Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fa02cb-b378-4fa7-8803-8eaad0b049a7/1/KSASED96BRJyq91S2Xp30StQhAo.roa
File: KSASED96BRJyq91S2Xp30StQhAo.roa (raw, json)
Hash identifier: X75+mQDLC6Ee2haTU27dWjlO3A2H326bpZF6c0HV6wg=
Subject key identifier: 29:20:12:10:3F:7A:05:12:72:AB:DD:52:D9:7A:77:D1:2B:50:84:0A
Certificate issuer: /CN=93c5f10af8bcb5fc6e34a473b4a6cae7ad02d902
Certificate serial: 01853E98884AEDC57C8DFA6D90B7A0A81B4B
Authority key identifier: 93:C5:F1:0A:F8:BC:B5:FC:6E:34:A4:73:B4:A6:CA:E7:AD:02:D9:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k8XxCvi8tfxuNKRztKbK560C2QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fa02cb-b378-4fa7-8803-8eaad0b049a7/1/KSASED96BRJyq91S2Xp30StQhAo.roa
Signing time: Fri 23 Dec 2022 10:47:41 +0000
ROA not before: Fri 23 Dec 2022 10:47:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204954
IP address blocks: 91.244.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:98:88:4a:ed:c5:7c:8d:fa:6d:90:b7:a0:a8:1b:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93c5f10af8bcb5fc6e34a473b4a6cae7ad02d902
Validity
Not Before: Dec 23 10:47:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=292012103f7a051272abdd52d97a77d12b50840a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c3:74:77:dd:f3:be:9a:af:d7:16:05:4f:7c:
a2:4d:f9:4f:35:0a:3d:4d:0f:10:4e:14:21:64:92:
49:32:32:d6:0d:63:5e:94:ba:8e:5a:c9:c5:10:65:
10:13:04:57:db:85:1b:1e:27:bc:78:29:71:ec:33:
6b:42:bf:aa:1a:76:90:29:9c:02:85:ec:c3:a8:dd:
48:f5:f2:8d:d3:8d:19:f5:d0:d3:d7:b5:44:fa:b1:
cf:82:8d:4e:16:c5:11:65:12:10:7e:fb:94:73:dc:
20:cb:ee:cd:1d:a1:13:d1:9b:6c:9c:05:ca:08:c4:
96:35:6e:e4:11:7c:89:52:01:e4:98:18:32:85:56:
15:8e:75:27:6a:d9:14:97:6e:05:7c:86:92:42:60:
a7:6c:2c:a4:fd:48:33:04:70:0d:bc:53:35:f6:6b:
ca:81:c8:21:ca:54:fe:e3:cf:ec:c1:8b:8e:fb:25:
38:3a:29:97:18:c7:c1:92:29:19:b2:0e:c4:d3:1f:
fb:ec:a0:5b:bb:47:91:34:c1:ef:df:0b:97:5f:dd:
0d:b4:5e:cb:61:91:2a:8f:98:ca:6b:c0:c5:89:80:
e2:88:0d:6d:e2:43:05:ef:14:db:d6:30:06:b9:2b:
18:81:e1:61:99:de:53:d9:dd:1b:42:9c:38:f7:17:
c1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:20:12:10:3F:7A:05:12:72:AB:DD:52:D9:7A:77:D1:2B:50:84:0A
X509v3 Authority Key Identifier:
keyid:93:C5:F1:0A:F8:BC:B5:FC:6E:34:A4:73:B4:A6:CA:E7:AD:02:D9:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k8XxCvi8tfxuNKRztKbK560C2QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fa02cb-b378-4fa7-8803-8eaad0b049a7/1/KSASED96BRJyq91S2Xp30StQhAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fa02cb-b378-4fa7-8803-8eaad0b049a7/1/k8XxCvi8tfxuNKRztKbK560C2QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.126.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:db:19:cd:2f:ed:cb:fd:14:73:89:68:06:ec:b9:93:85:0d:
