Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/KZYAE_dUqjTx30P9nxQQq6Th0mQ.roa
File: KZYAE_dUqjTx30P9nxQQq6Th0mQ.roa (raw, json)
Hash identifier: P9kLm2XzATlpW2Rh3TIbZn/pyVyhU7dGBp2bF2hMjfE=
Subject key identifier: 29:96:00:13:F7:54:AA:34:F1:DF:43:FD:9F:14:10:AB:A4:E1:D2:64
Certificate issuer: /CN=4dd6e779a6c0f0b09216622380467dce2d11a318
Certificate serial: 01856F9E0571D57BC3A2CF19C3B78DC61E1D
Authority key identifier: 4D:D6:E7:79:A6:C0:F0:B0:92:16:62:23:80:46:7D:CE:2D:11:A3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdbneabA8LCSFmIjgEZ9zi0Roxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/KZYAE_dUqjTx30P9nxQQq6Th0mQ.roa
Signing time: Sun 01 Jan 2023 23:15:05 +0000
ROA not before: Sun 01 Jan 2023 23:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8758
IP address blocks: 91.229.102.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9e:05:71:d5:7b:c3:a2:cf:19:c3:b7:8d:c6:1e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd6e779a6c0f0b09216622380467dce2d11a318
Validity
Not Before: Jan 1 23:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29960013f754aa34f1df43fd9f1410aba4e1d264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:81:da:26:ad:fb:3f:05:8e:6f:71:4c:64:6a:
9b:e2:a6:fe:0e:20:74:14:25:d9:76:f7:63:7f:11:
08:e4:04:6d:fd:51:cd:52:ba:d3:38:9d:0e:20:b8:
5a:68:cb:dc:dd:4a:a1:68:e0:c9:b7:aa:c1:a9:99:
9b:63:a9:d0:99:9b:39:d6:88:a6:83:30:0c:25:6e:
f5:9f:85:3f:96:4b:51:1a:b4:5c:bf:5c:98:70:7f:
3d:f6:3d:0f:71:08:cf:48:82:8e:67:7f:34:21:1b:
5d:1a:58:39:70:5d:85:fc:f0:16:4c:0e:50:d3:09:
22:1a:d4:f2:47:53:84:d2:da:0f:41:65:10:81:86:
62:eb:af:84:b9:33:a8:6b:ac:a9:1f:a7:6a:9c:18:
e4:09:4d:dd:9d:30:41:57:12:cf:21:2c:db:13:7d:
a8:f7:9c:42:28:18:19:db:f4:f0:7f:58:6e:68:db:
96:5a:4f:82:a9:42:76:40:dd:fd:60:9f:fa:b0:0e:
f0:88:17:51:3b:c3:c3:45:dd:7e:67:a6:cd:be:dd:
a8:f5:a0:8d:24:6e:2d:0b:4d:4e:e3:94:87:45:9c:
64:f5:d7:98:d0:91:08:fc:49:2b:e8:f8:9f:89:94:
98:e2:ab:ee:0c:11:31:6b:be:61:7e:cd:4d:88:8e:
00:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:96:00:13:F7:54:AA:34:F1:DF:43:FD:9F:14:10:AB:A4:E1:D2:64
X509v3 Authority Key Identifier:
keyid:4D:D6:E7:79:A6:C0:F0:B0:92:16:62:23:80:46:7D:CE:2D:11:A3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdbneabA8LCSFmIjgEZ9zi0Roxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/KZYAE_dUqjTx30P9nxQQq6Th0mQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/TdbneabA8LCSFmIjgEZ9zi0Roxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.102.0/23
