Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f87422-3c8e-4b51-bab8-2e3ed5a17098/1/KZn4BDOrKrMc8gEql2QtqR5Lrp4.roa
File: KZn4BDOrKrMc8gEql2QtqR5Lrp4.roa (raw, json)
Hash identifier: YO8z1ekLcOnlCbuVrLrnZm5OUDODjIpP7P3P+oKBtQw=
Subject key identifier: 29:99:F8:04:33:AB:2A:B3:1C:F2:01:2A:97:64:2D:A9:1E:4B:AE:9E
Certificate issuer: /CN=78878edda6ae4a0147db70b66105cfd17f2066a3
Certificate serial: 105FBD62
Authority key identifier: 78:87:8E:DD:A6:AE:4A:01:47:DB:70:B6:61:05:CF:D1:7F:20:66:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eIeO3aauSgFH23C2YQXP0X8gZqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/f87422-3c8e-4b51-bab8-2e3ed5a17098/1/KZn4BDOrKrMc8gEql2QtqR5Lrp4.roa
Signing time: Sat 01 Jan 2022 14:56:13 +0000
ROA not before: Sat 01 Jan 2022 14:56:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 149.205.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 274709858 (0x105fbd62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78878edda6ae4a0147db70b66105cfd17f2066a3
Validity
Not Before: Jan 1 14:56:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2999f80433ab2ab31cf2012a97642da91e4bae9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:51:c3:7e:bd:c6:a5:68:6f:9f:29:4b:d0:3c:
5b:95:f8:75:5c:b0:00:d9:9d:17:7f:fc:af:11:70:
43:0e:b1:e4:e9:92:b8:3a:be:66:3c:d8:6d:36:a2:
01:19:e8:9f:a7:b2:9f:de:ad:00:d0:db:31:5b:f3:
50:12:93:55:6c:b4:38:3b:c7:37:b9:da:9f:02:7d:
11:93:0c:b3:70:45:10:df:a7:96:2d:8b:bc:4c:c1:
c2:d1:72:97:e1:53:5a:96:ef:b8:40:cb:50:23:ed:
1a:92:da:07:21:9d:fb:c5:1e:e6:05:0d:12:42:38:
37:ad:fd:62:80:af:22:bc:d4:28:d8:4d:54:a9:8f:
fa:c2:81:88:23:65:df:c0:5d:bd:b3:73:fb:10:b7:
98:06:3c:28:66:84:ae:5b:18:af:91:bf:c0:68:00:
83:b5:56:9b:be:63:78:06:f1:e0:70:da:d0:62:4c:
6c:8d:12:6a:3c:76:d1:b6:12:2d:9b:0d:28:e3:86:
a0:e1:80:2c:df:f6:0d:3e:77:e7:88:05:27:8f:51:
81:87:98:30:b0:1a:83:81:99:61:f6:5e:29:ae:a4:
09:82:0d:59:7e:35:4e:4d:61:f2:69:f3:7a:a6:67:
14:15:cd:a4:88:1b:52:1f:37:0b:fb:7c:0d:70:6f:
ce:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:99:F8:04:33:AB:2A:B3:1C:F2:01:2A:97:64:2D:A9:1E:4B:AE:9E
X509v3 Authority Key Identifier:
keyid:78:87:8E:DD:A6:AE:4A:01:47:DB:70:B6:61:05:CF:D1:7F:20:66:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eIeO3aauSgFH23C2YQXP0X8gZqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f87422-3c8e-4b51-bab8-2e3ed5a17098/1/KZn4BDOrKrMc8gEql2QtqR5Lrp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f87422-3c8e-4b51-bab8-2e3ed5a17098/1/eIeO3aauSgFH23C2YQXP0X8gZqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.205.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:93:c4:48:1b:e8:e8:aa:f4:dd:a2:39:33:33:83:1d:25:c2:
