Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/kwzTUS1stB98NKP_Ztd72emf8no.roa
File: kwzTUS1stB98NKP_Ztd72emf8no.roa (raw, json)
Hash identifier: jo8H3Pt+omU+bK75hGkMO5cBHAE8sTSMy/WZAt2kHyM=
Subject key identifier: 93:0C:D3:51:2D:6C:B4:1F:7C:34:A3:FF:66:D7:7B:D9:E9:9F:F2:7A
Certificate issuer: /CN=b91464767773f1239b646bb66bdcf4f7fb1206ce
Certificate serial: 01898CCB1718F32922F1AF5EB3433274DCAD
Authority key identifier: B9:14:64:76:77:73:F1:23:9B:64:6B:B6:6B:DC:F4:F7:FB:12:06:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRRkdndz8SObZGu2a9z09_sSBs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/kwzTUS1stB98NKP_Ztd72emf8no.roa
Signing time: Tue 25 Jul 2023 11:24:27 +0000
ROA not before: Tue 25 Jul 2023 11:24:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207442
IP address blocks: 91.192.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:cb:17:18:f3:29:22:f1:af:5e:b3:43:32:74:dc:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91464767773f1239b646bb66bdcf4f7fb1206ce
Validity
Not Before: Jul 25 11:24:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=930cd3512d6cb41f7c34a3ff66d77bd9e99ff27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2d:ed:af:94:ad:1e:a6:bd:19:f7:cd:3c:81:
0f:93:f6:a0:ce:13:bf:9a:e0:31:ee:41:0e:6f:27:
7f:74:c8:9f:53:b4:8e:de:48:83:89:16:bf:e8:6e:
fc:ca:45:a8:fb:a6:34:b4:2e:8b:b0:21:c4:78:75:
e5:ad:e2:83:0d:f6:4c:34:f1:03:de:fb:7f:2c:35:
c4:00:0c:d9:33:49:8f:c5:0d:e2:55:d8:cc:6f:3c:
2e:30:df:d8:9c:e9:d5:83:57:24:fd:c2:2d:a0:20:
fd:5b:50:4e:24:8b:64:fb:8c:21:79:8d:ca:eb:74:
2f:8a:ef:f4:11:df:ee:6f:e6:01:8b:66:5d:1b:36:
db:c3:96:ae:78:0f:1a:67:2a:ce:5a:72:95:ad:8f:
00:7d:97:c6:60:b7:ad:f7:35:5e:2c:5e:2a:a1:69:
20:45:a1:d5:4d:13:24:27:de:ca:4e:68:67:5a:75:
c7:f0:e2:2b:75:18:31:1c:ff:84:da:0e:4e:25:7c:
5a:e8:18:cb:18:44:10:b4:16:67:02:e2:b5:aa:d6:
d3:f3:36:11:e1:a5:3c:04:09:9b:22:9b:75:08:e7:
84:c3:4c:9b:17:a2:b1:b1:cb:38:35:dd:f2:5f:b3:
89:0e:8e:d4:b1:33:36:f6:60:ba:a6:fd:b5:d6:34:
44:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:0C:D3:51:2D:6C:B4:1F:7C:34:A3:FF:66:D7:7B:D9:E9:9F:F2:7A
X509v3 Authority Key Identifier:
keyid:B9:14:64:76:77:73:F1:23:9B:64:6B:B6:6B:DC:F4:F7:FB:12:06:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRRkdndz8SObZGu2a9z09_sSBs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/kwzTUS1stB98NKP_Ztd72emf8no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/uRRkdndz8SObZGu2a9z09_sSBs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.7.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:90:ad:cd:e6:7c:52:70:88:7b:42:ed:91:0d:dc:05:ed:b1:
