Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KZmajfecXtoWeGNbH0sCVqkOGlA.roa
File: KZmajfecXtoWeGNbH0sCVqkOGlA.roa (raw, json)
Hash identifier: HK5gO1Zhw40Dnd3HiZQ8UFtXT7zUHe1fRM7juYx5UgM=
Subject key identifier: 29:99:9A:8D:F7:9C:5E:DA:16:78:63:5B:1F:4B:02:56:A9:0E:1A:50
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 01855D7EB042F7D380D40AB4766368B84BEC
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KZmajfecXtoWeGNbH0sCVqkOGlA.roa
Signing time: Thu 29 Dec 2022 10:47:41 +0000
ROA not before: Thu 29 Dec 2022 10:47:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39826
IP address blocks: 94.250.32.0/23 maxlen: 23
94.250.33.0/24 maxlen: 24
94.250.34.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:7e:b0:42:f7:d3:80:d4:0a:b4:76:63:68:b8:4b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Dec 29 10:47:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29999a8df79c5eda1678635b1f4b0256a90e1a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2d:ba:e3:f5:c7:c6:57:09:0f:1b:90:a2:d8:
dd:2f:97:b4:31:17:16:10:4d:8b:98:c6:63:49:cf:
9f:96:98:ab:6f:b8:e2:6c:9b:0b:99:b4:92:05:ee:
51:83:ab:ad:8d:1d:cf:32:98:24:95:0f:5d:bb:e9:
70:8f:4e:4e:50:82:08:02:cc:32:ea:f1:8c:1d:f5:
54:06:54:4d:b2:f7:e4:d4:49:58:13:ad:f5:a1:3d:
81:21:f5:7d:9e:02:e8:2d:ef:d9:04:7d:d0:9f:a5:
8e:6f:15:f9:49:98:18:34:ec:65:54:27:59:6f:8b:
08:89:ba:40:3f:b2:e7:73:62:cb:df:6a:c4:dc:91:
0a:40:6a:16:0c:44:10:2b:16:8f:6e:ce:39:2e:7c:
57:f7:da:5a:21:f4:28:32:b0:a8:cd:d4:72:0c:00:
cf:b6:04:ac:bf:36:f8:a1:1f:8a:6a:40:96:11:0e:
33:0a:a5:e9:a1:a1:5e:14:f4:1b:51:8f:c9:e3:8d:
4b:69:ce:68:d8:ac:2c:dc:9b:0d:9c:bd:e2:f3:25:
3a:68:01:2d:d2:7f:fc:94:8e:85:89:31:48:56:0b:
08:55:d7:d3:18:87:32:00:65:12:cd:f3:15:34:5e:
19:2b:be:63:82:76:4c:d6:91:f0:89:3a:01:c0:83:
42:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:99:9A:8D:F7:9C:5E:DA:16:78:63:5B:1F:4B:02:56:A9:0E:1A:50
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KZmajfecXtoWeGNbH0sCVqkOGlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.32.0/22
Signature Algorithm: sha256WithRSAEncryption
84:33:05:af:e7:88:b3:49:07:d0:c7:fd:bc:ca:bd:24:ac:89:
48:51:0e:16:0d:a3:01:13:48:e8:23:77:f1:f5:b1:9b:bf:a3:
8a:8a:b9:ec:73:14:8e:df:26:c8:bf:87:68:8b:48:de:3f:c5:
0a:1a:6e:c0:56:58:d4:39:5c:11:f0:05:0f:62:77:c2:70:f1:
ec:c5:52:24:b0:4b:76:a2:ba:cf:01:90:5c:04:96:87:5d:6a:
39:0b:12:ae:79:4c:27:70:a1:a7:35:3f:a8:af:31:a7:ba:fb:
8e:88:77:5f:de:8d:bd:76:e4:fb:ef:ed:7c:fe:ea:b6:06:27:
93:ad:d9:26:21:51:4f:2c:1e:ec:8a:9c:12:91:72:e0:05:53:
a7:ac:f1:44:0d:bf:5e:19:43:ec:51:a8:c9:e7:a2:39:3c:18:
be:b3:c4:35:db:11:45:bf:0e:8f:72:3c:59:4c:db:02:f0:43:
0b:8d:f5:f0:54:36:65:21:1a:64:12:3a:31:0a:09:24:3f:f3:
22:90:a5:57:36:53:88:44:8d:0d:b8:ec:af:77:1b:9a:02:8f:
a7:aa:96:79:65:c4:15:2b:89:33:81:36:1e:99:48:be:90:56:
de:04:02:5e:2e:b8:78:5c:56:34:8f:b7:90:82:9d:16:ad:b3:
b8:97:7b:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVdfrBC99OA1Aq0dmNouEvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjIxMjI5MTA0NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk5OWE4ZGY3OWM1ZWRhMTY3ODYzNWIxZjRiMDI1NmE5MGUxYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli264/XHxlcJDxuQotjdL5e0MRcW
EE2LmMZjSc+flpirb7jibJsLmbSSBe5Rg6utjR3PMpgklQ9du+lwj05OUIIIAswy
6vGMHfVUBlRNsvfk1ElYE631oT2BIfV9ngLoLe/ZBH3Qn6WObxX5SZgYNOxlVCdZ
b4sIibpAP7Lnc2LL32rE3JEKQGoWDEQQKxaPbs45LnxX99paIfQoMrCozdRyDADP
tgSsvzb4oR+KakCWEQ4zCqXpoaFeFPQbUY/J441Lac5o2Kws3JsNnL3i8yU6aAEt
0n/8lI6FiTFIVgsIVdfTGIcyAGUSzfMVNF4ZK75jgnZM1pHwiToBwINCVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmZmo33nF7aFnhjWx9LAlapDhpQMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvS1ptYWpmZWNYdG9XZUdOYkgwc0NWcWtPR2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXvogMA0G
CSqGSIb3DQEBCwUAA4IBAQCEMwWv54izSQfQx/28yr0krIlIUQ4WDaMBE0joI3fx
9bGbv6OKirnscxSO3ybIv4doi0jeP8UKGm7AVljUOVwR8AUPYnfCcPHsxVIksEt2
orrPAZBcBJaHXWo5CxKueUwncKGnNT+orzGnuvuOiHdf3o29duT77+18/uq2BieT
rdkmIVFPLB7sipwSkXLgBVOnrPFEDb9eGUPsUajJ56I5PBi+s8Q12xFFvw6PcjxZ
TNsC8EMLjfXwVDZlIRpkEjoxCgkkP/MikKVXNlOIRI0NuOyvdxuaAo+nqpZ5ZcQV
K4kzgTYemUi+kFbeBAJeLrh4XFY0j7eQgp0WrbO4l3sT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:32 2025 by rpki-client