Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/ee97b4-feca-4d3d-82d3-1538e2a3ad22/1/KZ_xbqCPzwdKwC0uhjv0P5zCYyY.roa
File: KZ_xbqCPzwdKwC0uhjv0P5zCYyY.roa (raw, json)
Hash identifier: 8z+8BRuPlpENmEMj93k4YRh4UWR+bXA/zjD1z68r6aM=
Subject key identifier: 29:9F:F1:6E:A0:8F:CF:07:4A:C0:2D:2E:86:3B:F4:3F:9C:C2:63:26
Certificate issuer: /CN=8ad7629c11b68020d73d9b65c54e5043c3414194
Certificate serial: 035B04C0
Authority key identifier: 8A:D7:62:9C:11:B6:80:20:D7:3D:9B:65:C5:4E:50:43:C3:41:41:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itdinBG2gCDXPZtlxU5QQ8NBQZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/ee97b4-feca-4d3d-82d3-1538e2a3ad22/1/KZ_xbqCPzwdKwC0uhjv0P5zCYyY.roa
Signing time: Sat 01 Jan 2022 15:06:35 +0000
ROA not before: Sat 01 Jan 2022 15:06:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44486
IP address blocks: 185.229.248.0/24 maxlen: 24
2a10:b680::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56296640 (0x35b04c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad7629c11b68020d73d9b65c54e5043c3414194
Validity
Not Before: Jan 1 15:06:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=299ff16ea08fcf074ac02d2e863bf43f9cc26326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b8:e4:55:4c:20:f5:be:5e:1c:83:8c:84:f7:
9f:33:cd:f0:66:bf:72:37:63:3c:d4:6b:01:14:5d:
11:7b:69:8e:8c:eb:b5:d0:ae:18:3a:7e:87:5f:6f:
cb:52:76:e7:2c:8c:be:93:0d:1f:3e:df:14:3b:c6:
34:11:14:02:fe:cc:0a:ef:24:aa:68:01:e6:50:f4:
a9:52:7d:dd:c4:3c:8b:2f:db:7a:d6:49:65:19:4a:
15:4a:5f:31:b6:15:43:6a:a6:67:60:df:1b:6e:da:
65:50:2c:9c:1e:6f:d4:22:83:c4:94:a5:0f:9c:70:
1c:93:73:d7:72:52:16:60:29:d6:74:ff:0f:c1:fb:
0c:a4:61:04:65:99:26:b1:73:30:d2:48:b8:57:81:
c7:89:14:db:17:20:15:91:b3:90:57:93:c7:be:87:
b0:8c:fa:33:83:f8:5b:bc:2d:4e:37:17:05:0a:02:
eb:78:b8:d7:a8:a2:a9:3f:55:eb:42:f6:04:29:04:
c8:8d:4f:e1:d2:21:0c:03:26:99:cb:26:b6:74:8b:
df:9a:32:c3:1f:21:12:36:74:3e:03:b2:d6:79:a2:
36:8a:75:b3:78:8f:a1:62:68:e6:f1:97:09:31:0b:
b3:6d:6e:f7:1f:ea:9f:98:7b:79:5f:32:09:01:e8:
55:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9F:F1:6E:A0:8F:CF:07:4A:C0:2D:2E:86:3B:F4:3F:9C:C2:63:26
X509v3 Authority Key Identifier:
keyid:8A:D7:62:9C:11:B6:80:20:D7:3D:9B:65:C5:4E:50:43:C3:41:41:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itdinBG2gCDXPZtlxU5QQ8NBQZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ee97b4-feca-4d3d-82d3-1538e2a3ad22/1/KZ_xbqCPzwdKwC0uhjv0P5zCYyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ee97b4-feca-4d3d-82d3-1538e2a3ad22/1/itdinBG2gCDXPZtlxU5QQ8NBQZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.248.0/24
