Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/njFtOa_paU8hPvh6uqRCXlzP6Ds.roa
File: njFtOa_paU8hPvh6uqRCXlzP6Ds.roa (raw, json)
Hash identifier: Atwuks8z1iIOjUO1MiF8SVCpIgtLnGlAzUcUbUaRz3M=
Subject key identifier: 9E:31:6D:39:AF:E9:69:4F:21:3E:F8:7A:BA:A4:42:5E:5C:CF:E8:3B
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0184CEDADC2AB39126859A6CAFAE168E18A2
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/njFtOa_paU8hPvh6uqRCXlzP6Ds.roa
Signing time: Thu 01 Dec 2022 18:02:40 +0000
ROA not before: Thu 01 Dec 2022 18:02:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21769
IP address blocks: 185.199.116.0/22 maxlen: 22
103.41.44.0/22 maxlen: 22
103.63.28.0/22 maxlen: 22
194.93.4.0/22 maxlen: 22
45.127.248.0/22 maxlen: 22
185.195.212.0/22 maxlen: 22
103.47.56.0/22 maxlen: 22
103.71.61.0/24 maxlen: 24
185.195.220.0/22 maxlen: 22
185.196.188.0/22 maxlen: 22
14.102.224.0/20 maxlen: 20
2a09:1e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:da:dc:2a:b3:91:26:85:9a:6c:af:ae:16:8e:18:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Dec 1 18:02:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e316d39afe9694f213ef87abaa4425e5ccfe83b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:69:49:74:fc:63:19:46:7a:b7:40:b6:55:a3:
e9:57:86:65:fb:ee:4f:9d:fa:69:37:ed:2e:e2:52:
0e:d7:9d:ea:20:94:d6:a5:67:4d:06:cb:08:f9:d3:
b9:16:a2:76:6d:1a:a9:0b:1c:a5:a0:a4:ed:45:6b:
ad:2f:21:72:17:ee:c1:27:4d:24:a7:9f:e7:29:4c:
9a:2a:84:f8:8a:fc:cc:a9:4f:8a:c7:bc:0b:62:f9:
6b:47:1f:6f:a4:b9:24:bb:ac:ce:6a:02:03:f2:08:
a3:d8:1f:c6:99:a6:95:8c:bb:ba:5d:c8:28:de:0e:
81:76:fa:c5:9e:dd:3d:a4:f1:6c:40:57:26:48:36:
7e:99:f0:d6:af:1b:7d:b2:25:78:f6:6b:eb:c6:99:
ec:d4:33:92:96:fb:ee:75:31:17:b5:4a:8e:1a:bd:
97:39:94:57:82:8e:eb:f3:6b:b1:2b:9d:12:2c:65:
da:2d:69:e3:2a:2b:b2:b4:c8:bc:85:b3:ab:f9:cb:
a1:47:f8:9f:43:29:4a:82:3a:21:e7:9c:0d:43:fd:
55:d0:94:dd:af:73:48:28:98:49:7a:17:1b:26:57:
c0:fe:df:2b:94:03:cb:7a:1c:60:69:3f:da:07:c2:
11:0a:89:31:cf:6f:4e:ba:5d:4a:68:d8:b0:9c:d5:
74:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:31:6D:39:AF:E9:69:4F:21:3E:F8:7A:BA:A4:42:5E:5C:CF:E8:3B
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/njFtOa_paU8hPvh6uqRCXlzP6Ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.224.0/20
45.127.248.0/22
103.41.44.0/22
103.47.56.0/22
103.63.28.0/22
103.71.61.0/24
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.93.4.0/22
IPv6:
2a09:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
85:8d:0b:0e:67:ea:cc:e1:c9:5c:b6:5e:89:3a:23:0c:ed:55:
a6:40:a4:22:5f:b2:2d:a4:29:4a:2a:27:f7:38:73:a3:2e:40:
cf:bc:28:44:bc:27:29:4c:16:ab:5b:68:af:c3:62:89:36:59:
41:1c:9f:2c:81:65:0f:e8:db:94:90:ef:0e:d5:d3:54:d8:5d:
72:63:6e:02:89:67:0b:1a:e5:f4:6a:0d:f6:26:51:3f:65:6d:
25:48:cf:bf:f4:b8:7c:c2:0a:7e:2c:7b:f3:d5:53:f8:8b:37:
19:28:fa:71:13:cc:60:c2:92:55:83:c9:86:c7:03:9a:91:9e:
a7:96:bd:fa:60:54:38:03:38:c1:7f:ea:7d:57:58:b2:92:67:
ba:1a:30:0d:59:46:0e:d5:41:d3:c2:33:20:ae:40:bc:6c:94:
03:ed:1e:c9:74:36:52:0b:0e:b7:27:16:7b:57:1e:81:19:94:
28:01:02:c5:97:27:97:a8:35:25:21:0f:5d:2f:74:1d:c9:dc:
f5:b2:5b:92:e8:2a:12:81:1e:5d:c9:dd:98:ee:59:89:15:fe:
d5:3d:58:f4:44:10:f5:67:eb:cb:43:4a:03:1b:b7:11:fa:15:
57:96:95:15:61:ba:02:68:b8:8c:60:4f:f2:b5:c5:76:08:66:
fb:1a:ee:fe
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYTO2twqs5EmhZpsr64WjhiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjIxMjAxMTgwMjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTMxNmQzOWFmZTk2OTRmMjEzZWY4N2FiYWE0NDI1ZTVjY2ZlODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWlJdPxjGUZ6t0C2VaPpV4Zl++5P
nfppN+0u4lIO153qIJTWpWdNBssI+dO5FqJ2bRqpCxyloKTtRWutLyFyF+7BJ00k
p5/nKUyaKoT4ivzMqU+Kx7wLYvlrRx9vpLkku6zOagID8gij2B/GmaaVjLu6Xcgo
3g6BdvrFnt09pPFsQFcmSDZ+mfDWrxt9siV49mvrxpns1DOSlvvudTEXtUqOGr2X
OZRXgo7r82uxK50SLGXaLWnjKiuytMi8hbOr+cuhR/ifQylKgjoh55wNQ/1V0JTd
r3NIKJhJehcbJlfA/t8rlAPLehxgaT/aB8IRCokxz29Oul1KaNiwnNV0uQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFJ4xbTmv6WlPIT74erqkQl5cz+g7MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvbmpGdE9hX3BhVThoUHZoNnVxUkNYbHpQNkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQEDmbgAwQC
LX/4AwQCZyksAwQCZy84AwQCZz8cAwQAZ0c9AwQCucPUAwQCucPcAwQCucS8AwQC
ucd0AwQCwl0EMA0EAgACMAcDBQMqCR6AMA0GCSqGSIb3DQEBCwUAA4IBAQCFjQsO
Z+rM4clctl6JOiMM7VWmQKQiX7ItpClKKif3OHOjLkDPvChEvCcpTBarW2ivw2KJ
NllBHJ8sgWUP6NuUkO8O1dNU2F1yY24CiWcLGuX0ag32JlE/ZW0lSM+/9Lh8wgp+
LHvz1VP4izcZKPpxE8xgwpJVg8mGxwOakZ6nlr36YFQ4AzjBf+p9V1iykme6GjAN
WUYO1UHTwjMgrkC8bJQD7R7JdDZSCw63JxZ7Vx6BGZQoAQLFlyeXqDUlIQ9dL3Qd
ydz1sluS6CoSgR5dyd2Y7lmJFf7VPVj0RBD1Z+vLQ0oDG7cR+hVXlpUVYboCaLiM
YE/ytcV2CGb7Gu7+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:43 2025 by rpki-client