Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/F9uFONUFtdx54D3FhS_YMNLTO-g.roa
File: F9uFONUFtdx54D3FhS_YMNLTO-g.roa (raw, json)
Hash identifier: dEzE8X8OYbCEK/0m9d0pfzkTpqdOiK5Wfn++WWobBJM=
Subject key identifier: 17:DB:85:38:D5:05:B5:DC:79:E0:3D:C5:85:2F:D8:30:D2:D3:3B:E8
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0188DAF18F9D431A699901943552DDFA952E
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/F9uFONUFtdx54D3FhS_YMNLTO-g.roa
Signing time: Tue 20 Jun 2023 22:34:03 +0000
ROA not before: Tue 20 Jun 2023 22:34:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 14.102.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:da:f1:8f:9d:43:1a:69:99:01:94:35:52:dd:fa:95:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 20 22:34:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17db8538d505b5dc79e03dc5852fd830d2d33be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:91:f5:eb:03:64:0b:c0:c8:ee:f5:9e:28:dc:
0f:f6:32:0f:b1:65:56:6c:8b:8f:eb:48:00:15:dd:
11:56:ea:ab:6e:50:b0:07:e9:09:f6:d7:6a:a9:f1:
2b:74:59:b0:cf:41:a8:e9:93:27:3a:5c:c4:c2:a7:
da:fc:3c:3e:d3:70:b5:e0:58:10:c8:6b:28:dc:33:
b2:0f:60:b2:40:66:80:c0:e5:1e:a6:99:42:7a:87:
69:8e:08:d4:4e:65:ae:11:ef:46:1a:b7:b4:6b:2e:
cc:cd:67:22:e5:42:8b:47:11:bc:df:cf:5d:7c:7c:
98:50:8b:e3:f3:b7:c4:69:1d:2c:63:46:1d:c6:5a:
62:84:96:6f:7e:40:a6:a8:01:79:64:8c:5c:0f:7b:
a7:90:85:97:f2:bc:e0:db:50:56:85:40:21:cb:c0:
c7:be:8f:78:ef:3d:2d:0a:05:38:61:ed:4e:6a:06:
67:39:8a:65:0f:2c:ac:bb:dd:aa:56:e2:67:7f:f3:
d9:72:59:d8:81:7d:97:fa:32:a2:f5:9b:2d:c0:37:
91:a6:98:cc:ff:b9:21:37:11:69:74:5e:35:e9:ac:
db:dc:19:64:03:cf:81:5d:10:56:d6:df:85:f3:c8:
e6:9d:25:a5:09:6f:31:7d:c2:e4:67:30:08:23:ef:
65:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:DB:85:38:D5:05:B5:DC:79:E0:3D:C5:85:2F:D8:30:D2:D3:3B:E8
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/F9uFONUFtdx54D3FhS_YMNLTO-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.228.0/22
Signature Algorithm: sha256WithRSAEncryption
06:35:e2:00:ba:30:53:42:75:f8:08:70:48:a3:6e:b7:ab:72:
24:09:55:a2:a0:97:4e:e1:a7:61:e1:f7:a6:b4:41:48:3e:ab:
0a:97:e4:78:ae:d7:ac:19:3a:16:b5:78:df:50:f9:b9:9e:a9:
02:b6:dc:79:89:78:06:a5:f8:63:a7:ad:52:ff:36:11:57:78:
bb:2d:f5:b4:dc:68:4d:64:bc:1b:44:ac:48:ef:0e:4c:a0:db:
fd:94:5a:2b:cb:9e:e1:d2:68:2c:55:c3:3a:36:04:92:2f:5c:
74:4c:54:02:ad:57:b5:e4:dd:ef:68:0b:d9:ea:76:4b:d4:d9:
d8:37:a9:0d:87:8c:17:2a:64:da:e6:b2:1b:98:f5:a1:75:67:
87:9c:3a:48:c4:d7:4e:48:73:2e:0a:77:25:55:d1:70:36:99:
53:70:41:a2:f6:db:ed:78:71:82:5e:63:80:aa:f0:8b:80:dc:
15:32:da:7e:96:e0:ca:c8:fa:20:b6:7f:19:cf:18:37:17:75:
72:91:aa:bc:46:0b:89:7f:a1:77:f4:3e:97:37:d3:23:d3:4e:
bd:b2:b8:cc:0e:35:13:15:95:89:91:ae:a0:0f:04:2f:24:b0:
6d:03:32:ff:7e:c4:13:73:22:6c:36:41:66:f0:04:60:f5:df:
39:45:66:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYja8Y+dQxppmQGUNVLd+pUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNjIwMjIzNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2RiODUzOGQ1MDViNWRjNzllMDNkYzU4NTJmZDgzMGQyZDMzYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppH16wNkC8DI7vWeKNwP9jIPsWVW
bIuP60gAFd0RVuqrblCwB+kJ9tdqqfErdFmwz0Go6ZMnOlzEwqfa/Dw+03C14FgQ
yGso3DOyD2CyQGaAwOUepplCeodpjgjUTmWuEe9GGre0ay7MzWci5UKLRxG8389d
fHyYUIvj87fEaR0sY0YdxlpihJZvfkCmqAF5ZIxcD3unkIWX8rzg21BWhUAhy8DH
vo947z0tCgU4Ye1OagZnOYplDyysu92qVuJnf/PZclnYgX2X+jKi9ZstwDeRppjM
/7khNxFpdF416azb3BlkA8+BXRBW1t+F88jmnSWlCW8xfcLkZzAII+9lywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBfbhTjVBbXceeA9xYUv2DDS0zvoMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvRjl1Rk9OVUZ0ZHg1NEQzRmhTX1lNTkxUTy1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCDmbkMA0G
CSqGSIb3DQEBCwUAA4IBAQAGNeIAujBTQnX4CHBIo263q3IkCVWioJdO4adh4fem
tEFIPqsKl+R4rtesGToWtXjfUPm5nqkCttx5iXgGpfhjp61S/zYRV3i7LfW03GhN
ZLwbRKxI7w5MoNv9lFory57h0mgsVcM6NgSSL1x0TFQCrVe15N3vaAvZ6nZL1NnY
N6kNh4wXKmTa5rIbmPWhdWeHnDpIxNdOSHMuCnclVdFwNplTcEGi9tvteHGCXmOA
qvCLgNwVMtp+luDKyPogtn8Zzxg3F3Vykaq8RguJf6F39D6XN9Mj0069srjMDjUT
FZWJka6gDwQvJLBtAzL/fsQTcyJsNkFm8ARg9d85RWbp
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:56 2025 by rpki-client