Signature Algorithm: sha256WithRSAEncryption
24:6c:d3:5d:da:94:44:12:81:d9:c8:08:3d:80:c9:2e:da:bd:
9c:fe:17:23:c5:ac:11:a6:3c:84:4d:11:f2:54:5d:aa:b0:52:
a7:39:ce:cd:3a:c8:7e:9c:d6:53:14:7d:b0:13:7d:c7:d2:f8:
e9:f5:e3:e0:6c:9d:9f:99:b8:b4:ec:46:dc:c5:ae:42:21:15:
4e:8f:a0:f5:15:91:70:2a:1b:22:3c:14:ed:c8:0b:a4:f4:59:
41:d2:21:80:0d:52:9d:a0:b9:c8:68:ab:65:14:a0:32:4b:ca:
86:a3:e0:42:6b:6d:49:3f:85:d1:7f:58:ef:6c:5f:74:77:f6:
69:b9:52:45:1a:d3:d5:1a:7e:49:b1:69:27:44:14:1f:3d:b5:
49:57:1f:bc:6e:2a:c2:01:fa:3d:29:f5:79:97:2a:f8:44:f7:
63:6e:48:28:b1:a7:8b:ed:08:b0:0c:97:0a:65:2c:a0:44:fc:
d8:29:f4:2b:a2:cc:0c:78:8d:c4:45:14:de:e5:97:2b:36:21:
d1:14:46:34:cb:81:a2:ec:d7:65:58:79:d1:ce:38:1e:b6:31:
c9:c3:0d:82:e5:18:41:97:b8:da:b7:2e:c3:35:01:93:d5:ed:
51:46:f5:f2:3b:8a:58:e8:2b:63:31:8d:4a:9d:90:4f:b7:ee:
be:32:e5:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvngVx1XvDos8Zw7eNxh4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDZlNzc5YTZjMGYwYjA5MjE2NjIyMzgwNDY3ZGNlMmQx
MWEzMTgwHhcNMjMwMTAxMjMxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk2MDAxM2Y3NTRhYTM0ZjFkZjQzZmQ5ZjE0MTBhYmE0ZTFkMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYHaJq37PwWOb3FMZGqb4qb+DiB0
FCXZdvdjfxEI5ARt/VHNUrrTOJ0OILhaaMvc3UqhaODJt6rBqZmbY6nQmZs51oim
gzAMJW71n4U/lktRGrRcv1yYcH899j0PcQjPSIKOZ380IRtdGlg5cF2F/PAWTA5Q
0wkiGtTyR1OE0toPQWUQgYZi66+EuTOoa6ypH6dqnBjkCU3dnTBBVxLPISzbE32o
95xCKBgZ2/Twf1huaNuWWk+CqUJ2QN39YJ/6sA7wiBdRO8PDRd1+Z6bNvt2o9aCN
JG4tC01O45SHRZxk9deY0JEI/Ekr6PifiZSY4qvuDBExa75hfs1NiI4A7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmWABP3VKo08d9D/Z8UEKuk4dJkMB8GA1UdIwQY
MBaAFE3W53mmwPCwkhZiI4BGfc4tEaMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRibmVhYkE4TENTRm1JamdFWjl6aTBSb3hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMGIyODUtZDAzOC00ZGU2LTkzNzQt
YzQ3MmU2MmViZWE4LzEvS1pZQUVfZFVxalR4MzBQOW54UVFxNlRoMG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMGIyODUtZDAzOC00ZGU2LTkzNzQtYzQ3MmU2MmViZWE4
LzEvVGRibmVhYkE4TENTRm1JamdFWjl6aTBSb3hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+VmMA0G
CSqGSIb3DQEBCwUAA4IBAQAkbNNd2pREEoHZyAg9gMku2r2c/hcjxawRpjyETRHy
VF2qsFKnOc7NOsh+nNZTFH2wE33H0vjp9ePgbJ2fmbi07Ebcxa5CIRVOj6D1FZFw
KhsiPBTtyAuk9FlB0iGADVKdoLnIaKtlFKAyS8qGo+BCa21JP4XRf1jvbF90d/Zp
uVJFGtPVGn5JsWknRBQfPbVJVx+8birCAfo9KfV5lyr4RPdjbkgosaeL7QiwDJcK
ZSygRPzYKfQroswMeI3ERRTe5ZcrNiHRFEY0y4Gi7NdlWHnRzjgetjHJww2C5RhB
l7jaty7DNQGT1e1RRvXyO4pY6CtjMY1KnZBPt+6+MuXP
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:08 2025 by rpki-client