Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/KsZZXdDlsi-L092AHa0jcRI84Uo.roa
File: KsZZXdDlsi-L092AHa0jcRI84Uo.roa (raw, json)
Hash identifier: 1Fp/H/Wpq5NP3Pmkyys7PPcG4KNIpMG6yjegXA9Gam4=
Subject key identifier: 2A:C6:59:5D:D0:E5:B2:2F:8B:D3:DD:80:1D:AD:23:71:12:3C:E1:4A
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 1C32B266
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/KsZZXdDlsi-L092AHa0jcRI84Uo.roa
Signing time: Wed 18 May 2022 04:30:25 +0000
ROA not before: Wed 18 May 2022 04:30:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 87.248.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 473084518 (0x1c32b266)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: May 18 04:30:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ac6595dd0e5b22f8bd3dd801dad2371123ce14a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0b:7a:cc:31:d5:df:31:5b:96:e8:5b:e3:b0:
20:7e:a8:30:ac:23:cb:f4:f5:1a:b1:c4:fb:47:a0:
54:ab:de:ec:d9:ff:b5:bf:9a:72:20:b8:04:17:e8:
a7:51:f4:e6:60:01:97:90:47:ee:65:1b:bb:c8:18:
7e:7f:21:fe:ad:5a:2f:50:9c:66:0c:6a:36:e3:5e:
68:28:57:7e:a5:2a:fb:1e:1c:15:76:f5:f2:c3:83:
f0:03:01:b6:30:14:15:2b:9a:ff:fd:8d:78:2d:5e:
31:52:d7:82:d7:3e:9a:9c:96:aa:c6:52:8b:bc:b9:
a8:b7:61:e5:5f:08:a0:6e:e0:da:aa:3a:a2:f4:38:
3c:77:ac:11:b6:c1:6d:bf:ed:57:88:25:e3:df:63:
7e:f8:31:af:58:26:b9:55:da:94:5c:f2:ff:7e:7d:
86:e6:c5:95:57:5c:63:bb:b6:d1:df:a5:f9:77:78:
f0:de:c1:54:44:98:78:b2:4f:73:d1:70:e8:d0:57:
77:3b:75:7e:e6:5e:1c:6c:93:81:e2:b5:c5:28:d1:
95:e1:d1:1c:f9:48:a2:81:ae:cd:ee:a5:6b:56:a4:
42:07:65:29:c5:d9:ad:29:ea:23:7c:b2:62:d2:b6:
b2:84:12:9a:cc:3d:82:cf:4c:86:ae:f6:66:66:d1:
3e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C6:59:5D:D0:E5:B2:2F:8B:D3:DD:80:1D:AD:23:71:12:3C:E1:4A
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/KsZZXdDlsi-L092AHa0jcRI84Uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.143.0/24
Signature Algorithm: sha256WithRSAEncryption
73:4e:fb:a8:29:41:fb:a8:3c:2a:9e:9b:e7:49:bc:d3:95:27:
5b:54:ba:dc:04:97:5b:1f:9f:b5:50:30:66:c2:92:0b:68:16:
f1:1b:7d:40:cd:41:99:24:6d:1a:21:ec:fd:20:3b:ad:c9:c7:
cf:7d:8b:74:e5:6c:80:ec:12:ea:e8:c0:0e:01:15:6c:3f:55:
8c:ae:97:60:2d:ea:4f:16:b9:a9:be:23:00:c5:61:63:60:92:
76:47:14:fa:b3:ba:d6:e0:65:44:85:13:c6:a6:d0:70:5d:bb:
e2:e1:4e:01:fa:97:09:99:6e:ed:63:48:eb:d8:4b:02:4b:6f:
c3:3a:6e:19:8c:f7:c7:74:b5:e2:4b:aa:e8:99:bc:70:a0:b4:
d4:7e:7e:ab:c4:cf:af:02:f3:24:ce:29:46:e8:c3:a4:0f:1b:
b4:f6:4a:5f:8a:05:af:31:4f:e3:95:6d:3d:17:6d:9f:9d:d7:
7f:f6:d7:9b:a6:0b:64:d2:99:2b:4a:f1:48:0a:66:10:80:98:
37:2b:01:6e:3e:06:f4:4a:6c:58:bd:64:61:87:e2:fd:80:d2:
fe:62:cb:11:95:2a:ee:3b:b2:e4:43:43:0e:6a:68:46:22:d7:
db:83:60:52:e9:c5:c8:cd:41:0a:81:0e:73:2e:48:f5:a4:b6:
91:d4:08:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHDKyZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDUx
ODA0MzAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFjNjU5NWRkMGU1
YjIyZjhiZDNkZDgwMWRhZDIzNzExMjNjZTE0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJQLeswx1d8xW5boW+OwIH6oMKwjy/T1GrHE+0egVKve7Nn/
tb+aciC4BBfop1H05mABl5BH7mUbu8gYfn8h/q1aL1CcZgxqNuNeaChXfqUq+x4c
FXb18sOD8AMBtjAUFSua//2NeC1eMVLXgtc+mpyWqsZSi7y5qLdh5V8IoG7g2qo6
ovQ4PHesEbbBbb/tV4gl499jfvgxr1gmuVXalFzy/359hubFlVdcY7u20d+l+Xd4
8N7BVESYeLJPc9Fw6NBXdzt1fuZeHGyTgeK1xSjRleHRHPlIooGuze6la1akQgdl
KcXZrSnqI3yyYtK2soQSmsw9gs9Mhq72ZmbRPmcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQqxlld0OWyL4vT3YAdrSNxEjzhSjAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L0tzWlpYZERsc2ktTDA5MkFIYTBqY1JJODRVby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFf4jzANBgkqhkiG9w0BAQsFAAOC
AQEAc077qClB+6g8Kp6b50m805UnW1S63ASXWx+ftVAwZsKSC2gW8Rt9QM1BmSRt
GiHs/SA7rcnHz32LdOVsgOwS6ujADgEVbD9VjK6XYC3qTxa5qb4jAMVhY2CSdkcU
+rO61uBlRIUTxqbQcF274uFOAfqXCZlu7WNI69hLAktvwzpuGYz3x3S14kuq6Jm8
cKC01H5+q8TPrwLzJM4pRujDpA8btPZKX4oFrzFP45VtPRdtn53Xf/bXm6YLZNKZ
K0rxSApmEICYNysBbj4G9EpsWL1kYYfi/YDS/mLLEZUq7juy5ENDDmpoRiLX24Ng
UunFyM1BCoEOcy5I9aS2kdQICQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:21 2023 by rpki-client on console-fra.rpki-client.org