Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/KLZQ7BbhWGRPipBRgUXgxE0ttTc.roa
File: KLZQ7BbhWGRPipBRgUXgxE0ttTc.roa (raw, json)
Hash identifier: BAqyOIwiAVXvhvN84+/gyNesRfPFj80P3AZhoqE4gt8=
Subject key identifier: 28:B6:50:EC:16:E1:58:64:4F:8A:90:51:81:45:E0:C4:4D:2D:B5:37
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41DCEFAF3875FF6BD5AAB80C7CD9DE
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/KLZQ7BbhWGRPipBRgUXgxE0ttTc.roa
Signing time: Sun 01 Jan 2023 16:54:48 +0000
ROA not before: Sun 01 Jan 2023 16:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49302
IP address blocks: 86.105.26.0/24 maxlen: 24
92.114.108.0/24 maxlen: 24
89.35.77.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:dc:ef:af:38:75:ff:6b:d5:aa:b8:0c:7c:d9:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28b650ec16e158644f8a90518145e0c44d2db537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4f:de:d5:6a:8a:39:b2:9f:36:d9:1a:8c:28:
58:0c:b2:3d:33:ec:79:e7:a4:3f:a6:de:7c:5d:8d:
1e:d0:63:a9:69:29:f8:2d:ed:41:2d:03:50:08:46:
92:e3:97:af:dc:84:ff:26:53:65:38:f4:5f:83:93:
b8:2f:52:b4:61:1f:fb:6c:47:c4:d3:2d:8a:15:c1:
e8:d8:ee:81:d0:03:72:fb:88:5a:13:38:2e:c2:c5:
cb:e8:f1:fc:ea:62:e0:57:30:1c:a0:f6:14:5b:7a:
0d:7c:6a:39:93:7a:22:24:2d:8a:ca:e3:a5:1c:e4:
ea:c7:1d:13:66:8c:4f:78:d9:a9:dc:78:74:ef:1c:
74:d4:22:48:a2:6d:72:f1:46:60:29:a6:8c:73:1d:
0b:5d:62:e9:1c:1d:b3:09:d7:b5:c4:39:7b:fc:73:
8f:fb:86:9a:b9:70:ed:10:76:c6:11:4a:a5:8a:6e:
b0:9e:6e:bb:af:78:20:08:67:a5:46:64:ec:50:78:
c4:3d:9b:4d:ad:e4:85:ce:ff:56:06:ec:c8:5a:9e:
09:da:d6:27:38:a5:8c:96:d2:d2:73:a9:de:57:c9:
9e:bf:d9:70:96:e7:97:16:c9:8c:3b:8e:8f:a1:ee:
63:c0:f8:32:60:4a:a3:13:41:8e:37:20:3a:82:3e:
54:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B6:50:EC:16:E1:58:64:4F:8A:90:51:81:45:E0:C4:4D:2D:B5:37
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/KLZQ7BbhWGRPipBRgUXgxE0ttTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.26.0/24
89.35.77.0/24
92.114.108.0/24
Signature Algorithm: sha256WithRSAEncryption
19:ab:26:7b:f7:0c:6a:26:eb:90:57:ce:72:49:1e:49:93:f5:
92:d1:3a:3b:49:87:59:ff:62:c2:0c:ae:53:10:cc:a4:90:e4:
1b:e9:90:3e:97:d8:b1:8a:a9:87:72:d3:ed:ed:4b:94:5c:22:
f5:d9:ec:16:4a:47:e0:af:e0:49:d6:b0:99:bc:46:a0:6e:7d:
37:96:4c:a5:94:13:e9:56:b9:ec:e2:9d:db:1b:3b:ef:c1:bd:
a8:c2:cc:76:91:9f:61:c6:b0:ed:98:d9:f0:a6:c9:de:f1:4d:
0b:38:7b:2d:39:cf:db:be:ae:8e:13:2d:03:fa:ce:8c:4b:14:
03:ec:1f:87:82:d7:b8:2e:ce:25:1a:e2:98:da:21:9f:ef:7a:
28:44:36:30:e8:d4:58:a8:d3:c9:0f:23:64:54:ba:27:8e:0e:
a6:d7:41:ee:1e:f1:3f:ce:46:09:a3:06:8a:cf:50:93:8a:79:
fe:83:dd:4c:68:9e:dd:d6:28:69:c7:01:21:b2:d6:fd:be:14:
cc:2e:09:0f:37:31:a6:8f:e2:77:7e:9e:68:a6:55:22:cb:b4:
d1:1c:5f:93:74:6d:ba:73:06:5a:5d:0d:45:0d:2f:27:7c:19:
28:ad:79:f6:7d:a2:46:67:6b:0f:b5:fe:cd:c1:ad:46:89:26:
6c:81:63:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuQdzvrzh1/2vVqrgMfNneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGI2NTBlYzE2ZTE1ODY0NGY4YTkwNTE4MTQ1ZTBjNDRkMmRiNTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhE/e1WqKObKfNtkajChYDLI9M+x5
56Q/pt58XY0e0GOpaSn4Le1BLQNQCEaS45ev3IT/JlNlOPRfg5O4L1K0YR/7bEfE
0y2KFcHo2O6B0ANy+4haEzguwsXL6PH86mLgVzAcoPYUW3oNfGo5k3oiJC2KyuOl
HOTqxx0TZoxPeNmp3Hh07xx01CJIom1y8UZgKaaMcx0LXWLpHB2zCde1xDl7/HOP
+4aauXDtEHbGEUqlim6wnm67r3ggCGelRmTsUHjEPZtNreSFzv9WBuzIWp4J2tYn
OKWMltLSc6neV8mev9lwlueXFsmMO46Poe5jwPgyYEqjE0GONyA6gj5UcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCi2UOwW4VhkT4qQUYFF4MRNLbU3MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvS0xaUTdCYmhXR1JQaXBCUmdVWGd4RTB0dFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVmkaAwQA
WSNNAwQAXHJsMA0GCSqGSIb3DQEBCwUAA4IBAQAZqyZ79wxqJuuQV85ySR5Jk/WS
0To7SYdZ/2LCDK5TEMykkOQb6ZA+l9ixiqmHctPt7UuUXCL12ewWSkfgr+BJ1rCZ
vEagbn03lkyllBPpVrns4p3bGzvvwb2owsx2kZ9hxrDtmNnwpsne8U0LOHstOc/b
vq6OEy0D+s6MSxQD7B+Hgte4Ls4lGuKY2iGf73ooRDYw6NRYqNPJDyNkVLonjg6m
10HuHvE/zkYJowaKz1CTinn+g91MaJ7d1ihpxwEhstb9vhTMLgkPNzGmj+J3fp5o
plUiy7TRHF+TdG26cwZaXQ1FDS8nfBkorXn2faJGZ2sPtf7Nwa1GiSZsgWPg
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:51:50 2025 by rpki-client