f1:07:fe:45:02:fb:b9:50:77:1c:80:dc:64:bd:77:30:47:29:
05:8e:73:50:1a:5b:82:5d:4e:e2:b1:44:97:6d:68:1f:69:5b:
75:21:8a:93:9f:cf:4a:37:51:3c:5d:b7:f5:6b:d7:1e:08:47:
a6:ed:55:41:2c:51:50:ad:89:ba:b1:ab:dc:f8:33:84:9a:17:
ac:86:e9:77:80:e2:c3:44:b1:6c:6c:95:c2:c2:b3:43:e0:42:
02:b1:6a:64:84:f5:7c:cb:7c:31:66:50:a9:80:62:6e:a0:76:
97:b1:1b:9a:bd:7b:fa:ba:f2:6a:f9:0f:cf:fd:0e:61:8f:5e:
8b:67:0f:2b:88:25:97:bb:59:24:d1:8b:a4:95:37:ac:6e:42:
50:66:d3:1d:cf:be:6e:28:2e:79:46:db:b9:32:e7:f7:4f:0d:
45:66:9e:2a:c7:b9:92:a4:c9:69:ac:be:ae:82:0a:b9:60:b0:
c0:64:57:af:25:36:33:63:2d:cb:4f:65:62:ac:e0:12:be:03:
8b:4e:84:cf:d3:d2:c5:d7:cd:36:61:8e:c0:39:c1:13:7b:f9:
be:67:5f:b8:ee:fc:2a:dd:c8:a9:f5:de:25:a0:fe:2a:77:80:
f5:a5:f1:10
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEEF+9YjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ODg3OGVkZGE2YWU0YTAxNDdkYjcwYjY2MTA1Y2ZkMTdmMjA2NmEzMB4XDTIyMDEw
MTE0NTYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk5OWY4MDQzM2Fi
MmFiMzFjZjIwMTJhOTc2NDJkYTkxZTRiYWU5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO5Rw369xqVob58pS9A8W5X4dVywANmdF3/8rxFwQw6x5OmS
uDq+ZjzYbTaiARnon6eyn96tANDbMVvzUBKTVWy0ODvHN7nanwJ9EZMMs3BFEN+n
li2LvEzBwtFyl+FTWpbvuEDLUCPtGpLaByGd+8Ue5gUNEkI4N639YoCvIrzUKNhN
VKmP+sKBiCNl38BdvbNz+xC3mAY8KGaErlsYr5G/wGgAg7VWm75jeAbx4HDa0GJM
bI0Sajx20bYSLZsNKOOGoOGALN/2DT5354gFJ49RgYeYMLAag4GZYfZeKa6kCYIN
WX41Tk1h8mnzeqZnFBXNpIgbUh83C/t8DXBvzlUCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBQpmfgEM6sqsxzyASqXZC2pHkuunjAfBgNVHSMEGDAWgBR4h47dpq5KAUfb
cLZhBc/RfyBmozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VJZU8zYWF1U2dGSDIzQzJZUVhQMFg4Z1pxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTUvZjg3NDIyLTNjOGUtNGI1MS1iYWI4LTJlM2VkNWExNzA5OC8x
L0tabjRCRE9yS3JNYzhnRXFsMlF0cVI1THJwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUv
Zjg3NDIyLTNjOGUtNGI1MS1iYWI4LTJlM2VkNWExNzA5OC8xL2VJZU8zYWF1U2dG
SDIzQzJZUVhQMFg4Z1pxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJXNMA0GCSqGSIb3DQEBCwUAA4IB
AQAfk8RIG+joqvTdojkzM4MdJcLxB/5FAvu5UHccgNxkvXcwRykFjnNQGluCXU7i
sUSXbWgfaVt1IYqTn89KN1E8Xbf1a9ceCEem7VVBLFFQrYm6savc+DOEmheshul3
gOLDRLFsbJXCwrND4EICsWpkhPV8y3wxZlCpgGJuoHaXsRuavXv6uvJq+Q/P/Q5h
j16LZw8riCWXu1kk0YuklTesbkJQZtMdz75uKC55Rtu5Muf3Tw1FZp4qx7mSpMlp
rL6uggq5YLDAZFevJTYzYy3LT2VirOASvgOLToTP09LF1802YY7AOcETe/m+Z1+4
7vwq3cip9d4loP4qd4D1pfEQ
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:25:00 2025 by rpki-client