Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/kgtzXaerin1Fc5trS22oK-t9Po4.roa
File: kgtzXaerin1Fc5trS22oK-t9Po4.roa (raw, json)
Hash identifier: D6RHP8IqvZJnqLiWrqA2Aq2Wx30E153lcwg8cnyIUFc=
Subject key identifier: 92:0B:73:5D:A7:AB:8A:7D:45:73:9B:6B:4B:6D:A8:2B:EB:7D:3E:8E
Certificate issuer: /CN=4ee52752a81bdfe0a401f9a261d79fee4b617115
Certificate serial: 0186A2FE21DBC1042B23345E312AAAB368FD
Authority key identifier: 4E:E5:27:52:A8:1B:DF:E0:A4:01:F9:A2:61:D7:9F:EE:4B:61:71:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuUnUqgb3-CkAfmiYdef7kthcRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/kgtzXaerin1Fc5trS22oK-t9Po4.roa
Signing time: Thu 02 Mar 2023 15:43:29 +0000
ROA not before: Thu 02 Mar 2023 15:43:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43623
IP address blocks: 149.219.8.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:fe:21:db:c1:04:2b:23:34:5e:31:2a:aa:b3:68:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee52752a81bdfe0a401f9a261d79fee4b617115
Validity
Not Before: Mar 2 15:43:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=920b735da7ab8a7d45739b6b4b6da82beb7d3e8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:49:92:06:47:aa:01:80:0b:6c:05:07:db:60:
00:b7:ed:ec:42:7f:71:8a:5e:1c:25:19:bd:2c:b5:
6d:0a:b2:63:a8:0e:c7:a2:02:40:37:79:b8:ef:bc:
5d:d4:60:88:db:1c:91:6e:4e:a4:b0:90:14:43:9d:
8c:aa:9d:7b:e1:cb:af:03:4d:89:f0:9a:7c:6a:2b:
79:2b:c8:84:91:f3:ba:10:d0:4e:a7:a0:ec:78:6e:
9c:30:df:94:31:6a:d3:84:dc:3c:f0:9c:6f:6f:56:
a7:b4:8f:be:c9:d8:d9:d4:7a:a5:c0:5e:4d:d5:01:
9e:d7:ab:a7:d1:a6:3f:74:1a:f9:47:aa:86:29:a0:
7d:20:a8:d9:5d:6d:b9:c7:e8:56:3d:a4:bb:af:0c:
bd:81:af:e8:bc:3b:87:0d:33:4e:7d:f6:a7:a3:fe:
9d:56:79:84:70:e1:60:4a:24:dc:24:62:d8:d5:4a:
fc:60:d2:58:17:c1:f8:d7:a5:d1:7c:74:c4:32:75:
9d:e4:e2:4b:ad:03:68:36:cf:94:76:2d:92:12:4e:
98:e2:b9:0b:71:20:ba:07:80:05:46:54:c1:5d:de:
41:96:11:20:49:be:0e:7d:30:dd:f1:1a:6e:63:8a:
ac:1b:8d:b0:1d:1b:62:e7:8b:b3:51:22:d6:16:7c:
b6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0B:73:5D:A7:AB:8A:7D:45:73:9B:6B:4B:6D:A8:2B:EB:7D:3E:8E
X509v3 Authority Key Identifier:
keyid:4E:E5:27:52:A8:1B:DF:E0:A4:01:F9:A2:61:D7:9F:EE:4B:61:71:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuUnUqgb3-CkAfmiYdef7kthcRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/kgtzXaerin1Fc5trS22oK-t9Po4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/TuUnUqgb3-CkAfmiYdef7kthcRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.219.8.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:36:45:5f:e6:6f:0c:a1:b5:c9:32:ed:cb:5e:3d:c1:02:1d:
