Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/vZjX9pgwHD-mGmG0pEXoxKUXh3k.roa
File: vZjX9pgwHD-mGmG0pEXoxKUXh3k.roa (raw, json)
Hash identifier: 2+fW/dyUa3BSJ9BZp3N4lJbm4+0QNK7CPwZ/jedFrx0=
Subject key identifier: BD:98:D7:F6:98:30:1C:3F:A6:1A:61:B4:A4:45:E8:C4:A5:17:87:79
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0188FDC131345749132A2092DAD9F5F84BC1
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/vZjX9pgwHD-mGmG0pEXoxKUXh3k.roa
Signing time: Tue 27 Jun 2023 16:47:56 +0000
ROA not before: Tue 27 Jun 2023 16:47:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 14.102.228.0/22 maxlen: 24
14.102.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fd:c1:31:34:57:49:13:2a:20:92:da:d9:f5:f8:4b:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 27 16:47:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd98d7f698301c3fa61a61b4a445e8c4a5178779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0a:74:17:13:e9:c3:7c:cb:ef:15:0a:69:3a:
f8:dc:f5:ec:f9:e0:dd:96:cf:8b:c2:c7:81:b2:f1:
66:e0:2d:92:4d:28:ef:f3:05:b9:8a:03:ab:4c:39:
60:b5:f8:56:71:55:73:b8:97:e6:d7:a6:2e:fb:40:
74:a0:1f:c2:34:87:5a:9f:f2:c5:f8:51:e7:6f:d6:
3f:0b:65:4b:df:f6:a5:77:fa:82:de:7d:5a:63:3a:
5b:9e:b1:eb:15:92:97:5e:d6:c2:93:ae:4c:21:e4:
56:8c:ea:c5:db:c4:33:28:bb:47:fb:1f:e5:da:05:
75:78:dc:1b:28:e0:b7:ee:b1:e4:fb:3f:dc:c0:cc:
db:6e:14:f7:c5:b7:e2:92:c7:2b:fe:3c:69:76:5f:
c0:ca:0f:e9:de:38:d3:f1:f8:6b:f6:d0:1a:cb:12:
ea:49:2c:31:32:44:ac:c8:cb:f9:be:7a:20:80:94:
df:82:c2:12:7b:76:69:cd:54:7c:6b:0a:d2:17:71:
f8:6d:64:46:e1:a5:05:8b:20:f9:80:32:f2:d6:e7:
fb:f1:8b:f6:6c:23:a6:42:08:2c:74:f1:6d:61:b5:
3c:83:fa:4a:e7:51:90:79:7e:25:55:4f:f4:2c:18:
d1:25:e8:af:9e:c9:7e:6a:ee:2b:fb:34:91:d5:b3:
06:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:98:D7:F6:98:30:1C:3F:A6:1A:61:B4:A4:45:E8:C4:A5:17:87:79
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/vZjX9pgwHD-mGmG0pEXoxKUXh3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.228.0/22
14.102.234.0/24
Signature Algorithm: sha256WithRSAEncryption
73:3a:d1:36:57:b4:9f:f8:bc:7d:d7:b3:37:7e:ae:24:91:a6:
78:75:18:17:6c:a3:33:fd:27:df:b6:1b:e2:e9:3c:79:53:2f:
ab:84:92:3c:65:fd:79:16:ae:6a:06:ba:95:be:05:43:a4:0b:
8b:8c:b6:3f:fa:ff:78:59:db:2a:4e:90:75:28:13:e8:7f:2d:
2c:36:41:e9:9c:7e:2d:91:95:ac:d9:3b:95:c1:61:e1:3a:18:
5c:07:83:bb:24:0c:8c:b8:f9:ae:d1:ea:64:bd:95:75:b9:82:
bc:82:9e:6d:1d:6c:8e:74:d4:cb:83:79:af:f9:37:bd:7a:e1:
85:55:22:a7:6e:a3:1b:32:6f:81:ee:9d:68:27:21:97:3f:c1:
ed:b8:6c:d6:cb:ec:7a:f0:fd:04:37:6b:7f:ad:a2:2c:67:6d:
64:b1:10:15:57:da:32:1f:83:18:ee:1c:8f:ed:14:8a:cd:05:
f2:7a:f0:c5:6b:20:46:f1:20:0c:e2:55:58:d4:05:c5:36:90:
cf:a9:86:ac:9e:75:73:04:0f:9e:e0:f7:9e:57:6c:34:7c:dc:
d3:99:3b:65:60:b1:84:ec:4d:9b:57:01:13:30:c8:98:8e:b9:
a8:64:59:fc:3c:65:05:d9:45:92:b6:e9:1d:59:0f:8d:3a:a1:
89:fe:c7:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYj9wTE0V0kTKiCS2tn1+EvBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNjI3MTY0NzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk4ZDdmNjk4MzAxYzNmYTYxYTYxYjRhNDQ1ZThjNGE1MTc4Nzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgp0FxPpw3zL7xUKaTr43PXs+eDd
ls+LwseBsvFm4C2STSjv8wW5igOrTDlgtfhWcVVzuJfm16Yu+0B0oB/CNIdan/LF
+FHnb9Y/C2VL3/ald/qC3n1aYzpbnrHrFZKXXtbCk65MIeRWjOrF28QzKLtH+x/l
2gV1eNwbKOC37rHk+z/cwMzbbhT3xbfikscr/jxpdl/Ayg/p3jjT8fhr9tAayxLq
SSwxMkSsyMv5vnoggJTfgsISe3ZpzVR8awrSF3H4bWRG4aUFiyD5gDLy1uf78Yv2
bCOmQggsdPFtYbU8g/pK51GQeX4lVU/0LBjRJeivnsl+au4r+zSR1bMGfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL2Y1/aYMBw/phphtKRF6MSlF4d5MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvdlpqWDlwZ3dIRC1tR21HMHBFWG94S1VYaDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCDmbkAwQA
DmbqMA0GCSqGSIb3DQEBCwUAA4IBAQBzOtE2V7Sf+Lx917M3fq4kkaZ4dRgXbKMz
/Sffthvi6Tx5Uy+rhJI8Zf15Fq5qBrqVvgVDpAuLjLY/+v94WdsqTpB1KBPofy0s
NkHpnH4tkZWs2TuVwWHhOhhcB4O7JAyMuPmu0epkvZV1uYK8gp5tHWyOdNTLg3mv
+Te9euGFVSKnbqMbMm+B7p1oJyGXP8HtuGzWy+x68P0EN2t/raIsZ21ksRAVV9oy
H4MY7hyP7RSKzQXyevDFayBG8SAM4lVY1AXFNpDPqYasnnVzBA+e4PeeV2w0fNzT
mTtlYLGE7E2bVwETMMiYjrmoZFn8PGUF2UWStukdWQ+NOqGJ/see
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:36 2025 by rpki-client