Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/c392d7-0a99-41c9-a2cd-f0d2b943cb53/1/kyql-Io0INXBQYw46kKNmz3RVVU.roa
File: kyql-Io0INXBQYw46kKNmz3RVVU.roa (raw, json)
Hash identifier: hptpdTDHatFoZoCx08Gu3hf7UCYG0iGPGr/m62s5B6U=
Subject key identifier: 93:2A:A5:F8:8A:34:20:D5:C1:41:8C:38:EA:42:8D:9B:3D:D1:55:55
Certificate issuer: /CN=a5a42d260d5ecdc2fa2b0b5dbf603b90d715444d
Certificate serial: 09F09DAB
Authority key identifier: A5:A4:2D:26:0D:5E:CD:C2:FA:2B:0B:5D:BF:60:3B:90:D7:15:44:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paQtJg1ezcL6Kwtdv2A7kNcVRE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/c392d7-0a99-41c9-a2cd-f0d2b943cb53/1/kyql-Io0INXBQYw46kKNmz3RVVU.roa
Signing time: Sat 01 Jan 2022 07:54:53 +0000
ROA not before: Sat 01 Jan 2022 07:54:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34019
IP address blocks: 193.222.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166763947 (0x9f09dab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a42d260d5ecdc2fa2b0b5dbf603b90d715444d
Validity
Not Before: Jan 1 07:54:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=932aa5f88a3420d5c1418c38ea428d9b3dd15555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3a:ee:93:1b:f9:d9:a2:38:39:04:2c:c9:cf:
9a:ad:4a:7c:13:ee:f7:12:9c:70:0b:7c:4d:12:58:
ef:f7:d9:79:c5:cd:8b:57:fa:f9:fe:ac:bb:5c:03:
d7:02:cd:18:06:28:ca:4c:e8:59:f6:65:8d:c4:82:
b4:a8:0d:1f:18:0c:cf:14:9f:67:d0:6c:f0:54:4e:
48:37:38:de:bb:fc:64:d8:d1:98:5c:e2:b2:d5:83:
71:9a:5d:b1:27:f8:f6:da:e8:22:c1:fe:a5:9a:e9:
f2:b6:73:fb:d0:ba:29:10:6c:de:18:97:4c:90:78:
12:7a:34:66:59:bb:2e:8f:c7:8c:b3:7d:f7:bb:8e:
5c:c5:b4:79:4b:e0:0f:49:95:7b:ef:8d:61:84:fd:
93:1d:ef:98:b3:b6:04:0d:33:9f:45:a2:06:57:36:
a3:64:d8:0f:18:8f:ce:dd:0d:e6:57:ee:4c:05:41:
71:64:46:33:50:1c:c7:5c:e3:80:4a:7a:7d:ea:23:
4b:3b:78:52:1f:f1:52:87:6b:3c:ba:89:5e:14:a0:
f0:19:75:07:31:b6:65:42:38:2b:05:34:3c:fa:9e:
c1:b5:bd:01:00:41:00:0f:c9:d0:d3:72:2e:a6:d8:
43:ba:6a:86:04:a4:33:bb:a9:a1:12:16:21:f8:18:
f4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2A:A5:F8:8A:34:20:D5:C1:41:8C:38:EA:42:8D:9B:3D:D1:55:55
X509v3 Authority Key Identifier:
keyid:A5:A4:2D:26:0D:5E:CD:C2:FA:2B:0B:5D:BF:60:3B:90:D7:15:44:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paQtJg1ezcL6Kwtdv2A7kNcVRE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/c392d7-0a99-41c9-a2cd-f0d2b943cb53/1/kyql-Io0INXBQYw46kKNmz3RVVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/c392d7-0a99-41c9-a2cd-f0d2b943cb53/1/paQtJg1ezcL6Kwtdv2A7kNcVRE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.222.128.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:cd:b0:d6:cb:cc:73:60:2d:a2:33:9a:48:32:a3:85:0d:e9:
92:27:c9:eb:86:c3:c8:d9:7c:19:77:45:a0:f0:4d:93:61:1e:
d2:08:a8:96:02:98:47:09:2f:50:0c:1a:3e:f1:b6:2e:57:8f:
fc:14:a7:72:86:d9:1f:11:92:62:e3:00:63:96:25:f1:7d:c7:
31:a4:2c:18:1b:80:d7:80:55:b8:39:aa:9b:c1:dd:75:f4:f6:
05:1f:e0:f7:f0:ac:0b:85:39:91:ab:7f:33:2e:47:d2:6d:b1:
2f:9d:62:d8:53:7b:83:6f:e5:50:a9:b1:df:a4:c9:20:2c:f9:
ce:f3:c5:ae:f5:73:78:fb:49:42:fa:c2:41:19:a0:18:d0:d5:
19:9b:af:58:61:92:7d:c5:62:9b:46:ea:a6:c9:80:d6:74:6e:
06:30:ac:30:24:80:86:05:41:b0:e7:60:c2:25:0c:d1:1d:df:
da:ac:40:df:34:5c:1e:0e:66:ac:d8:63:34:20:a1:a2:91:9f:
9a:b3:cd:d0:6a:1a:73:ba:2a:e0:73:93:b1:27:f3:88:82:54:
a6:70:c3:cc:a4:d5:d4:43:ba:e9:df:b1:63:e8:42:32:d5:a8:
96:9b:49:20:3d:9b:4b:6b:ef:72:b2:c3:39:57:78:59:c1:93:
60:1d:c9:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECfCdqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NWE0MmQyNjBkNWVjZGMyZmEyYjBiNWRiZjYwM2I5MGQ3MTU0NDRkMB4XDTIyMDEw
MTA3NTQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTMyYWE1Zjg4YTM0
MjBkNWMxNDE4YzM4ZWE0MjhkOWIzZGQxNTU1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMM67pMb+dmiODkELMnPmq1KfBPu9xKccAt8TRJY7/fZecXN
i1f6+f6su1wD1wLNGAYoykzoWfZljcSCtKgNHxgMzxSfZ9Bs8FROSDc43rv8ZNjR
mFzistWDcZpdsSf49troIsH+pZrp8rZz+9C6KRBs3hiXTJB4Eno0Zlm7Lo/HjLN9
97uOXMW0eUvgD0mVe++NYYT9kx3vmLO2BA0zn0WiBlc2o2TYDxiPzt0N5lfuTAVB
cWRGM1Acx1zjgEp6feojSzt4Uh/xUodrPLqJXhSg8Bl1BzG2ZUI4KwU0PPqewbW9
AQBBAA/J0NNyLqbYQ7pqhgSkM7upoRIWIfgY9N0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSTKqX4ijQg1cFBjDjqQo2bPdFVVTAfBgNVHSMEGDAWgBSlpC0mDV7Nwvor
C12/YDuQ1xVETTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BhUXRKZzFlemNMNkt3dGR2MkE3a05jVlJFMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvYzM5MmQ3LTBhOTktNDFjOS1hMmNkLWYwZDJiOTQzY2I1My8x
L2t5cWwtSW8wSU5YQlFZdzQ2a0tObXozUlZWVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
YzM5MmQ3LTBhOTktNDFjOS1hMmNkLWYwZDJiOTQzY2I1My8xL3BhUXRKZzFlemNM
Nkt3dGR2MkE3a05jVlJFMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHegDANBgkqhkiG9w0BAQsFAAOC
AQEAfs2w1svMc2AtojOaSDKjhQ3pkifJ64bDyNl8GXdFoPBNk2Ee0giolgKYRwkv
UAwaPvG2LleP/BSncobZHxGSYuMAY5Yl8X3HMaQsGBuA14BVuDmqm8HddfT2BR/g
9/CsC4U5kat/My5H0m2xL51i2FN7g2/lUKmx36TJICz5zvPFrvVzePtJQvrCQRmg
GNDVGZuvWGGSfcVim0bqpsmA1nRuBjCsMCSAhgVBsOdgwiUM0R3f2qxA3zRcHg5m
rNhjNCChopGfmrPN0Goac7oq4HOTsSfziIJUpnDDzKTV1EO66d+xY+hCMtWolptJ
ID2bS2vvcrLDOVd4WcGTYB3JAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:07 2024 by rpki-client on console-fra.rpki-client.org