1c:88:1d:b0:d0:86:40:ed:ed:80:e3:2d:66:b9:d1:fe:57:f2:
ea:0d:d0:4a:d1:b5:20:68:29:2a:68:1e:4b:3e:12:12:83:9c:
ee:2e:db:42:e0:41:78:03:37:de:d0:3d:8d:b7:7f:33:45:e1:
4c:da:3c:f9:6a:15:4a:6d:15:c6:46:6c:50:83:12:6e:b5:97:
34:1a:c1:e8:85:20:9f:b9:d1:fe:e2:72:b9:48:82:dc:d4:bb:
db:a6:a4:3c:58:3a:f1:b3:88:fc:41:80:a8:7c:00:67:4f:be:
71:85:e6:34:e7:e1:1e:0d:8a:68:5a:62:e0:2f:c1:d8:45:8d:
29:cb:a6:4f:5a:8b:18:2f:0f:47:38:14:74:27:db:61:df:38:
fa:de:4e:c5:49:50:09:70:b5:5b:d8:4a:65:68:06:3f:15:05:
6f:7a:85:a7:76:94:45:ae:e8:95:81:4b:f2:fc:22:fb:ba:4a:
ea:4a:76:97:40:a9:f3:61:a3:34:0d:04:ef:62:17:9d:a5:5f:
74:03:fa:32:a3:b1:35:c1:65:6b:3b:26:27:3d:ae:65:fe:19:
d8:89:9f:e7:3a:6a:ed:46:b8:54:1f:89:b5:92:20:6a:ae:d3:
36:be:4a:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU+mIhK7cV8jfptkLegqBtLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYzVmMTBhZjhiY2I1ZmM2ZTM0YTQ3M2I0YTZjYWU3YWQw
MmQ5MDIwHhcNMjIxMjIzMTA0NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTIwMTIxMDNmN2EwNTEyNzJhYmRkNTJkOTdhNzdkMTJiNTA4NDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcN0d93zvpqv1xYFT3yiTflPNQo9
TQ8QThQhZJJJMjLWDWNelLqOWsnFEGUQEwRX24UbHie8eClx7DNrQr+qGnaQKZwC
hezDqN1I9fKN040Z9dDT17VE+rHPgo1OFsURZRIQfvuUc9wgy+7NHaET0ZtsnAXK
CMSWNW7kEXyJUgHkmBgyhVYVjnUnatkUl24FfIaSQmCnbCyk/UgzBHANvFM19mvK
gcghylT+48/swYuO+yU4OimXGMfBkikZsg7E0x/77KBbu0eRNMHv3wuXX90NtF7L
YZEqj5jKa8DFiYDiiA1t4kMF7xTb1jAGuSsYgeFhmd5T2d0bQpw49xfB9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkgEhA/egUScqvdUtl6d9ErUIQKMB8GA1UdIwQY
MBaAFJPF8Qr4vLX8bjSkc7SmyuetAtkCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazhYeEN2aTh0Znh1TktSenRLYks1NjBDMlFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYTAyY2ItYjM3OC00ZmE3LTg4MDMt
OGVhYWQwYjA0OWE3LzEvS1NBU0VEOTZCUkp5cTkxUzJYcDMwU3RRaEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYTAyY2ItYjM3OC00ZmE3LTg4MDMtOGVhYWQwYjA0OWE3
LzEvazhYeEN2aTh0Znh1TktSenRLYks1NjBDMlFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/R+MA0G
CSqGSIb3DQEBCwUAA4IBAQB82xnNL+3L/RRziWgG7LmThQ0ciB2w0IZA7e2A4y1m
udH+V/LqDdBK0bUgaCkqaB5LPhISg5zuLttC4EF4Azfe0D2Nt38zReFM2jz5ahVK
bRXGRmxQgxJutZc0GsHohSCfudH+4nK5SILc1LvbpqQ8WDrxs4j8QYCofABnT75x
heY05+EeDYpoWmLgL8HYRY0py6ZPWosYLw9HOBR0J9th3zj63k7FSVAJcLVb2Epl
aAY/FQVveoWndpRFruiVgUvy/CL7ukrqSnaXQKnzYaM0DQTvYhedpV90A/oyo7E1
wWVrOyYnPa5l/hnYiZ/nOmrtRrhUH4m1kiBqrtM2vkpR
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:07:17 2025 by rpki-client