Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/kz801ZoU31cQaXNOOQjYkkN40lI.roa
File: kz801ZoU31cQaXNOOQjYkkN40lI.roa (raw, json)
Hash identifier: PhScrNX3O7vTSZ6i/3HgJQwb8A2tze2QL+dwpckRQPo=
Subject key identifier: 93:3F:34:D5:9A:14:DF:57:10:69:73:4E:39:08:D8:92:43:78:D2:52
Certificate issuer: /CN=a40a081fba8fb33efb46259ef93f6878d70150eb
Certificate serial: 018570DE31D4A48C15F0B158E9F2E5F39E94
Authority key identifier: A4:0A:08:1F:BA:8F:B3:3E:FB:46:25:9E:F9:3F:68:78:D7:01:50:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAoIH7qPsz77RiWe-T9oeNcBUOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/kz801ZoU31cQaXNOOQjYkkN40lI.roa
Signing time: Mon 02 Jan 2023 05:04:47 +0000
ROA not before: Mon 02 Jan 2023 05:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25238
IP address blocks: 195.234.206.0/23 maxlen: 23
195.234.204.0/23 maxlen: 23
2001:67c:2620::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:31:d4:a4:8c:15:f0:b1:58:e9:f2:e5:f3:9e:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a40a081fba8fb33efb46259ef93f6878d70150eb
Validity
Not Before: Jan 2 05:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=933f34d59a14df571069734e3908d8924378d252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:82:bb:b2:f1:57:6e:24:4b:17:30:b7:ca:d0:
a0:c5:94:57:fa:b7:69:47:da:6e:10:ab:6b:c1:8a:
e1:28:49:f5:72:4b:0f:ad:c4:29:21:a4:4e:d3:a8:
d2:ea:5b:9a:74:0a:a9:ec:96:e5:86:ea:4d:04:77:
fa:a6:e4:c1:a4:07:c5:50:7f:8d:75:c5:f0:5f:4a:
cf:bd:74:7b:53:8a:aa:88:98:7a:93:ca:70:6b:71:
1b:02:df:b5:a0:82:82:05:6e:73:91:58:45:f7:b2:
2c:31:20:35:ae:4a:c0:f8:41:15:80:cb:11:50:2e:
14:76:3d:06:58:90:27:71:2f:99:e7:8c:1e:38:a2:
bb:45:2b:90:84:c9:80:e3:b7:00:53:c6:d5:8b:76:
97:38:90:8a:32:8f:85:a0:c5:6e:e9:36:d8:4e:e0:
70:59:b8:d5:cf:71:67:c6:76:c0:7c:40:d3:6b:5b:
de:73:e9:5b:4e:8f:70:e7:cd:23:95:26:03:d7:d5:
e9:cf:81:c6:85:88:be:0d:ea:4a:bd:d2:2b:54:22:
a4:cd:bf:cd:37:55:03:7d:7c:99:5b:bd:dc:c8:2c:
43:2d:e3:36:c7:bd:93:42:e5:25:fc:e9:8f:59:40:
37:e3:a6:b5:00:fb:56:fb:8b:64:d2:e7:1c:7c:83:
f7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:3F:34:D5:9A:14:DF:57:10:69:73:4E:39:08:D8:92:43:78:D2:52
X509v3 Authority Key Identifier:
keyid:A4:0A:08:1F:BA:8F:B3:3E:FB:46:25:9E:F9:3F:68:78:D7:01:50:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAoIH7qPsz77RiWe-T9oeNcBUOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/kz801ZoU31cQaXNOOQjYkkN40lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/pAoIH7qPsz77RiWe-T9oeNcBUOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.204.0/22
IPv6:
2001:67c:2620::/48
