Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/kzlqlGzvnNBIcpovOQUTta1SdnQ.roa
File: kzlqlGzvnNBIcpovOQUTta1SdnQ.roa (raw, json)
Hash identifier: CpqWY/Bw9YUvGJFj3XTF92kVUfC34IdHunEnZUDzMQQ=
Subject key identifier: 93:39:6A:94:6C:EF:9C:D0:48:72:9A:2F:39:05:13:B5:AD:52:76:74
Certificate issuer: /CN=5990c1553762ac9af57df9b58d9dc50af409c566
Certificate serial: 01856DD3E6937DAE6B3B05F892E8F1733B09
Authority key identifier: 59:90:C1:55:37:62:AC:9A:F5:7D:F9:B5:8D:9D:C5:0A:F4:09:C5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WZDBVTdirJr1ffm1jZ3FCvQJxWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/kzlqlGzvnNBIcpovOQUTta1SdnQ.roa
Signing time: Sun 01 Jan 2023 14:54:41 +0000
ROA not before: Sun 01 Jan 2023 14:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41227
IP address blocks: 193.29.17.0/24 maxlen: 24
193.29.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d3:e6:93:7d:ae:6b:3b:05:f8:92:e8:f1:73:3b:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5990c1553762ac9af57df9b58d9dc50af409c566
Validity
Not Before: Jan 1 14:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93396a946cef9cd048729a2f390513b5ad527674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2a:8b:c0:b4:0e:ac:54:06:62:59:c2:76:8a:
8a:fe:39:1d:15:af:03:7d:01:40:bb:b4:6b:3e:f8:
49:2a:e9:fa:02:c1:55:a0:3c:99:d8:86:d5:6c:b7:
18:0e:4e:e7:6b:a7:ff:10:85:ca:93:6f:59:eb:92:
29:c8:50:71:be:7c:05:9c:89:54:dd:53:3f:60:b4:
25:25:15:0b:2f:56:53:5e:81:9c:7d:67:42:dc:2d:
5c:b9:c0:6a:ca:5e:ec:f8:e6:5e:2f:3e:ec:7a:54:
7c:87:9f:4c:48:44:6c:7f:bf:7c:41:90:1f:d0:81:
e9:97:22:d9:64:8b:d8:a3:0e:24:a9:8b:b7:00:a7:
ac:99:69:bc:1b:4b:30:a4:fb:88:b5:2e:70:06:16:
ea:fc:ba:2a:5c:f9:a3:31:c9:3d:ff:8f:83:ff:28:
a0:34:2b:e5:40:40:38:ad:f6:bd:dc:51:fd:62:7a:
f2:3b:69:bc:10:18:c4:6b:61:f4:9c:92:24:7c:20:
40:d0:55:78:1e:80:d5:49:a6:9f:4a:4d:3e:4e:fc:
07:1a:9b:21:a6:f8:5f:2c:94:34:5c:d8:4a:24:09:
72:5c:2e:8a:2b:2a:ea:a3:cc:15:34:f2:7c:49:f2:
d3:fb:a7:f5:95:3a:40:bd:92:47:db:50:38:e7:5f:
b4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:39:6A:94:6C:EF:9C:D0:48:72:9A:2F:39:05:13:B5:AD:52:76:74
X509v3 Authority Key Identifier:
keyid:59:90:C1:55:37:62:AC:9A:F5:7D:F9:B5:8D:9D:C5:0A:F4:09:C5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WZDBVTdirJr1ffm1jZ3FCvQJxWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/kzlqlGzvnNBIcpovOQUTta1SdnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/WZDBVTdirJr1ffm1jZ3FCvQJxWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.17.0/24
