Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/c59484-b07a-4ca1-abcd-a83845caac21/1/KapBS7L7KtKD54Tn4aiI4OVQyxQ.roa
File: KapBS7L7KtKD54Tn4aiI4OVQyxQ.roa (raw, json)
Hash identifier: tdJOEVToxc0KhZqmTPsIAtts5qaUoyIku0a7J2zFsJI=
Subject key identifier: 29:AA:41:4B:B2:FB:2A:D2:83:E7:84:E7:E1:A8:88:E0:E5:50:CB:14
Certificate issuer: /CN=71df6c753ea085bef372b392630f74ba57696ee5
Certificate serial: 03A252AE
Authority key identifier: 71:DF:6C:75:3E:A0:85:BE:F3:72:B3:92:63:0F:74:BA:57:69:6E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cd9sdT6ghb7zcrOSYw90uldpbuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/c59484-b07a-4ca1-abcd-a83845caac21/1/KapBS7L7KtKD54Tn4aiI4OVQyxQ.roa
Signing time: Sat 01 Jan 2022 04:52:50 +0000
ROA not before: Sat 01 Jan 2022 04:52:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42973
IP address blocks: 83.97.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60969646 (0x3a252ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71df6c753ea085bef372b392630f74ba57696ee5
Validity
Not Before: Jan 1 04:52:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29aa414bb2fb2ad283e784e7e1a888e0e550cb14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a8:f2:61:ec:81:bb:a5:4d:17:35:2f:e7:22:
81:51:4f:26:0b:21:88:35:31:57:d0:bb:db:ad:e9:
03:4f:f2:a0:f0:ce:03:39:a3:0e:67:e5:3e:0f:60:
25:e7:76:05:4b:3e:23:90:0a:aa:95:4e:87:ec:f7:
43:08:e1:46:46:bf:35:09:54:45:b3:fa:b2:47:34:
fb:62:79:f6:65:fc:9c:3e:28:af:6d:27:ff:a6:fc:
97:f5:03:99:cc:fe:b9:5c:16:96:76:6e:2a:3b:03:
bd:71:0a:0d:dd:df:8a:28:65:4d:49:41:ee:2f:a8:
c3:70:44:1b:fb:91:f8:ec:bf:a0:55:3c:6b:ba:1f:
dc:db:b6:c7:6f:db:6b:56:18:54:68:c2:9a:c8:14:
18:f1:58:ba:e1:5a:0a:e3:34:5b:30:6d:41:62:75:
53:f4:9d:17:d8:c3:5b:65:5c:44:6e:b2:bd:f4:d7:
bd:98:85:f0:97:8f:bb:41:ac:88:b6:12:d1:a4:d4:
8f:77:99:75:ab:50:96:85:7f:0d:b4:f7:e3:ac:e5:
ce:4f:c8:39:d5:a6:ed:aa:9b:3b:5d:e4:c5:5e:fc:
3a:5b:65:c9:25:8f:93:84:06:a5:2c:fd:9b:f6:de:
0d:43:1f:c9:76:db:64:ba:e1:3e:69:96:37:03:aa:
47:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:AA:41:4B:B2:FB:2A:D2:83:E7:84:E7:E1:A8:88:E0:E5:50:CB:14
X509v3 Authority Key Identifier:
keyid:71:DF:6C:75:3E:A0:85:BE:F3:72:B3:92:63:0F:74:BA:57:69:6E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd9sdT6ghb7zcrOSYw90uldpbuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c59484-b07a-4ca1-abcd-a83845caac21/1/KapBS7L7KtKD54Tn4aiI4OVQyxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c59484-b07a-4ca1-abcd-a83845caac21/1/cd9sdT6ghb7zcrOSYw90uldpbuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.32.0/22