a5:a6:e0:a9:cf:f4:a5:37:8b:78:d4:8b:89:35:ef:76:c6:0e:
28:ec:30:0b:cb:1a:da:ab:07:bf:e0:50:26:d1:6f:e8:e3:7b:
66:09:6d:eb:12:f8:cb:7f:21:4e:28:b4:36:5d:06:8b:3e:e3:
26:b5:c9:63:f8:22:27:e4:5b:86:d1:dd:5a:c8:e2:4c:0e:66:
f3:b0:f7:95:4d:ad:27:50:85:b2:5d:6d:63:36:8a:1a:f5:a5:
2e:70:f8:02:a2:73:53:a1:22:d5:f1:58:6c:b0:c8:d3:a3:9c:
e9:a7:34:2c:8a:5e:d4:6c:15:91:1f:be:d4:18:cd:03:91:97:
e6:a1:9a:13:c0:57:3d:16:48:8a:64:1c:f4:9a:27:14:3a:7c:
b0:48:da:37:7f:d6:e2:27:e8:18:c2:4c:14:dc:b7:cb:f2:75:
48:fb:d6:a6:ad:01:b6:4b:88:b0:c3:54:44:c6:73:24:ca:32:
34:f1:0a:f8:f7:45:f1:28:90:f3:e1:7d:80:26:4b:3d:ae:75:
ab:8e:87:99:dd:31:89:f9:5d:3a:1b:29:66:66:46:ff:61:42:
f7:22:4b:3c:f0:18:3d:0b:03:50:39:f7:d8:18:2d:e5:3b:ba:
49:d8:f8:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmMyxcY8yki8a9es0MydNytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ2NDc2Nzc3M2YxMjM5YjY0NmJiNjZiZGNmNGY3ZmIx
MjA2Y2UwHhcNMjMwNzI1MTEyNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzBjZDM1MTJkNmNiNDFmN2MzNGEzZmY2NmQ3N2JkOWU5OWZmMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzS3tr5StHqa9GffNPIEPk/agzhO/
muAx7kEObyd/dMifU7SO3kiDiRa/6G78ykWo+6Y0tC6LsCHEeHXlreKDDfZMNPED
3vt/LDXEAAzZM0mPxQ3iVdjMbzwuMN/YnOnVg1ck/cItoCD9W1BOJItk+4wheY3K
63Qviu/0Ed/ub+YBi2ZdGzbbw5aueA8aZyrOWnKVrY8AfZfGYLet9zVeLF4qoWkg
RaHVTRMkJ97KTmhnWnXH8OIrdRgxHP+E2g5OJXxa6BjLGEQQtBZnAuK1qtbT8zYR
4aU8BAmbIpt1COeEw0ybF6Kxscs4Nd3yX7OJDo7UsTM29mC6pv211jREvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMM01EtbLQffDSj/2bXe9npn/J6MB8GA1UdIwQY
MBaAFLkUZHZ3c/Ejm2Rrtmvc9Pf7EgbOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJSa2RuZHo4U09iWkd1MmE5ejA5X3NTQnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xM2ZjZDEtZDgwNi00ZTU2LTg1MzMt
NDc1ZGJiYjBjMDhjLzEva3d6VFVTMXN0Qjk4TktQX1p0ZDcyZW1mOG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xM2ZjZDEtZDgwNi00ZTU2LTg1MzMtNDc1ZGJiYjBjMDhj
LzEvdVJSa2RuZHo4U09iWkd1MmE5ejA5X3NTQnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8AHMA0G
CSqGSIb3DQEBCwUAA4IBAQCOkK3N5nxScIh7Qu2RDdwF7bGlpuCpz/SlN4t41IuJ
Ne92xg4o7DALyxraqwe/4FAm0W/o43tmCW3rEvjLfyFOKLQ2XQaLPuMmtclj+CIn
5FuG0d1ayOJMDmbzsPeVTa0nUIWyXW1jNooa9aUucPgConNToSLV8VhssMjTo5zp
pzQsil7UbBWRH77UGM0DkZfmoZoTwFc9FkiKZBz0micUOnywSNo3f9biJ+gYwkwU
3LfL8nVI+9amrQG2S4iww1RExnMkyjI08Qr490XxKJDz4X2AJks9rnWrjoeZ3TGJ
+V06GylmZkb/YUL3Iks88Bg9CwNQOffYGC3lO7pJ2PgR
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:45:12 2025 by rpki-client