Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b2e1ef-75b4-4fe9-871b-3bc3df7a298a/1/KMHr2ZV080N9IUOydv1fa8U9HtM.roa
File: KMHr2ZV080N9IUOydv1fa8U9HtM.roa (raw, json)
Hash identifier: HseBq4AKsjXDTD0NsT6JjsNXJc/QzTwpO3/p0VGBOZU=
Subject key identifier: 28:C1:EB:D9:95:74:F3:43:7D:21:43:B2:76:FD:5F:6B:C5:3D:1E:D3
Certificate issuer: /CN=65aa451b783fc91a04b82f82f156f0b489715dc9
Certificate serial: 68E571
Authority key identifier: 65:AA:45:1B:78:3F:C9:1A:04:B8:2F:82:F1:56:F0:B4:89:71:5D:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZapFG3g_yRoEuC-C8VbwtIlxXck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b2e1ef-75b4-4fe9-871b-3bc3df7a298a/1/KMHr2ZV080N9IUOydv1fa8U9HtM.roa
Signing time: Sat 01 Jan 2022 00:53:21 +0000
ROA not before: Sat 01 Jan 2022 00:53:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60631
IP address blocks: 62.3.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6874481 (0x68e571)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65aa451b783fc91a04b82f82f156f0b489715dc9
Validity
Not Before: Jan 1 00:53:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28c1ebd99574f3437d2143b276fd5f6bc53d1ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:97:6d:9a:4b:c1:45:f5:5f:19:cb:c1:6d:b7:
50:82:21:ff:36:b3:fb:d1:08:a6:35:1a:f9:25:af:
56:aa:7e:fc:29:cc:53:12:a9:d7:15:da:5e:2a:d9:
42:54:b3:ef:c4:69:dc:92:c8:5f:ce:58:62:23:73:
72:da:a6:0a:2d:28:96:b0:b0:c9:02:a0:58:22:2b:
a0:2e:e0:c8:46:40:c3:63:88:ef:d2:02:03:16:c2:
89:5c:d2:ba:9d:d1:19:c4:ed:d0:31:bc:55:e2:1d:
be:89:90:56:71:28:6f:a7:d7:44:e7:48:90:b7:6c:
0c:05:5d:26:f7:69:61:e0:f6:e1:31:ca:a5:f3:dd:
87:15:5e:3a:5b:68:30:ff:3f:ca:09:e3:88:16:92:
e5:5b:9d:9c:2b:98:05:66:6a:6a:56:97:ef:79:3f:
02:f3:cf:3e:f7:57:d8:5f:77:8a:98:3e:97:9c:0e:
66:89:c1:f6:97:ab:30:b3:65:5e:a0:e0:c3:e2:e2:
c8:4d:5f:50:fe:1b:85:c9:06:cc:4d:a1:e7:c9:7d:
6a:9d:90:64:94:a9:d1:81:b4:88:cd:e8:0c:ba:7a:
68:df:10:f6:c8:0a:e7:72:1c:17:8d:ca:58:de:3e:
5b:d4:1c:f6:61:2e:4c:f6:20:15:53:71:53:1b:5b:
a6:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C1:EB:D9:95:74:F3:43:7D:21:43:B2:76:FD:5F:6B:C5:3D:1E:D3
X509v3 Authority Key Identifier:
keyid:65:AA:45:1B:78:3F:C9:1A:04:B8:2F:82:F1:56:F0:B4:89:71:5D:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZapFG3g_yRoEuC-C8VbwtIlxXck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b2e1ef-75b4-4fe9-871b-3bc3df7a298a/1/KMHr2ZV080N9IUOydv1fa8U9HtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b2e1ef-75b4-4fe9-871b-3bc3df7a298a/1/ZapFG3g_yRoEuC-C8VbwtIlxXck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.41.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:e1:47:cc:36:0e:da:b8:26:14:8e:8f:8e:59:ce:de:1e:c6:
