Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/KYSou_nvU6ZL0xnHAbLxapTEIX8.roa
File: KYSou_nvU6ZL0xnHAbLxapTEIX8.roa (raw, json)
Hash identifier: Z0FtSrV8ISfLJTvZHh+2zK60sJr/0o5pisyTZLfqnk0=
Subject key identifier: 29:84:A8:BB:F9:EF:53:A6:4B:D3:19:C7:01:B2:F1:6A:94:C4:21:7F
Certificate issuer: /CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Certificate serial: 0185725583EC9348046DC9186F267491F347
Authority key identifier: C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/KYSou_nvU6ZL0xnHAbLxapTEIX8.roa
Signing time: Mon 02 Jan 2023 11:54:44 +0000
ROA not before: Mon 02 Jan 2023 11:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13280
IP address blocks: 89.204.240.0/20 maxlen: 24
95.83.196.0/22 maxlen: 24
95.83.196.0/23 maxlen: 24
89.204.160.0/20 maxlen: 24
95.83.229.0/24 maxlen: 24
92.251.240.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:83:ec:93:48:04:6d:c9:18:6f:26:74:91:f3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Validity
Not Before: Jan 2 11:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2984a8bbf9ef53a64bd319c701b2f16a94c4217f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:02:d2:78:d3:5c:b1:0d:4c:2f:f1:f8:36:e0:
96:cc:2d:db:9a:0d:a6:3c:d3:d5:bf:8d:dc:f9:53:
f7:74:79:93:1e:ce:79:e9:42:bd:c6:9a:2d:a1:ef:
e8:bf:8a:59:32:ba:3e:c7:25:04:87:46:69:b2:59:
12:3b:b9:da:3f:6c:ca:76:4f:2d:75:98:6d:ec:4c:
10:14:92:cb:c2:07:ab:37:5d:07:18:64:2a:69:a8:
97:2a:95:a6:62:6e:77:30:55:da:ab:f1:1f:d1:1f:
49:bb:41:9d:d8:b5:ac:fb:32:da:84:81:cf:bf:f0:
73:3c:f1:7b:91:9e:19:32:e7:5f:c6:96:64:eb:ac:
95:56:1a:7e:64:91:83:bd:4d:fc:66:03:01:1f:d2:
d0:3a:3f:bb:fb:7c:54:8f:27:62:bc:4d:5d:a2:b7:
00:26:eb:b0:72:66:68:c2:b9:b4:67:1c:91:73:8e:
4b:b3:60:c1:64:2a:61:7e:ba:3a:ea:93:55:73:04:
77:87:23:13:68:d1:e7:16:50:b5:41:4d:28:10:0d:
e6:d7:23:be:f8:34:5a:12:a7:25:81:f0:97:83:4d:
14:3d:46:d6:7b:5f:45:17:a9:7d:de:d1:88:11:76:
1c:3b:f2:81:99:20:21:72:bd:2c:e3:c2:f6:c6:17:
42:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:84:A8:BB:F9:EF:53:A6:4B:D3:19:C7:01:B2:F1:6A:94:C4:21:7F
X509v3 Authority Key Identifier:
keyid:C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/KYSou_nvU6ZL0xnHAbLxapTEIX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.204.160.0/20
89.204.240.0/20
92.251.240.0/21
95.83.196.0/22
95.83.229.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:bd:4a:2e:9c:2c:64:df:d0:3b:ea:e5:38:08:2d:d9:d9:6c:
52:26:60:42:ad:0f:b0:30:b1:57:83:64:e9:b5:64:59:f7:0d:
77:07:74:fb:51:ff:cb:ba:b4:15:7f:0e:07:f9:e3:c4:d2:42:
20:af:cd:87:99:2e:19:64:88:4a:42:ae:9a:45:12:29:f3:c5:
55:9b:32:be:a5:84:dd:6c:e4:2e:66:50:ed:7b:70:8c:7a:52:
51:0d:6c:41:9f:e6:09:ca:0c:a7:f3:2a:59:c0:5f:ad:78:32:
da:1b:93:b2:1c:93:b8:77:c6:49:9d:1f:96:91:06:08:f2:d2:
81:27:08:8a:52:2e:0a:6c:8f:82:73:10:8e:4d:36:e7:60:38:
f8:5c:1d:48:31:6a:ec:01:7c:60:24:b1:59:3b:9d:45:bf:2a:
8c:81:bd:10:45:f5:61:4f:c1:c6:49:13:1e:ec:70:a2:d1:96:
32:e7:3b:00:5a:3d:d1:8a:31:22:e4:91:93:f9:ce:0b:dc:a9:
ba:54:16:e0:e6:af:e4:88:c6:75:ab:df:8a:26:7d:8a:25:f4:
c1:03:1c:20:b6:f5:cb:00:1a:c5:8e:61:41:89:cc:76:c8:88:
83:6e:3d:d2:21:31:b9:a1:bb:35:c3:96:94:ef:92:20:c0:99:
8c:93:50:10
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVyVYPsk0gEbckYbyZ0kfNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWNmMjYwZDIzMjYzYTdjNmJiNmM1OWMxOWVlYmM2NzU5
YjYwYmUwHhcNMjMwMTAyMTE1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTg0YThiYmY5ZWY1M2E2NGJkMzE5YzcwMWIyZjE2YTk0YzQyMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQLSeNNcsQ1ML/H4NuCWzC3bmg2m
PNPVv43c+VP3dHmTHs556UK9xpotoe/ov4pZMro+xyUEh0ZpslkSO7naP2zKdk8t
dZht7EwQFJLLwgerN10HGGQqaaiXKpWmYm53MFXaq/Ef0R9Ju0Gd2LWs+zLahIHP
v/BzPPF7kZ4ZMudfxpZk66yVVhp+ZJGDvU38ZgMBH9LQOj+7+3xUjydivE1dorcA
JuuwcmZowrm0ZxyRc45Ls2DBZCphfro66pNVcwR3hyMTaNHnFlC1QU0oEA3m1yO+
+DRaEqclgfCXg00UPUbWe19FF6l93tGIEXYcO/KBmSAhcr0s48L2xhdCmwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCmEqLv571OmS9MZxwGy8WqUxCF/MB8GA1UdIwQY
MBaAFMGs8mDSMmOnxrtsWcGe68Z1m2C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEt
ZmZkNjQ2ZDA1ZjY3LzEvS1lTb3VfbnZVNlpMMHhuSEFiTHhhcFRFSVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEtZmZkNjQ2ZDA1ZjY3
LzEvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEWcygAwQE
WczwAwQDXPvwAwQCX1PEAwQAX1PlMA0GCSqGSIb3DQEBCwUAA4IBAQDFvUounCxk
39A76uU4CC3Z2WxSJmBCrQ+wMLFXg2TptWRZ9w13B3T7Uf/LurQVfw4H+ePE0kIg
r82HmS4ZZIhKQq6aRRIp88VVmzK+pYTdbOQuZlDte3CMelJRDWxBn+YJygyn8ypZ
wF+teDLaG5OyHJO4d8ZJnR+WkQYI8tKBJwiKUi4KbI+CcxCOTTbnYDj4XB1IMWrs
AXxgJLFZO51FvyqMgb0QRfVhT8HGSRMe7HCi0ZYy5zsAWj3RijEi5JGT+c4L3Km6
VBbg5q/kiMZ1q9+KJn2KJfTBAxwgtvXLABrFjmFBicx2yIiDbj3SITG5obs1w5aU
75IgwJmMk1AQ
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:47:37 2025 by rpki-client