IPv6:
2a10:b680::/32
Signature Algorithm: sha256WithRSAEncryption
46:25:9e:cc:3b:fc:76:4d:7b:3a:25:06:78:e3:72:1a:68:15:
d5:af:a6:38:ea:28:eb:c8:de:ea:ab:02:99:3c:07:ca:40:27:
fa:8d:d9:da:d4:15:78:eb:5f:90:02:5c:b9:b8:03:1f:f6:ff:
ea:67:1e:57:66:f7:b8:1e:81:a8:3d:ae:0d:55:4a:5d:c4:13:
8e:8f:e2:88:11:24:12:66:70:98:5a:f1:64:7a:a6:9c:31:fd:
ba:b3:aa:b5:b0:7a:20:84:3c:84:d8:35:ea:38:80:8c:a0:4d:
b0:43:69:a3:8b:1c:5c:6a:02:6e:6f:c4:ce:ce:77:9e:54:32:
94:73:07:9b:2e:c6:7e:d7:f4:95:5d:ce:ea:b0:1a:93:e0:56:
b4:a7:82:76:f4:93:d9:6f:43:e4:02:c9:2f:aa:5e:aa:a3:fe:
b7:aa:b3:5c:55:d5:a0:0e:c4:ff:53:bd:3b:6f:01:bb:ef:31:
b5:53:0a:d3:c1:26:18:b5:db:d8:8f:83:b1:ad:d2:36:95:22:
3f:43:15:f0:a9:55:51:09:bd:30:fe:35:66:8d:21:1f:d4:25:
e1:fd:94:02:34:87:ae:ef:d4:4a:80:86:5f:d3:e1:9f:e7:86:
98:a0:dc:11:49:84:48:0b:bb:6d:70:cd:46:c5:75:2a:ef:59:
c7:29:b1:9b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA1sEwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YWQ3NjI5YzExYjY4MDIwZDczZDliNjVjNTRlNTA0M2MzNDE0MTk0MB4XDTIyMDEw
MTE1MDYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk5ZmYxNmVhMDhm
Y2YwNzRhYzAyZDJlODYzYmY0M2Y5Y2MyNjMyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKq45FVMIPW+XhyDjIT3nzPN8Ga/cjdjPNRrARRdEXtpjozr
tdCuGDp+h19vy1J25yyMvpMNHz7fFDvGNBEUAv7MCu8kqmgB5lD0qVJ93cQ8iy/b
etZJZRlKFUpfMbYVQ2qmZ2DfG27aZVAsnB5v1CKDxJSlD5xwHJNz13JSFmAp1nT/
D8H7DKRhBGWZJrFzMNJIuFeBx4kU2xcgFZGzkFeTx76HsIz6M4P4W7wtTjcXBQoC
63i416iiqT9V60L2BCkEyI1P4dIhDAMmmcsmtnSL35oywx8hEjZ0PgOy1nmiNop1
s3iPoWJo5vGXCTELs21u9x/qn5h7eV8yCQHoVY8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQpn/FuoI/PB0rALS6GO/Q/nMJjJjAfBgNVHSMEGDAWgBSK12KcEbaAINc9
m2XFTlBDw0FBlDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2l0ZGluQkcyZ0NEWFBadGx4VTVRUThOQlFaUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvZWU5N2I0LWZlY2EtNGQzZC04MmQzLTE1MzhlMmEzYWQyMi8x
L0taX3hicUNQendkS3dDMHVoanYwUDV6Q1l5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
ZWU5N2I0LWZlY2EtNGQzZC04MmQzLTE1MzhlMmEzYWQyMi8xL2l0ZGluQkcyZ0NE
WFBadGx4VTVRUThOQlFaUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnl+DANBAIAAjAHAwUAKhC2gDAN
BgkqhkiG9w0BAQsFAAOCAQEARiWezDv8dk17OiUGeONyGmgV1a+mOOoo68je6qsC
mTwHykAn+o3Z2tQVeOtfkAJcubgDH/b/6mceV2b3uB6BqD2uDVVKXcQTjo/iiBEk
EmZwmFrxZHqmnDH9urOqtbB6IIQ8hNg16jiAjKBNsENpo4scXGoCbm/Ezs53nlQy
lHMHmy7Gftf0lV3O6rAak+BWtKeCdvST2W9D5ALJL6peqqP+t6qzXFXVoA7E/1O9
O28Bu+8xtVMK08EmGLXb2I+Dsa3SNpUiP0MV8KlVUQm9MP41Zo0hH9Ql4f2UAjSH
ru/USoCGX9Phn+eGmKDcEUmESAu7bXDNRsV1Ku9Zxymxmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:06 2024 by rpki-client on console-fra.rpki-client.org