Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/NY5kYOdE9AOiHFwgMbeZfanuj74.roa
File: NY5kYOdE9AOiHFwgMbeZfanuj74.roa (raw, json)
Hash identifier: 0CgxLSs0ASiAkwTc1kyIJ487Ka0XGyURlXT5GrpWmd0=
Subject key identifier: 35:8E:64:60:E7:44:F4:03:A2:1C:5C:20:31:B7:99:7D:A9:EE:8F:BE
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01877BA40DC1EE74B9500AC2AB34F603414B
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/NY5kYOdE9AOiHFwgMbeZfanuj74.roa
Signing time: Thu 13 Apr 2023 17:22:41 +0000
ROA not before: Thu 13 Apr 2023 17:22:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.47.58.0/24 maxlen: 24
14.102.224.0/24 maxlen: 24
14.102.225.0/24 maxlen: 24
14.102.233.0/24 maxlen: 24
14.102.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7b:a4:0d:c1:ee:74:b9:50:0a:c2:ab:34:f6:03:41:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Apr 13 17:22:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=358e6460e744f403a21c5c2031b7997da9ee8fbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:64:ce:4a:36:fc:24:0c:5a:94:73:0c:94:3f:
1e:01:0e:f0:29:dc:e0:17:42:10:45:f2:2d:2f:fe:
cd:e0:be:7d:66:ec:99:fe:67:4d:7a:28:d2:4b:92:
ab:f0:50:ac:11:2f:17:75:f3:47:f0:2a:47:1b:c6:
e2:42:b8:f6:e8:b8:d1:8f:55:88:44:91:c5:c1:67:
cf:cc:83:60:81:7c:69:94:05:bf:0f:4b:78:74:b1:
cb:9c:f1:f0:4b:f3:46:31:ad:ca:4f:6c:3f:c9:a9:
be:45:91:2a:13:c2:45:75:e2:4d:b8:37:37:27:51:
88:8b:cd:d8:31:96:52:dc:4a:62:ad:55:1a:30:4a:
9a:ff:1d:f7:88:56:7b:01:79:d8:18:ce:cf:fa:c6:
e9:a1:73:08:c8:0e:8f:69:37:ac:a1:b6:8d:7f:ed:
8a:a2:82:f8:1e:e0:47:af:8d:b7:54:cd:e1:d0:ee:
31:2b:b0:5c:b9:eb:e5:57:b7:f4:64:48:4c:9b:c2:
d3:77:00:eb:a6:8a:fe:4f:12:24:d4:84:5b:dd:3b:
f1:06:64:df:dd:6b:db:ba:22:eb:a5:c8:21:97:eb:
07:7d:68:5c:8f:a4:6e:64:5a:1b:f3:4b:ac:e9:5d:
06:6c:d6:11:5f:8f:b7:5b:6b:32:87:5d:25:44:19:
4c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:8E:64:60:E7:44:F4:03:A2:1C:5C:20:31:B7:99:7D:A9:EE:8F:BE
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/NY5kYOdE9AOiHFwgMbeZfanuj74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.224.0/23
14.102.233.0/24
14.102.235.0/24
103.47.58.0/24
Signature Algorithm: sha256WithRSAEncryption
26:f8:8e:5b:e9:a4:57:9f:96:71:fa:88:a4:31:2a:c7:a6:e1:
5e:ca:54:00:67:93:d0:a3:c6:89:41:57:81:ee:67:2c:dc:c8:
fd:3d:ec:f9:f0:59:e2:0c:a3:cd:aa:ef:ef:d8:21:ac:5c:9d:
63:2e:db:43:c6:f7:c5:2b:c1:4a:80:42:38:40:46:48:83:04:
f0:f7:85:50:11:6b:0d:ab:ee:ae:c9:d1:37:6b:97:c6:74:e6:
f3:c1:09:26:fd:08:e1:c1:db:f1:d3:89:18:bb:31:06:c3:b6:
76:7e:5a:bb:52:45:c8:82:da:f6:dd:0c:81:92:2d:32:c5:61:
8e:5a:dc:d4:a5:7c:76:d6:a6:9e:1b:87:f1:a0:cd:b7:6c:a0:
8a:c1:a4:41:d5:f9:93:11:df:90:7a:ac:2f:6a:ff:be:ca:2b:
fa:91:bc:ab:75:02:33:01:67:5a:e0:73:e4:0e:00:43:6a:84:
54:fb:01:80:7c:59:b6:de:4a:10:5a:a6:bf:80:e1:29:b1:b0:
49:ab:05:10:f6:07:14:09:8e:bc:6b:a4:3c:51:b0:8d:49:c3:
69:15:d5:39:b4:e2:72:a1:77:76:c8:df:03:db:43:2e:a2:72:
52:77:bd:cf:ef:47:b9:9a:22:b0:67:42:74:0a:8f:13:f2:43:
cf:92:26:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd7pA3B7nS5UArCqzT2A0FLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNDEzMTcyMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNThlNjQ2MGU3NDRmNDAzYTIxYzVjMjAzMWI3OTk3ZGE5ZWU4ZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGTOSjb8JAxalHMMlD8eAQ7wKdzg
F0IQRfItL/7N4L59ZuyZ/mdNeijSS5Kr8FCsES8XdfNH8CpHG8biQrj26LjRj1WI
RJHFwWfPzINggXxplAW/D0t4dLHLnPHwS/NGMa3KT2w/yam+RZEqE8JFdeJNuDc3
J1GIi83YMZZS3EpirVUaMEqa/x33iFZ7AXnYGM7P+sbpoXMIyA6PaTesobaNf+2K
ooL4HuBHr423VM3h0O4xK7BcuevlV7f0ZEhMm8LTdwDrpor+TxIk1IRb3TvxBmTf
3WvbuiLrpcghl+sHfWhcj6RuZFob80us6V0GbNYRX4+3W2syh10lRBlMQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDWOZGDnRPQDohxcIDG3mX2p7o++MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvTlk1a1lPZEU5QU9pSEZ3Z01iZVpmYW51ajc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBDmbgAwQA
DmbpAwQADmbrAwQAZy86MA0GCSqGSIb3DQEBCwUAA4IBAQAm+I5b6aRXn5Zx+oik
MSrHpuFeylQAZ5PQo8aJQVeB7mcs3Mj9Pez58FniDKPNqu/v2CGsXJ1jLttDxvfF
K8FKgEI4QEZIgwTw94VQEWsNq+6uydE3a5fGdObzwQkm/Qjhwdvx04kYuzEGw7Z2
flq7UkXIgtr23QyBki0yxWGOWtzUpXx21qaeG4fxoM23bKCKwaRB1fmTEd+Qeqwv
av++yiv6kbyrdQIzAWda4HPkDgBDaoRU+wGAfFm23koQWqa/gOEpsbBJqwUQ9gcU
CY68a6Q8UbCNScNpFdU5tOJyoXd2yN8D20MuonJSd73P70e5miKwZ0J0Co8T8kPP
kibw
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:20 2025 by rpki-client