Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/kzm1yh2O1v0osCU2rfYR1A0qrwc.roa
File: kzm1yh2O1v0osCU2rfYR1A0qrwc.roa (raw, json)
Hash identifier: pjeUgAAMh3MDSYDD1f6IEAXgjnBM+VfZNJDeCcOyi4Y=
Subject key identifier: 93:39:B5:CA:1D:8E:D6:FD:28:B0:25:36:AD:F6:11:D4:0D:2A:AF:07
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01857039A312D66942524F182FE63ADD624B
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/kzm1yh2O1v0osCU2rfYR1A0qrwc.roa
Signing time: Mon 02 Jan 2023 02:05:03 +0000
ROA not before: Mon 02 Jan 2023 02:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44225
IP address blocks: 195.244.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:a3:12:d6:69:42:52:4f:18:2f:e6:3a:dd:62:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 02:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9339b5ca1d8ed6fd28b02536adf611d40d2aaf07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:14:fc:ae:6e:d8:02:0c:26:ae:0b:28:2e:11:
47:c2:90:06:fc:80:c5:b7:75:31:4c:1a:22:fc:3a:
37:59:52:3b:f3:35:ff:c9:34:80:4f:0d:7f:99:3e:
61:d5:55:3c:62:f7:03:e5:6f:97:96:fe:93:3c:2d:
ab:f7:70:b6:33:18:c5:82:36:d6:e3:50:f8:a9:b8:
10:52:be:63:cf:fc:69:c9:b1:b2:b6:af:ff:72:d5:
7c:81:0b:d3:4c:12:ea:62:5d:21:33:38:d7:06:df:
d7:45:23:59:fa:bb:ed:bc:bc:c4:09:74:b6:ec:84:
65:90:87:dc:d8:7a:44:bd:1b:48:ba:92:78:38:57:
ee:88:2b:37:b3:58:df:51:ad:3c:9a:54:ae:c4:26:
fa:92:16:de:44:a3:33:c7:b8:37:a8:d3:55:2a:ec:
0e:ea:3c:f2:90:f7:1e:32:31:7c:4a:de:61:53:de:
f6:00:0d:4b:77:cf:9e:e5:5c:98:7e:d1:04:81:e9:
dd:06:8e:25:f5:6b:ff:4f:25:60:0e:85:f7:15:6b:
ad:39:fd:b6:89:b6:64:34:eb:67:eb:5b:2f:b9:43:
1a:7e:86:6f:12:1b:8c:d6:f6:e6:46:e4:e8:be:da:
db:41:84:b2:e1:41:50:87:49:94:80:75:36:ca:d8:
be:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:39:B5:CA:1D:8E:D6:FD:28:B0:25:36:AD:F6:11:D4:0D:2A:AF:07
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/kzm1yh2O1v0osCU2rfYR1A0qrwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.121.0/24
Signature Algorithm: sha256WithRSAEncryption
83:f9:06:dd:da:3b:d5:1a:ea:2f:87:07:a0:00:44:c9:e4:e2:
e6:b7:e9:10:ee:c7:9c:d2:96:e7:11:7a:c9:37:be:68:88:f9:
87:90:11:46:21:73:d7:9d:8f:31:01:21:c8:8b:6b:7b:83:e0:
19:7c:18:16:ad:9c:95:95:eb:84:3d:bc:98:88:f7:01:6b:60:
d2:e3:7e:93:49:bd:62:78:a8:c1:2b:81:d4:67:73:7e:e2:dc:
16:8c:ba:b3:21:e7:0a:fc:6e:c8:e9:38:09:b5:72:b4:dd:63:
6a:c0:e4:11:05:4d:3c:1c:63:be:21:1f:68:7a:b5:b9:a4:f1:
52:9f:4e:6b:4d:42:7d:0a:6d:1e:69:9a:2a:c7:e0:ce:ce:df:
fb:cb:e9:e1:d0:e2:ff:e3:27:28:cd:8d:3b:62:c0:06:8e:5b:
e7:8e:95:3b:60:b6:98:fd:6a:e7:c6:57:ce:60:e3:3b:82:bd:
bd:bc:31:66:5f:e2:2b:24:d9:eb:8f:3d:6a:dd:d6:7c:51:c9:
5b:bf:e4:83:2b:67:b8:af:dc:e0:f0:7f:a7:a8:ee:8b:d9:1d:
35:b4:62:c3:8f:d9:8e:09:13:54:e0:bf:99:01:56:36:76:5a:
5e:0e:be:0f:e4:bc:36:2e:b6:c1:b6:e6:f2:fa:96:05:eb:4b:
0d:94:05:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOaMS1mlCUk8YL+Y63WJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMwMTAyMDIwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzM5YjVjYTFkOGVkNmZkMjhiMDI1MzZhZGY2MTFkNDBkMmFhZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixT8rm7YAgwmrgsoLhFHwpAG/IDF
t3UxTBoi/Do3WVI78zX/yTSATw1/mT5h1VU8YvcD5W+Xlv6TPC2r93C2MxjFgjbW
41D4qbgQUr5jz/xpybGytq//ctV8gQvTTBLqYl0hMzjXBt/XRSNZ+rvtvLzECXS2
7IRlkIfc2HpEvRtIupJ4OFfuiCs3s1jfUa08mlSuxCb6khbeRKMzx7g3qNNVKuwO
6jzykPceMjF8St5hU972AA1Ld8+e5VyYftEEgendBo4l9Wv/TyVgDoX3FWutOf22
ibZkNOtn61svuUMafoZvEhuM1vbmRuTovtrbQYSy4UFQh0mUgHU2yti+lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJM5tcodjtb9KLAlNq32EdQNKq8HMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEva3ptMXloMk8xdjBvc0NVMnJmWVIxQTBxcndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/R5MA0G
CSqGSIb3DQEBCwUAA4IBAQCD+Qbd2jvVGuovhwegAETJ5OLmt+kQ7sec0pbnEXrJ
N75oiPmHkBFGIXPXnY8xASHIi2t7g+AZfBgWrZyVleuEPbyYiPcBa2DS436TSb1i
eKjBK4HUZ3N+4twWjLqzIecK/G7I6TgJtXK03WNqwOQRBU08HGO+IR9oerW5pPFS
n05rTUJ9Cm0eaZoqx+DOzt/7y+nh0OL/4ycozY07YsAGjlvnjpU7YLaY/WrnxlfO
YOM7gr29vDFmX+IrJNnrjz1q3dZ8Uclbv+SDK2e4r9zg8H+nqO6L2R01tGLDj9mO
CRNU4L+ZAVY2dlpeDr4P5Lw2LrbBtuby+pYF60sNlAWp
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:15 2025 by rpki-client