193.29.24.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:2f:3d:b5:7c:db:56:31:8d:49:52:31:10:f7:81:dd:2a:13:
27:da:22:02:00:ac:3e:d6:da:e4:04:f7:7d:c2:7b:e2:31:4c:
27:7e:9f:e7:85:16:9a:cf:a2:41:10:94:4f:ae:c9:ee:53:8d:
be:ce:bd:e1:a9:ea:d2:10:38:ea:ca:d1:ec:8d:62:9a:cd:8a:
86:96:f1:0c:0c:f4:a3:81:75:a6:ef:a2:95:ed:cd:bc:5d:da:
21:d5:42:26:99:4a:c8:ba:e6:42:60:15:0c:20:f5:05:97:69:
8d:37:1c:2d:a9:d2:32:57:71:e3:71:6c:5d:2b:25:8d:66:da:
01:25:39:dc:56:91:70:e2:6e:01:8d:92:59:43:db:74:f1:0e:
a9:0f:6e:5c:2c:46:f6:cc:7e:e7:b6:0f:ca:06:54:b2:4f:d3:
f1:26:08:8e:73:be:7a:f7:f1:81:cc:cb:c1:3b:b9:94:16:a8:
f2:bf:d0:d6:00:f9:fd:c0:ff:a3:13:d3:e0:07:e5:85:d9:3f:
68:c8:89:0a:d8:3d:5e:13:6b:d3:f9:33:df:e7:3e:3b:e2:91:
cc:5a:7b:ba:a1:a4:9e:48:42:47:2b:9d:14:13:69:be:d5:10:
40:0a:ed:33:ee:07:88:17:b7:2d:00:a7:dd:df:67:61:5a:f2:
16:13:1a:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt0+aTfa5rOwX4kujxczsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OTBjMTU1Mzc2MmFjOWFmNTdkZjliNThkOWRjNTBhZjQw
OWM1NjYwHhcNMjMwMTAxMTQ1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzM5NmE5NDZjZWY5Y2QwNDg3MjlhMmYzOTA1MTNiNWFkNTI3Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyqLwLQOrFQGYlnCdoqK/jkdFa8D
fQFAu7RrPvhJKun6AsFVoDyZ2IbVbLcYDk7na6f/EIXKk29Z65IpyFBxvnwFnIlU
3VM/YLQlJRULL1ZTXoGcfWdC3C1cucBqyl7s+OZeLz7selR8h59MSERsf798QZAf
0IHplyLZZIvYow4kqYu3AKesmWm8G0swpPuItS5wBhbq/LoqXPmjMck9/4+D/yig
NCvlQEA4rfa93FH9YnryO2m8EBjEa2H0nJIkfCBA0FV4HoDVSaafSk0+TvwHGpsh
pvhfLJQ0XNhKJAlyXC6KKyrqo8wVNPJ8SfLT+6f1lTpAvZJH21A451+0yQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJM5apRs75zQSHKaLzkFE7WtUnZ0MB8GA1UdIwQY
MBaAFFmQwVU3Yqya9X35tY2dxQr0CcVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1pEQlZUZGlySnIxZmZtMWpaM0ZDdlFKeFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9hOGY4ZTEtZGNlMi00N2VmLTgyNGUt
YmVmMTAzNGVkYmU1LzEva3pscWxHenZuTkJJY3Bvdk9RVVR0YTFTZG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9hOGY4ZTEtZGNlMi00N2VmLTgyNGUtYmVmMTAzNGVkYmU1
LzEvV1pEQlZUZGlySnIxZmZtMWpaM0ZDdlFKeFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwR0RAwQA
wR0YMA0GCSqGSIb3DQEBCwUAA4IBAQCcLz21fNtWMY1JUjEQ94HdKhMn2iICAKw+
1trkBPd9wnviMUwnfp/nhRaaz6JBEJRPrsnuU42+zr3hqerSEDjqytHsjWKazYqG
lvEMDPSjgXWm76KV7c28Xdoh1UImmUrIuuZCYBUMIPUFl2mNNxwtqdIyV3HjcWxd
KyWNZtoBJTncVpFw4m4BjZJZQ9t08Q6pD25cLEb2zH7ntg/KBlSyT9PxJgiOc756
9/GBzMvBO7mUFqjyv9DWAPn9wP+jE9PgB+WF2T9oyIkK2D1eE2vT+TPf5z474pHM
Wnu6oaSeSEJHK50UE2m+1RBACu0z7geIF7ctAKfd32dhWvIWExre
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:04:59 2025 by rpki-client