Signature Algorithm: sha256WithRSAEncryption
88:b1:75:71:5e:63:45:f4:ba:05:c6:c1:10:15:6a:11:a8:ec:
70:0e:35:58:26:8d:13:1d:48:3d:6f:87:32:92:1a:f9:0e:09:
3c:58:00:ec:4c:74:41:e2:a0:4f:63:08:c1:18:9b:91:be:5a:
49:ee:97:ca:92:9e:a1:c3:b1:43:08:34:ed:2f:41:d6:f9:16:
ce:0a:a6:fb:59:9c:d1:a8:b1:1e:0d:1b:33:67:a0:81:04:65:
62:39:18:12:3b:27:b5:c1:91:3e:6e:37:cc:8e:9f:22:89:19:
6c:58:7e:b4:1c:17:50:a0:17:8b:0a:a7:4c:6a:50:84:68:19:
97:a5:ec:e1:fa:cc:7e:04:7c:59:e2:9e:38:09:0f:b8:8e:20:
84:e2:02:ce:a7:99:09:b1:97:b3:32:68:74:36:fd:b8:04:f9:
f7:8c:49:5b:d7:c7:76:79:31:b8:d1:f9:e1:fb:5c:ea:5a:11:
48:88:4d:55:e3:69:ce:7c:15:ae:26:8b:7d:7b:b4:8f:bd:dd:
85:ec:86:2f:4d:36:e3:cf:2c:84:1e:98:b5:c0:c1:4e:38:35:
48:82:aa:52:c7:44:e3:f5:f8:53:75:af:b0:0a:dd:bc:e0:87:
30:2f:7c:10:a6:7f:ff:48:27:0a:46:3e:97:30:37:4f:8a:f0:
57:04:d4:15
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA6JSrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MWRmNmM3NTNlYTA4NWJlZjM3MmIzOTI2MzBmNzRiYTU3Njk2ZWU1MB4XDTIyMDEw
MTA0NTI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjlhYTQxNGJiMmZi
MmFkMjgzZTc4NGU3ZTFhODg4ZTBlNTUwY2IxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIWo8mHsgbulTRc1L+cigVFPJgshiDUxV9C7263pA0/yoPDO
AzmjDmflPg9gJed2BUs+I5AKqpVOh+z3QwjhRka/NQlURbP6skc0+2J59mX8nD4o
r20n/6b8l/UDmcz+uVwWlnZuKjsDvXEKDd3fiihlTUlB7i+ow3BEG/uR+Oy/oFU8
a7of3Nu2x2/ba1YYVGjCmsgUGPFYuuFaCuM0WzBtQWJ1U/SdF9jDW2VcRG6yvfTX
vZiF8JePu0GsiLYS0aTUj3eZdatQloV/DbT346zlzk/IOdWm7aqbO13kxV78Oltl
ySWPk4QGpSz9m/beDUMfyXbbZLrhPmmWNwOqR3kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpqkFLsvsq0oPnhOfhqIjg5VDLFDAfBgNVHSMEGDAWgBRx32x1PqCFvvNy
s5JjD3S6V2lu5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NkOXNkVDZnaGI3emNyT1NZdzkwdWxkcGJ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvYzU5NDg0LWIwN2EtNGNhMS1hYmNkLWE4Mzg0NWNhYWMyMS8x
L0thcEJTN0w3S3RLRDU0VG40YWlJNE9WUXl4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
YzU5NDg0LWIwN2EtNGNhMS1hYmNkLWE4Mzg0NWNhYWMyMS8xL2NkOXNkVDZnaGI3
emNyT1NZdzkwdWxkcGJ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlNhIDANBgkqhkiG9w0BAQsFAAOC
AQEAiLF1cV5jRfS6BcbBEBVqEajscA41WCaNEx1IPW+HMpIa+Q4JPFgA7Ex0QeKg
T2MIwRibkb5aSe6XypKeocOxQwg07S9B1vkWzgqm+1mc0aixHg0bM2eggQRlYjkY
EjsntcGRPm43zI6fIokZbFh+tBwXUKAXiwqnTGpQhGgZl6Xs4frMfgR8WeKeOAkP
uI4ghOICzqeZCbGXszJodDb9uAT594xJW9fHdnkxuNH54ftc6loRSIhNVeNpznwV
riaLfXu0j73dheyGL002488shB6YtcDBTjg1SIKqUsdE4/X4U3WvsArdvOCHMC98
EKZ//0gnCkY+lzA3T4rwVwTUFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:10 2024 by rpki-client on console-ams.rpki-client.org