7f:cc:0e:97:24:06:f7:20:98:31:4c:7a:07:da:67:37:99:fd:
57:aa:bc:b5:ce:0b:c4:e9:1e:45:ee:05:05:c7:c9:76:0c:40:
46:8b:d4:b1:0f:41:55:67:34:79:68:25:c1:d0:b6:ca:8a:08:
02:6e:0d:1f:24:75:36:1f:e5:49:f0:2d:e6:12:37:6d:87:58:
c5:10:17:40:74:f1:da:58:5a:0a:27:44:f4:6d:8f:d7:dc:b8:
27:a3:b6:3f:b7:a3:8a:f8:97:43:ed:ba:d9:53:8e:b6:47:57:
5f:3b:a4:f5:dd:90:db:2e:b1:c7:1d:d4:fe:6b:84:e8:7b:d9:
34:4a:bf:b8:72:04:9c:7e:f8:02:92:df:45:3c:97:3e:6e:59:
1d:e1:7a:ee:05:80:d7:ad:23:f2:cf:52:44:78:02:f2:e6:bc:
64:c1:de:11:dd:79:0e:be:44:a8:c0:fe:14:57:aa:b7:ec:71:
85:be:ee:92:e5:bc:db:75:41:fa:95:bb:cf:a0:ed:be:ad:62:
42:2c:b0:f4:65:f6:ce:30:b7:36:6f:92:82:a5:55:bf:9d:81:
d6:1d:46:10:e3:bb:be:87:87:f8:ca:80:64:54:99:7c:30:8c:
0b:00:4d:2b
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDaOVxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY1
YWE0NTFiNzgzZmM5MWEwNGI4MmY4MmYxNTZmMGI0ODk3MTVkYzkwHhcNMjIwMTAx
MDA1MzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOGMxZWJkOTk1NzRm
MzQzN2QyMTQzYjI3NmZkNWY2YmM1M2QxZWQzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm5dtmkvBRfVfGcvBbbdQgiH/NrP70QimNRr5Ja9Wqn78KcxT
EqnXFdpeKtlCVLPvxGnckshfzlhiI3Ny2qYKLSiWsLDJAqBYIiugLuDIRkDDY4jv
0gIDFsKJXNK6ndEZxO3QMbxV4h2+iZBWcShvp9dE50iQt2wMBV0m92lh4PbhMcql
892HFV46W2gw/z/KCeOIFpLlW52cK5gFZmpqVpfveT8C888+91fYX3eKmD6XnA5m
icH2l6sws2VeoODD4uLITV9Q/huFyQbMTaHnyX1qnZBklKnRgbSIzegMunpo3xD2
yArnchwXjcpY3j5b1Bz2YS5M9iAVU3FTG1umTQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFCjB69mVdPNDfSFDsnb9X2vFPR7TMB8GA1UdIwQYMBaAFGWqRRt4P8kaBLgv
gvFW8LSJcV3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WmFwRkczZ195Um9FdUMtQzhWYnd0SWx4WGNrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hZi9iMmUxZWYtNzViNC00ZmU5LTg3MWItM2JjM2RmN2EyOThhLzEv
S01IcjJaVjA4ME45SVVPeWR2MWZhOFU5SHRNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9i
MmUxZWYtNzViNC00ZmU5LTg3MWItM2JjM2RmN2EyOThhLzEvWmFwRkczZ195Um9F
dUMtQzhWYnd0SWx4WGNrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgMpMA0GCSqGSIb3DQEBCwUAA4IB
AQA/4UfMNg7auCYUjo+OWc7eHsZ/zA6XJAb3IJgxTHoH2mc3mf1Xqry1zgvE6R5F
7gUFx8l2DEBGi9SxD0FVZzR5aCXB0LbKiggCbg0fJHU2H+VJ8C3mEjdth1jFEBdA
dPHaWFoKJ0T0bY/X3Lgno7Y/t6OK+JdD7brZU462R1dfO6T13ZDbLrHHHdT+a4To
e9k0Sr+4cgScfvgCkt9FPJc+blkd4XruBYDXrSPyz1JEeALy5rxkwd4R3XkOvkSo
wP4UV6q37HGFvu6S5bzbdUH6lbvPoO2+rWJCLLD0ZfbOMLc2b5KCpVW/nYHWHUYQ
47u+h4f4yoBkVJl8MIwLAE0r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:53 2024 by rpki-client on console-fra.rpki-client.org