Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/PKrOza0I1QpKVnykmLSyS89R6UI.roa
File: PKrOza0I1QpKVnykmLSyS89R6UI.roa (raw, json)
Hash identifier: 71trc0+jtK3CdyEl2ZjzruUJSTPf+I6BV8RC/cIUGM0=
Subject key identifier: 3C:AA:CE:CD:AD:08:D5:0A:4A:56:7C:A4:98:B4:B2:4B:CF:51:E9:42
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 0181D1D0274391350D44E76FB6A6179502DD
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/PKrOza0I1QpKVnykmLSyS89R6UI.roa
Signing time: Wed 06 Jul 2022 04:41:28 +0000
ROA not before: Wed 06 Jul 2022 04:41:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59432
IP address blocks: 95.214.182.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d1:d0:27:43:91:35:0d:44:e7:6f:b6:a6:17:95:02:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Jul 6 04:41:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3caacecdad08d50a4a567ca498b4b24bcf51e942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:69:de:8f:e9:2c:6d:46:55:ff:3f:8b:3f:34:
cf:8d:81:d7:f7:09:55:5e:f1:12:06:45:37:e1:9d:
49:6e:bc:e9:c9:4e:8c:69:f3:25:85:a8:20:c1:42:
90:fd:dc:27:35:1d:ee:bd:f5:f0:85:4d:93:9a:ca:
cb:f5:31:c5:10:92:38:90:be:a9:2a:f4:3e:02:5e:
74:96:ff:79:98:9a:f8:c7:92:1c:5b:e8:18:10:3d:
ca:59:ce:53:e2:a3:e1:f1:ee:9e:35:3f:7e:18:fa:
9e:fb:96:c9:bc:b3:a2:cd:0f:94:33:82:a6:9b:c3:
fa:66:bb:4d:2e:60:c4:44:10:64:76:35:a5:2c:6a:
51:18:e3:b3:50:d3:ee:1d:36:9f:87:ee:dd:e5:e4:
0c:66:69:02:ea:6b:56:8f:2c:66:2b:31:5e:62:06:
e0:97:07:ad:fd:28:eb:6c:32:8c:5e:f9:af:5e:9a:
91:cc:62:c3:4b:60:b4:1f:92:d8:aa:8c:8a:9a:e5:
27:0c:74:61:d6:d0:2a:07:9d:e9:47:84:4c:ff:c1:
21:78:86:b3:36:ca:34:bc:49:51:53:37:7e:f6:0e:
4f:cf:2d:ed:3e:ea:82:59:2d:2a:9f:2d:88:08:c2:
33:2a:58:9d:ed:fd:dd:48:10:25:3f:d0:1c:5f:3e:
3c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AA:CE:CD:AD:08:D5:0A:4A:56:7C:A4:98:B4:B2:4B:CF:51:E9:42
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/PKrOza0I1QpKVnykmLSyS89R6UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.182.0/23
Signature Algorithm: sha256WithRSAEncryption
54:7d:2b:31:45:89:6e:4d:a3:85:9b:65:b1:8f:82:42:3a:3b:
1b:bf:5b:c0:08:15:63:15:1a:02:f3:5e:0d:56:37:b7:e5:c2:
42:79:87:f5:e7:cd:7d:a2:c2:63:0d:0a:85:bc:47:df:9f:e0:
64:72:01:54:46:53:cf:47:cb:6d:33:4b:21:f1:34:2e:e4:e6:
63:6a:1d:6d:4e:fd:52:eb:df:9e:6c:99:8a:c4:be:ba:7b:75:
78:2e:3b:12:ac:82:27:db:1c:95:2e:60:21:a9:27:a5:d5:ed:
4e:59:ac:e5:fb:bc:1b:c0:f2:db:7f:66:3f:d0:eb:6c:55:c2:
1c:1f:15:69:3e:43:fb:a8:96:b6:ad:57:5c:3e:a9:22:64:9d:
58:79:95:92:69:90:80:75:9e:a7:ae:3f:11:4f:62:fe:e9:7c:
37:9e:e0:0a:ab:21:b4:b9:04:d0:c8:63:a5:67:4d:0d:bd:a2:
3a:18:d7:a9:b9:f4:8b:76:b1:fd:3b:1b:79:4e:30:db:c1:c0:
03:be:fd:7c:0d:7e:b1:95:47:f7:c6:4f:5a:d3:66:27:1b:20:
3e:99:6d:0a:fc:12:c0:67:29:32:cb:22:59:0a:ab:8d:aa:ed:
1f:1b:75:1c:0d:ea:72:43:50:23:4d:61:d8:97:f8:9e:4c:40:
d9:62:50:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHR0CdDkTUNROdvtqYXlQLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjIwNzA2MDQ0MTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2FhY2VjZGFkMDhkNTBhNGE1NjdjYTQ5OGI0YjI0YmNmNTFlOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmnej+ksbUZV/z+LPzTPjYHX9wlV
XvESBkU34Z1JbrzpyU6MafMlhaggwUKQ/dwnNR3uvfXwhU2TmsrL9THFEJI4kL6p
KvQ+Al50lv95mJr4x5IcW+gYED3KWc5T4qPh8e6eNT9+GPqe+5bJvLOizQ+UM4Km
m8P6ZrtNLmDERBBkdjWlLGpRGOOzUNPuHTafh+7d5eQMZmkC6mtWjyxmKzFeYgbg
lwet/SjrbDKMXvmvXpqRzGLDS2C0H5LYqoyKmuUnDHRh1tAqB53pR4RM/8EheIaz
Nso0vElRUzd+9g5Pzy3tPuqCWS0qny2ICMIzKlid7f3dSBAlP9AcXz48UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyqzs2tCNUKSlZ8pJi0skvPUelCMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvUEtyT3phMEkxUXBLVm55a21MU3lTODlSNlVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBX9a2MA0G
CSqGSIb3DQEBCwUAA4IBAQBUfSsxRYluTaOFm2Wxj4JCOjsbv1vACBVjFRoC814N
Vje35cJCeYf15819osJjDQqFvEffn+BkcgFURlPPR8ttM0sh8TQu5OZjah1tTv1S
69+ebJmKxL66e3V4LjsSrIIn2xyVLmAhqSel1e1OWazl+7wbwPLbf2Y/0OtsVcIc
HxVpPkP7qJa2rVdcPqkiZJ1YeZWSaZCAdZ6nrj8RT2L+6Xw3nuAKqyG0uQTQyGOl
Z00NvaI6GNepufSLdrH9Oxt5TjDbwcADvv18DX6xlUf3xk9a02YnGyA+mW0K/BLA
ZykyyyJZCquNqu0fG3UcDepyQ1AjTWHYl/ieTEDZYlD4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:27 2023 by rpki-client on console-fra.rpki-client.org