Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ZGqRfYyZmbeRIgsIaT5gC4CZLMc.roa
File: ZGqRfYyZmbeRIgsIaT5gC4CZLMc.roa (raw, json)
Hash identifier: bAlpSQgTekDYrQ1XZnfBTqd0sHFTKoUh0ansk3IvQkc=
Subject key identifier: 64:6A:91:7D:8C:99:99:B7:91:22:0B:08:69:3E:60:0B:80:99:2C:C7
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0187D7BB88AC70CA24C4BD7606CD5B5EA4DC
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ZGqRfYyZmbeRIgsIaT5gC4CZLMc.roa
Signing time: Mon 01 May 2023 14:33:24 +0000
ROA not before: Mon 01 May 2023 14:33:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30644
IP address blocks: 14.102.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d7:bb:88:ac:70:ca:24:c4:bd:76:06:cd:5b:5e:a4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: May 1 14:33:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=646a917d8c9999b791220b08693e600b80992cc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:18:25:4e:fa:67:a5:9f:e4:7e:7e:2a:9b:dc:
20:05:7a:c4:8f:88:0d:1d:e6:83:5e:42:56:d0:a4:
09:17:d7:21:d7:97:b3:56:10:d0:a8:51:49:50:66:
d2:b5:e7:42:50:66:66:5b:bd:ce:a5:72:bb:90:88:
54:35:e0:55:bf:e3:7d:93:53:95:8b:2e:e1:69:b0:
47:fb:d5:ca:94:15:88:2a:a2:9f:3b:2f:91:70:32:
24:d8:5b:40:3d:be:ff:31:7f:38:ab:f6:86:e5:64:
6e:ad:82:0d:cc:29:f6:a7:99:7d:66:e4:fc:b4:e6:
b4:22:84:e2:0c:24:84:3c:60:9c:48:0b:a7:71:a8:
57:83:89:72:e0:af:10:1e:ae:fe:df:ea:fa:04:3b:
39:c3:19:20:82:0e:5d:87:6f:00:4c:81:35:30:79:
89:a2:21:bc:0d:0e:46:49:41:6d:ad:8e:77:53:a5:
89:1c:49:9d:25:be:56:b6:3a:77:aa:4e:c9:2f:af:
e9:76:31:aa:5f:1e:6c:04:9f:50:9e:83:81:2e:7f:
30:b6:09:aa:49:4c:cb:c5:69:92:86:b3:c8:e3:16:
f7:bc:ef:ac:65:c5:02:d4:8a:36:e1:dc:ec:7d:ad:
f6:55:9b:94:58:13:f7:cf:42:e5:74:2e:b4:00:53:
90:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:6A:91:7D:8C:99:99:B7:91:22:0B:08:69:3E:60:0B:80:99:2C:C7
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ZGqRfYyZmbeRIgsIaT5gC4CZLMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.233.0/24
Signature Algorithm: sha256WithRSAEncryption
64:e7:68:3b:3c:db:47:aa:c8:4b:7e:ca:ef:53:5e:f1:02:cc:
6d:1a:01:81:4f:cb:c4:30:89:99:58:ad:0f:12:22:fc:77:95:
ce:f9:54:68:ab:df:7c:dd:c9:9a:b9:b8:5f:68:d9:24:1f:2e:
81:be:3b:99:10:e9:2f:9e:18:76:aa:3d:81:d3:c6:88:f4:f4:
39:84:0b:2c:7b:0b:8e:cc:fa:7a:2a:66:d7:93:57:05:44:8e:
b5:c9:40:ac:77:ff:52:33:63:85:5d:1e:d3:7d:14:8f:af:ae:
f0:0e:da:4f:bb:12:4a:e4:e0:66:3f:56:df:20:8a:64:41:dd:
db:84:42:a0:ca:50:0e:16:8f:5a:36:d8:4e:41:3f:87:d0:ba:
d6:fa:b7:9b:b7:68:7b:63:1a:5f:74:f8:ac:fe:54:5c:4e:ee:
7a:50:ee:1d:88:e1:2e:07:53:e3:30:25:7a:ff:b5:2e:0d:ec:
99:04:d1:8f:33:58:38:10:7e:45:41:e3:30:a3:62:13:af:dc:
71:0f:39:39:69:c2:dc:fe:ea:c2:36:eb:4a:0a:4e:3e:4f:21:
5a:d8:ce:06:00:41:e9:f4:13:05:46:81:ba:43:47:46:20:e0:
3c:1a:87:c0:69:b5:ca:57:55:27:0b:d9:c8:86:3c:5c:cc:34:
48:22:32:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfXu4iscMokxL12Bs1bXqTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNTAxMTQzMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDZhOTE3ZDhjOTk5OWI3OTEyMjBiMDg2OTNlNjAwYjgwOTkyY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBglTvpnpZ/kfn4qm9wgBXrEj4gN
HeaDXkJW0KQJF9ch15ezVhDQqFFJUGbStedCUGZmW73OpXK7kIhUNeBVv+N9k1OV
iy7habBH+9XKlBWIKqKfOy+RcDIk2FtAPb7/MX84q/aG5WRurYINzCn2p5l9ZuT8
tOa0IoTiDCSEPGCcSAuncahXg4ly4K8QHq7+3+r6BDs5wxkggg5dh28ATIE1MHmJ
oiG8DQ5GSUFtrY53U6WJHEmdJb5Wtjp3qk7JL6/pdjGqXx5sBJ9QnoOBLn8wtgmq
SUzLxWmShrPI4xb3vO+sZcUC1Io24dzsfa32VZuUWBP3z0LldC60AFOQjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRqkX2MmZm3kSILCGk+YAuAmSzHMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvWkdxUmZZeVptYmVSSWdzSWFUNWdDNENaTE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQADmbpMA0G
CSqGSIb3DQEBCwUAA4IBAQBk52g7PNtHqshLfsrvU17xAsxtGgGBT8vEMImZWK0P
EiL8d5XO+VRoq9983cmaubhfaNkkHy6BvjuZEOkvnhh2qj2B08aI9PQ5hAssewuO
zPp6KmbXk1cFRI61yUCsd/9SM2OFXR7TfRSPr67wDtpPuxJK5OBmP1bfIIpkQd3b
hEKgylAOFo9aNthOQT+H0LrW+rebt2h7YxpfdPis/lRcTu56UO4diOEuB1PjMCV6
/7UuDeyZBNGPM1g4EH5FQeMwo2ITr9xxDzk5acLc/urCNutKCk4+TyFa2M4GAEHp
9BMFRoG6Q0dGIOA8GofAabXKV1UnC9nIhjxczDRIIjJV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:58 2025 by rpki-client