Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/RJkFgfieG3uxJpdJ9KjZmntJSwE.roa
File: RJkFgfieG3uxJpdJ9KjZmntJSwE.roa (raw, json)
Hash identifier: K3VhO4mbzyVuIXN6ULQCy1XhNPqE5SVLJkN+igcf1Co=
Subject key identifier: 44:99:05:81:F8:9E:1B:7B:B1:26:97:49:F4:A8:D9:9A:7B:49:4B:01
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01888A1C05B311144C45033DDD56322E8B70
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/RJkFgfieG3uxJpdJ9KjZmntJSwE.roa
Signing time: Mon 05 Jun 2023 05:51:12 +0000
ROA not before: Mon 05 Jun 2023 05:51:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 164.215.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:1c:05:b3:11:14:4c:45:03:3d:dd:56:32:2e:8b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jun 5 05:51:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44990581f89e1b7bb1269749f4a8d99a7b494b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:91:d2:fe:58:dd:4e:0b:a0:c2:64:ab:73:6a:
85:a2:b0:f3:25:69:b4:82:68:3e:5b:25:6d:74:a8:
a4:dd:4e:10:7b:09:ec:e8:92:56:1d:fe:27:43:3a:
0f:62:e3:55:e6:27:10:2a:e9:d5:3a:ad:0b:c2:66:
1e:18:f3:35:27:33:82:48:14:77:57:c3:50:3f:db:
11:a7:f7:0c:8b:0d:41:58:bf:10:21:a4:5f:ec:ec:
3b:69:da:0f:a9:d5:05:97:bd:22:d3:1a:16:dc:e7:
49:99:6e:c6:e1:03:a0:7c:2d:98:03:7c:1d:f3:bb:
85:18:fb:1a:99:2c:20:17:bf:0a:78:dd:69:f0:ea:
f3:86:f2:5a:4c:de:7e:11:ba:56:09:59:af:37:63:
eb:7c:f6:3a:01:b8:09:10:71:57:fd:e2:a4:e5:d2:
c0:1c:fc:23:f9:32:49:f8:76:8b:8a:9d:24:05:c2:
09:c5:7b:93:2f:26:3e:5b:99:53:1b:e9:44:63:0b:
6a:b6:65:d7:52:ac:4c:07:0d:b7:de:c6:53:75:4a:
a8:7e:af:37:e5:44:92:1c:5e:02:45:61:83:03:13:
a7:ec:2a:4c:bb:52:c3:f2:4b:8c:fb:f8:8d:34:cf:
3c:24:94:03:02:0e:ed:57:18:02:58:a6:a4:77:66:
67:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:99:05:81:F8:9E:1B:7B:B1:26:97:49:F4:A8:D9:9A:7B:49:4B:01
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/RJkFgfieG3uxJpdJ9KjZmntJSwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.215.103.0/24
Signature Algorithm: sha256WithRSAEncryption
52:7e:42:60:61:dd:a2:c9:4d:40:3c:97:2f:78:46:d1:6f:21:
fd:b1:bd:c0:e4:ea:c8:47:52:5b:d4:0b:a6:21:ef:c7:74:70:
10:84:68:9e:a4:df:0d:ae:ef:eb:65:28:90:81:a3:ec:86:f2:
ef:c0:e9:a9:cc:54:33:40:54:07:5b:c0:d9:a3:76:0f:3f:39:
d7:c4:6f:ca:6c:02:46:e4:ee:7e:07:7b:39:e9:c0:17:74:be:
4a:fb:18:69:c2:6c:44:d3:a1:95:84:2e:c6:9e:12:28:5d:bb:
ba:55:39:ad:c5:a1:fb:ca:d9:4d:ec:13:2c:04:dc:34:9e:dc:
c7:19:6a:4c:c6:1e:5a:ec:22:0b:ce:73:97:5e:55:e7:e1:ed:
45:76:ba:fa:82:1d:f5:58:0f:48:2d:ac:47:27:07:f0:34:39:
a0:88:e1:5f:8a:67:5f:50:66:7d:70:b1:79:a4:d9:74:c2:5b:
b2:36:91:2f:d5:ff:27:33:bd:4c:09:72:34:6c:8c:82:1c:55:
a8:6b:00:96:45:89:d0:51:ac:16:2c:63:b4:e5:22:6e:c4:8c:
d7:fb:0b:6a:b2:de:d1:25:56:26:63:a8:5e:54:d1:62:d7:b7:
62:7c:fd:a8:48:59:e6:d1:c1:b8:16:da:3c:aa:3e:d1:97:02:
25:d6:55:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiKHAWzERRMRQM93VYyLotwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNjA1MDU1MTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDk5MDU4MWY4OWUxYjdiYjEyNjk3NDlmNGE4ZDk5YTdiNDk0YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5HS/ljdTgugwmSrc2qForDzJWm0
gmg+WyVtdKik3U4Qewns6JJWHf4nQzoPYuNV5icQKunVOq0LwmYeGPM1JzOCSBR3
V8NQP9sRp/cMiw1BWL8QIaRf7Ow7adoPqdUFl70i0xoW3OdJmW7G4QOgfC2YA3wd
87uFGPsamSwgF78KeN1p8OrzhvJaTN5+EbpWCVmvN2PrfPY6AbgJEHFX/eKk5dLA
HPwj+TJJ+HaLip0kBcIJxXuTLyY+W5lTG+lEYwtqtmXXUqxMBw233sZTdUqofq83
5USSHF4CRWGDAxOn7CpMu1LD8kuM+/iNNM88JJQDAg7tVxgCWKakd2ZnGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESZBYH4nht7sSaXSfSo2Zp7SUsBMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvUkprRmdmaWVHM3V4SnBkSjlLalptbnRKU3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApNdnMA0G
CSqGSIb3DQEBCwUAA4IBAQBSfkJgYd2iyU1APJcveEbRbyH9sb3A5OrIR1Jb1Aum
Ie/HdHAQhGiepN8Nru/rZSiQgaPshvLvwOmpzFQzQFQHW8DZo3YPPznXxG/KbAJG
5O5+B3s56cAXdL5K+xhpwmxE06GVhC7GnhIoXbu6VTmtxaH7ytlN7BMsBNw0ntzH
GWpMxh5a7CILznOXXlXn4e1Fdrr6gh31WA9ILaxHJwfwNDmgiOFfimdfUGZ9cLF5
pNl0wluyNpEv1f8nM71MCXI0bIyCHFWoawCWRYnQUawWLGO05SJuxIzX+wtqst7R
JVYmY6heVNFi17difP2oSFnm0cG4Fto8qj7RlwIl1lUg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:40 2025 by rpki-client