Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/yW4bQT5t2ts5QjDJgmH401oMoiI.roa
File: yW4bQT5t2ts5QjDJgmH401oMoiI.roa (raw, json)
Hash identifier: D2UXMJQu9cWbjkmDDe3z5RLf7Qj8zKjpytcQ0XY6QuI=
Subject key identifier: C9:6E:1B:41:3E:6D:DA:DB:39:42:30:C9:82:61:F8:D3:5A:0C:A2:22
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018670C9F7EC1A3E52333639E016BCAF705E
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/yW4bQT5t2ts5QjDJgmH401oMoiI.roa
Signing time: Mon 20 Feb 2023 21:45:29 +0000
ROA not before: Mon 20 Feb 2023 21:45:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 14.102.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:70:c9:f7:ec:1a:3e:52:33:36:39:e0:16:bc:af:70:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Feb 20 21:45:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c96e1b413e6ddadb394230c98261f8d35a0ca222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:15:9c:30:28:5e:b2:3e:31:15:b9:8f:1d:5d:
87:5c:0e:c6:f1:93:d8:b8:e8:8c:d2:62:2d:f4:9d:
ab:3e:ad:ce:26:6c:99:65:85:f1:09:71:02:31:c5:
94:a8:06:ca:e1:d9:1b:e1:3e:3a:36:cf:26:7b:a6:
e1:77:3d:40:82:4a:9b:f1:b4:8b:a0:98:f6:d1:ec:
5e:b2:a2:fd:16:f7:de:5b:18:3b:0b:44:70:e4:37:
81:d9:a0:55:f6:79:fe:8f:7e:20:0b:b0:df:ae:e9:
79:2b:62:59:b3:03:bc:fa:e3:77:92:a1:90:d1:52:
44:f1:b8:95:48:78:02:34:d4:4e:9b:bf:16:aa:69:
7d:99:e6:a2:77:ca:11:ce:ea:93:b8:7c:7e:b5:ab:
1e:59:61:85:09:4c:df:38:ea:7d:09:ff:d5:4c:fd:
c3:31:c6:07:99:6c:c9:f1:57:92:de:49:05:8a:5a:
8c:8f:89:6d:c5:dd:18:b1:26:37:80:eb:5f:25:2a:
ff:e7:81:94:f5:1c:ca:1e:6e:c8:82:97:74:e9:9e:
42:9f:18:8d:c3:ce:a6:04:7a:df:d5:66:7e:ba:cf:
9b:64:cc:d2:38:27:6a:6f:03:5a:4c:ee:3d:75:fa:
cb:0c:dd:ae:9a:7a:a9:97:2e:da:94:7f:ca:cb:06:
2c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:6E:1B:41:3E:6D:DA:DB:39:42:30:C9:82:61:F8:D3:5A:0C:A2:22
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/yW4bQT5t2ts5QjDJgmH401oMoiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.224.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:47:eb:bc:ec:84:0b:24:b7:50:71:f7:76:f5:d2:f8:e7:b3:
a4:37:22:22:8a:11:67:12:90:c1:35:c8:58:10:75:09:d0:92:
b5:12:e6:f8:d9:63:73:4c:d1:73:79:25:3e:c2:b9:15:3e:6b:
69:07:1c:ad:8f:c2:1a:b2:d5:bc:07:04:65:ec:87:2f:49:5e:
f8:0f:e3:d1:8d:16:39:a4:c0:45:05:7d:01:2b:19:2b:27:b1:
2a:06:4b:6d:28:a2:27:4c:71:04:50:62:f1:46:2b:9a:b1:e8:
d2:79:cf:84:d6:6f:f0:f5:d2:0f:cf:98:7e:7b:1c:7d:59:a3:
46:77:29:04:b9:3f:d7:cb:b0:57:70:93:06:68:7f:36:1a:46:
4a:cf:8c:d1:7c:c1:4a:e2:64:27:8a:3c:e2:e4:06:9f:70:d3:
d6:9d:8e:22:34:11:0b:fe:9c:85:7c:27:42:29:11:c7:b7:23:
d0:77:c8:09:0b:07:52:0b:ae:25:f0:d4:09:ad:24:11:fc:8a:
62:8a:de:43:6f:e9:c4:23:c1:07:63:58:78:70:f6:ec:6d:15:
d4:3c:85:be:e0:1a:22:f4:72:ef:39:7c:f3:4d:0f:0d:0d:25:
5e:07:88:7a:f9:24:6c:95:ab:71:b7:c5:66:99:48:fa:22:58:
2a:b4:e0:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZwyffsGj5SMzY54Ba8r3BeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwMjIwMjE0NTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTZlMWI0MTNlNmRkYWRiMzk0MjMwYzk4MjYxZjhkMzVhMGNhMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRWcMChesj4xFbmPHV2HXA7G8ZPY
uOiM0mIt9J2rPq3OJmyZZYXxCXECMcWUqAbK4dkb4T46Ns8me6bhdz1Agkqb8bSL
oJj20exesqL9FvfeWxg7C0Rw5DeB2aBV9nn+j34gC7Dfrul5K2JZswO8+uN3kqGQ
0VJE8biVSHgCNNROm78Wqml9meaid8oRzuqTuHx+taseWWGFCUzfOOp9Cf/VTP3D
McYHmWzJ8VeS3kkFilqMj4ltxd0YsSY3gOtfJSr/54GU9RzKHm7Igpd06Z5CnxiN
w86mBHrf1WZ+us+bZMzSOCdqbwNaTO49dfrLDN2umnqply7alH/KywYsxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMluG0E+bdrbOUIwyYJh+NNaDKIiMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEveVc0YlFUNXQydHM1UWpESmdtSDQwMW9Nb2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQADmbgMA0G
CSqGSIb3DQEBCwUAA4IBAQDJR+u87IQLJLdQcfd29dL457OkNyIiihFnEpDBNchY
EHUJ0JK1Eub42WNzTNFzeSU+wrkVPmtpBxytj8IastW8BwRl7IcvSV74D+PRjRY5
pMBFBX0BKxkrJ7EqBkttKKInTHEEUGLxRiuasejSec+E1m/w9dIPz5h+exx9WaNG
dykEuT/Xy7BXcJMGaH82GkZKz4zRfMFK4mQnijzi5AafcNPWnY4iNBEL/pyFfCdC
KRHHtyPQd8gJCwdSC64l8NQJrSQR/Ipiit5Db+nEI8EHY1h4cPbsbRXUPIW+4Boi
9HLvOXzzTQ8NDSVeB4h6+SRslatxt8VmmUj6IlgqtOAc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:44 2025 by rpki-client