Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/KZ_IZ9z_1ut4Wn4tXqmfIbLqJaE.roa
File: KZ_IZ9z_1ut4Wn4tXqmfIbLqJaE.roa (raw, json)
Hash identifier: cryIXKsuMdCfIdD8q4knY9pb7y+X1X/hsNNgRZqlmMI=
Subject key identifier: 29:9F:C8:67:DC:FF:D6:EB:78:5A:7E:2D:5E:A9:9F:21:B2:EA:25:A1
Certificate issuer: /CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Certificate serial: 018BC465A3B0DBD2635425D51661B8A541E8
Authority key identifier: 2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/KZ_IZ9z_1ut4Wn4tXqmfIbLqJaE.roa
Signing time: Sun 12 Nov 2023 16:37:57 +0000
ROA not before: Sun 12 Nov 2023 16:37:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216018
IP address blocks: 185.23.73.0/24 maxlen: 24
185.23.74.0/24 maxlen: 24
185.23.72.0/24 maxlen: 24
185.113.220.0/24 maxlen: 24
185.113.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c4:65:a3:b0:db:d2:63:54:25:d5:16:61:b8:a5:41:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Validity
Not Before: Nov 12 16:37:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=299fc867dcffd6eb785a7e2d5ea99f21b2ea25a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8a:34:2b:da:38:41:b3:31:6e:a9:a3:9f:22:
8e:12:d2:a7:60:d1:17:cd:f7:1a:76:4d:7e:f6:ba:
26:31:5a:d9:17:b9:e3:25:bc:c3:a6:40:93:29:20:
15:49:d0:aa:b9:c3:9d:1e:7f:ba:44:ba:52:a2:b7:
63:a6:e8:7d:eb:7d:12:97:66:fa:1b:e1:f7:e7:65:
5e:ef:68:17:36:25:9b:fe:f0:2d:3d:41:22:c9:9e:
21:fa:df:4f:0b:be:d7:80:c2:8b:04:ff:05:a9:63:
46:ea:45:2f:65:2e:f6:77:a6:e0:5d:b6:41:08:03:
52:c2:a4:99:d8:63:b0:de:f4:56:8c:c5:da:21:f8:
9a:23:9c:95:2f:2a:bb:3c:4f:5c:b9:98:6a:0e:18:
8d:0f:f6:58:ef:97:18:fb:5d:26:38:60:14:6f:83:
c2:74:78:94:7d:b9:24:a9:a1:46:55:c2:0a:5e:59:
78:16:a6:83:33:0f:29:a1:b5:f1:0d:1c:37:37:f4:
50:9f:c4:99:8c:b7:7f:86:58:72:33:4c:eb:fe:e1:
17:3f:00:25:29:36:50:7b:16:8d:a8:bf:51:87:2b:
31:9f:de:5b:e9:6a:76:ec:0b:cb:86:73:89:92:57:
ad:e1:a9:d8:9c:df:12:47:0c:92:6f:e9:54:a5:19:
3a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9F:C8:67:DC:FF:D6:EB:78:5A:7E:2D:5E:A9:9F:21:B2:EA:25:A1
X509v3 Authority Key Identifier:
keyid:2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/KZ_IZ9z_1ut4Wn4tXqmfIbLqJaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/LgqTM_k8ylRP2r4up6ZzilSvdZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.72.0-185.23.74.255
185.113.220.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:f3:ba:5d:55:2b:75:69:b3:59:01:fd:be:e9:6a:c3:eb:a7:
5f:68:e8:fb:6d:6c:ff:c8:68:9c:0c:44:34:95:46:7c:20:91:
37:f1:48:ff:02:0a:66:85:d2:d4:14:86:2f:ae:64:ce:9c:6b:
98:72:b6:e3:59:ec:11:32:c8:4d:31:1c:07:e8:48:5b:c4:d8:
4d:32:ba:5d:73:75:9b:78:e2:7f:75:7d:a1:a7:56:0f:8a:a2:
90:e8:39:c6:4a:d5:50:94:81:80:28:f1:be:08:1c:e3:85:a5:
c9:54:17:e0:c7:dc:6a:69:54:57:0a:38:bb:18:80:1c:ea:2f:
c1:18:dd:2d:3c:4c:44:a2:d1:3e:a4:31:0f:a9:51:5e:66:0e:
16:0e:a4:f5:15:8e:2a:44:6c:e2:02:bf:d9:9d:33:6b:5b:f6:
bc:ac:9e:e4:f2:2d:eb:df:a0:61:34:f3:26:33:44:02:8b:cd:
fd:24:53:ed:34:bd:e3:f3:36:f1:a2:1d:1b:64:85:9b:f1:30:
e6:43:e8:7b:38:40:4c:4f:75:84:55:1b:4a:fd:1f:36:b9:e7:
54:be:0f:7f:cb:49:54:81:c3:2d:d7:aa:e3:87:c7:59:a9:64:
b3:9d:97:66:61:83:8e:fb:89:09:ea:38:0d:08:4e:23:89:d9:
d3:ef:1d:fa
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYvEZaOw29JjVCXVFmG4pUHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGE5MzMzZjkzY2NhNTQ0ZmRhYmUyZWE3YTY3MzhhNTRh
Zjc1OWUwHhcNMjMxMTEyMTYzNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTlmYzg2N2RjZmZkNmViNzg1YTdlMmQ1ZWE5OWYyMWIyZWEyNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioo0K9o4QbMxbqmjnyKOEtKnYNEX
zfcadk1+9romMVrZF7njJbzDpkCTKSAVSdCqucOdHn+6RLpSordjpuh9630Sl2b6
G+H352Ve72gXNiWb/vAtPUEiyZ4h+t9PC77XgMKLBP8FqWNG6kUvZS72d6bgXbZB
CANSwqSZ2GOw3vRWjMXaIfiaI5yVLyq7PE9cuZhqDhiND/ZY75cY+10mOGAUb4PC
dHiUfbkkqaFGVcIKXll4FqaDMw8pobXxDRw3N/RQn8SZjLd/hlhyM0zr/uEXPwAl
KTZQexaNqL9Rhysxn95b6Wp27AvLhnOJklet4anYnN8SRwySb+lUpRk6nQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCmfyGfc/9breFp+LV6pnyGy6iWhMB8GA1UdIwQY
MBaAFC4KkzP5PMpUT9q+Lqemc4pUr3WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEt
MGEwYWFlYWVlNGYxLzEvS1pfSVo5el8xdXQ0V240dFhxbWZJYkxxSmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEtMGEwYWFlYWVlNGYx
LzEvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAO5F0gD
BAC5F0oDBAG5cdwwDQYJKoZIhvcNAQELBQADggEBAB/zul1VK3Vps1kB/b7pasPr
p19o6PttbP/IaJwMRDSVRnwgkTfxSP8CCmaF0tQUhi+uZM6ca5hytuNZ7BEyyE0x
HAfoSFvE2E0yul1zdZt44n91faGnVg+KopDoOcZK1VCUgYAo8b4IHOOFpclUF+DH
3GppVFcKOLsYgBzqL8EY3S08TESi0T6kMQ+pUV5mDhYOpPUVjipEbOICv9mdM2tb
9rysnuTyLevfoGE08yYzRAKLzf0kU+00vePzNvGiHRtkhZvxMOZD6Hs4QExPdYRV
G0r9Hza551S+D3/LSVSBwy3XquOHx1mpZLOdl2Zhg477iQnqOA0ITiOJ2dPvHfo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:55 2025 by rpki-client