6f:74:a6:63:4d:91:fc:66:61:4e:57:df:ba:14:c5:6f:f0:e9:
07:57:35:f3:63:ad:7d:4e:74:cf:d6:dd:78:3a:7d:a3:8b:b8:
56:cb:f0:b9:3d:e6:35:9d:db:89:4a:9c:9c:0a:50:23:70:22:
26:4e:c1:fe:2e:45:d8:01:d7:5c:6f:c5:38:d5:8e:f6:46:7f:
95:14:53:c1:a7:57:a5:8f:0a:22:bc:d5:1d:0d:b0:e4:0c:02:
46:97:8a:1b:33:70:8c:96:73:34:a8:de:2a:0d:90:77:95:81:
b2:86:03:a7:42:f5:6b:e3:c7:0e:2d:ef:19:90:c3:4d:9d:b3:
5a:78:97:a2:c6:c8:5b:cf:40:fd:7c:7b:0b:50:ee:59:cd:4a:
17:b5:45:13:14:25:a8:54:15:88:fe:4b:d1:fa:9e:74:33:3b:
c8:55:b2:00:b7:36:86:80:a8:b4:c4:29:59:59:b9:c3:39:47:
7c:d8:0c:33:82:a5:a7:2a:21:8a:c0:a9:d4:13:32:4f:59:ac:
51:f6:67:3a:fa:9b:af:1d:99:47:65:89:a3:63:3b:2e:0c:f9:
8f:00:1e:7a:75:4f:b4:93:39:5b:25:7e:bb:04:f3:8d:9c:83:
d4:24:67:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYai/iHbwQQrIzReMSqqs2j9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTUyNzUyYTgxYmRmZTBhNDAxZjlhMjYxZDc5ZmVlNGI2
MTcxMTUwHhcNMjMwMzAyMTU0MzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjBiNzM1ZGE3YWI4YTdkNDU3MzliNmI0YjZkYTgyYmViN2QzZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0mSBkeqAYALbAUH22AAt+3sQn9x
il4cJRm9LLVtCrJjqA7HogJAN3m477xd1GCI2xyRbk6ksJAUQ52Mqp174cuvA02J
8Jp8ait5K8iEkfO6ENBOp6DseG6cMN+UMWrThNw88Jxvb1antI++ydjZ1HqlwF5N
1QGe16un0aY/dBr5R6qGKaB9IKjZXW25x+hWPaS7rwy9ga/ovDuHDTNOffano/6d
VnmEcOFgSiTcJGLY1Ur8YNJYF8H416XRfHTEMnWd5OJLrQNoNs+Udi2SEk6Y4rkL
cSC6B4AFRlTBXd5BlhEgSb4OfTDd8RpuY4qsG42wHRti54uzUSLWFny2ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJILc12nq4p9RXOba0ttqCvrfT6OMB8GA1UdIwQY
MBaAFE7lJ1KoG9/gpAH5omHXn+5LYXEVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVVblVxZ2IzLUNrQWZtaVlkZWY3a3RoY1JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8zMWUwZDQtMzVjZS00ZDAyLTk3MzQt
ZDc4ZmI5N2Y5ODI4LzEva2d0elhhZXJpbjFGYzV0clMyMm9LLXQ5UG80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8zMWUwZDQtMzVjZS00ZDAyLTk3MzQtZDc4ZmI5N2Y5ODI4
LzEvVHVVblVxZ2IzLUNrQWZtaVlkZWY3a3RoY1JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBldsIMA0G
CSqGSIb3DQEBCwUAA4IBAQCbNkVf5m8MobXJMu3LXj3BAh1vdKZjTZH8ZmFOV9+6
FMVv8OkHVzXzY619TnTP1t14On2ji7hWy/C5PeY1nduJSpycClAjcCImTsH+LkXY
Addcb8U41Y72Rn+VFFPBp1eljwoivNUdDbDkDAJGl4obM3CMlnM0qN4qDZB3lYGy
hgOnQvVr48cOLe8ZkMNNnbNaeJeixshbz0D9fHsLUO5ZzUoXtUUTFCWoVBWI/kvR
+p50MzvIVbIAtzaGgKi0xClZWbnDOUd82AwzgqWnKiGKwKnUEzJPWaxR9mc6+puv
HZlHZYmjYzsuDPmPAB56dU+0kzlbJX67BPONnIPUJGcA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:09 2025 by rpki-client