Signature Algorithm: sha256WithRSAEncryption
57:2b:1e:73:db:0e:49:16:dc:9b:22:59:0b:7f:e5:66:c3:4f:
8c:38:e1:c7:33:fe:b1:0d:a8:3a:2d:b2:2b:64:61:4d:79:b8:
bf:13:41:a5:54:53:b6:85:b8:bd:43:96:ea:9e:3e:ea:8f:4a:
85:c0:94:1c:86:23:c7:bd:12:38:59:ce:c6:de:94:4e:9f:b3:
5f:02:57:dd:c3:6d:93:46:ef:f0:2d:41:62:3e:e7:c1:6d:80:
f5:30:4c:68:bc:84:71:89:db:57:36:cd:c8:34:f9:e1:9f:c6:
19:9d:d3:20:dc:4d:58:33:ba:17:a4:f9:bf:6d:c8:e0:a5:41:
cd:44:a7:c7:4a:42:47:a2:d3:b6:ea:48:f2:f1:7b:c0:13:0d:
6f:5d:fb:d2:fd:24:0e:52:16:6f:03:17:12:2c:4b:14:51:70:
47:f8:2f:e5:e0:40:c1:b1:f3:08:9b:d4:d3:36:5f:91:96:2d:
da:25:5e:2e:68:bf:eb:a7:ca:b3:f8:5c:71:b0:3d:cc:c9:3a:
91:71:37:77:e3:5d:5e:a8:9f:65:ca:9c:1d:7b:ad:39:bf:c9:
8b:4f:6a:5f:c0:56:c6:ae:a2:40:a8:55:9f:9f:b4:17:7c:cd:
24:d9:c8:6d:fc:a8:d3:70:6d:45:34:2f:3c:f5:5b:6b:fa:1f:
cd:b7:b8:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVw3jHUpIwV8LFY6fLl856UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MGEwODFmYmE4ZmIzM2VmYjQ2MjU5ZWY5M2Y2ODc4ZDcw
MTUwZWIwHhcNMjMwMTAyMDUwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzNmMzRkNTlhMTRkZjU3MTA2OTczNGUzOTA4ZDg5MjQzNzhkMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oK7svFXbiRLFzC3ytCgxZRX+rdp
R9puEKtrwYrhKEn1cksPrcQpIaRO06jS6luadAqp7JblhupNBHf6puTBpAfFUH+N
dcXwX0rPvXR7U4qqiJh6k8pwa3EbAt+1oIKCBW5zkVhF97IsMSA1rkrA+EEVgMsR
UC4Udj0GWJAncS+Z54weOKK7RSuQhMmA47cAU8bVi3aXOJCKMo+FoMVu6TbYTuBw
WbjVz3FnxnbAfEDTa1vec+lbTo9w580jlSYD19Xpz4HGhYi+DepKvdIrVCKkzb/N
N1UDfXyZW73cyCxDLeM2x72TQuUl/OmPWUA346a1APtW+4tk0uccfIP3JQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJM/NNWaFN9XEGlzTjkI2JJDeNJSMB8GA1UdIwQY
MBaAFKQKCB+6j7M++0Ylnvk/aHjXAVDrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFvSUg3cVBzejc3UmlXZS1UOW9lTmNCVU9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jYjI3YTAtOTRkMi00OWFhLTg1ZWEt
YWU5MWU0NjYyZDkzLzEva3o4MDFab1UzMWNRYVhOT09Rallra040MGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jYjI3YTAtOTRkMi00OWFhLTg1ZWEtYWU5MWU0NjYyZDkz
LzEvcEFvSUg3cVBzejc3UmlXZS1UOW9lTmNCVU9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCw+rMMA8E
AgACMAkDBwAgAQZ8JiAwDQYJKoZIhvcNAQELBQADggEBAFcrHnPbDkkW3JsiWQt/
5WbDT4w44ccz/rENqDotsitkYU15uL8TQaVUU7aFuL1DluqePuqPSoXAlByGI8e9
EjhZzsbelE6fs18CV93DbZNG7/AtQWI+58FtgPUwTGi8hHGJ21c2zcg0+eGfxhmd
0yDcTVgzuhek+b9tyOClQc1Ep8dKQkei07bqSPLxe8ATDW9d+9L9JA5SFm8DFxIs
SxRRcEf4L+XgQMGx8wib1NM2X5GWLdolXi5ov+unyrP4XHGwPczJOpFxN3fjXV6o
n2XKnB17rTm/yYtPal/AVsauokCoVZ+ftBd8zSTZyG38qNNwbUU0Lzz1W2v6H823
uJQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:56 2025 by rpki-client