a:04:3f:a4:d5:39:c2:b8:5d:e4:27:22:41:26:05:
6c:23:08:9f:42:77:f1:ce:ef:40:a4:35:2f:a5:68:32:ba:38:
50:fb:c2:b6:6b:3d:1c:6c:35:f9:11:83:72:94:c1:a7:aa:f8:
17:d1:c4:ea:03:b6:ae:c7:f3:7c:e4:c3:7f:0f:52:04:8b:01:
b3:85:f5:2c:d0:84:e3:6b:d7:be:68:f2:3c:0f:32:9d:b7:c2:
ca:b2:01:36:fd:9f:a6:61:88:6c:be:65:08:5b:42:4d:49:dc:
2d:ba:f4:4e:bc:70:3e:b2:63:b8:20:ac:ff:c7:cb:78:53:62:
dc:bc:ca:1e:71:44:ec:7a:0a:73:77:29:ea:d8:be:6f:15:0f:
fc:a1:30:06:79:2e:dc:99:db:06:04:b7:cb:ee:d8:2c:67:69:
b9:c5:7a:7a:af:b8:9f:79:f8:66:6d:61:35:07:85:65:bc:4d:
b8:13:70:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQlz/+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc0ZDk4NjFlZGU2
MmY2NjcwZjg2ZjVkMTZjZTA3NWZjODU4MjlhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDjXCvIHtoJTUTKcmVNN0zvstdDEHgNBvh6T/7cxfj+tmS9
I4Ej6uImRQ7H2UZldoCx3h4Zvj2huDnXnttRb/tC59J0eAnDUSOXuHhx5vQLQMhP
xbEYc1knA+yLrHPOECQkE/AEDVGgD7XuQAxVcZfQVZop+fIDB3H7ZEMlPZg8rASh
f3/C1EcbNscUN8iahxp48uq/6CQqIUyvu/nN2lks9czpmyiuKkSkslfofI6ZgqRm
Nex2wQ2O8MBHeke71rojX8tcCzDWoNrkdgVxBRUhhOwphITiVPQzuHlek8SloJTZ
t6mK9emLguMQwjKKKQbJB8zN/IHhFCloNqARcHMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSXTZhh7eYvZnD4b10WzgdfyFgprTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L2wwMllZZTNtTDJady1HOWRGczRIWDhoWUthMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIOZzANBgkqhkiG9w0BAQsFAAOC
AQEAkW8yDpUO9FW22QZSQznYu6WtfAAFUuv2as8scyKED8BB6qvw5Se3lOsZQ8M5
X9BjeYvaNHo0x7bk2FnLx73ATEoXUmjdV3EM5hmHegQ/pNU5wrhd5CciQSYFbCMI
n0J38c7vQKQ1L6VoMro4UPvCtms9HGw1+RGDcpTBp6r4F9HE6gO2rsfzfOTDfw9S
BIsBs4X1LNCE42vXvmjyPA8ynbfCyrIBNv2fpmGIbL5lCFtCTUncLbr0TrxwPrJj
uCCs/8fLeFNi3LzKHnFE7HoKc3cp6ti+bxUP/KEwBnku3JnbBgS3y+7YLGdpucV6
eq+4n3n4Zm1hNQeFZbxNuBNwSA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:55 2025 by rpki-client