Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KyZIdCWHb64R0L3CU7MSfUX6uNM.roa
File: KyZIdCWHb64R0L3CU7MSfUX6uNM.roa (raw, json)
Hash identifier: x2YnyqMopLWFO4/VKWxax2DCKMl13TzJ3rUgX933u+M=
Subject key identifier: 2B:26:48:74:25:87:6F:AE:11:D0:BD:C2:53:B3:12:7D:45:FA:B8:D3
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 2769885B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KyZIdCWHb64R0L3CU7MSfUX6uNM.roa
Signing time: Sat 01 Jan 2022 16:07:57 +0000
ROA not before: Sat 01 Jan 2022 16:07:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34990
IP address blocks: 95.46.146.0/23 maxlen: 24
95.47.54.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 661227611 (0x2769885b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:07:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b26487425876fae11d0bdc253b3127d45fab8d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:66:bb:5e:a4:05:dc:4b:05:34:f0:22:d6:9f:
31:0f:3c:27:c3:01:62:e5:77:44:47:6c:ee:37:f1:
7c:2a:d7:99:ff:87:2e:5f:39:17:2a:e3:46:61:84:
1e:53:ba:7f:84:28:7b:94:99:8f:73:6e:7c:3a:ad:
18:6e:e6:e4:62:f3:65:fe:a2:c1:8b:e4:88:d4:97:
25:98:61:7b:dd:30:12:e0:d2:5d:f6:bb:5b:77:07:
36:f2:a1:6d:9c:25:fd:52:76:81:a9:20:28:e9:f5:
04:c8:6d:81:d9:fe:0c:0f:d4:01:80:40:11:85:4e:
fb:4e:02:a6:85:90:24:c6:9a:51:1e:70:15:ad:d4:
6c:d8:2f:58:ae:f6:a2:c6:bf:a7:fb:8b:9e:cf:79:
8c:3e:4f:e7:ba:8a:db:f4:8e:66:97:95:aa:1b:7c:
99:8d:11:52:a0:da:7e:db:02:3b:4d:fa:27:3f:ac:
85:52:31:11:90:a6:a4:c2:90:31:f9:2b:bd:28:80:
4f:df:ac:ed:72:74:8f:1d:91:80:43:07:18:b8:c6:
44:1f:45:5d:1e:fe:7e:59:ba:ca:60:fc:9f:fa:9f:
9e:3e:fd:ff:24:24:3e:d4:34:b1:c3:27:e0:e7:39:
49:a3:9f:79:cb:2a:12:37:d4:4b:da:96:f2:e8:95:
bf:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:26:48:74:25:87:6F:AE:11:D0:BD:C2:53:B3:12:7D:45:FA:B8:D3
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KyZIdCWHb64R0L3CU7MSfUX6uNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.146.0/23
95.47.54.0/23
Signature Algorithm: sha256WithRSAEncryption
47:13:57:3f:d8:71:43:61:16:e5:28:f8:ca:1a:0e:bf:f3:a5:
31:39:3c:6f:f0:d2:8c:42:3a:44:16:d9:16:bc:4b:f3:6f:05:
f3:53:98:d7:d0:8f:50:0e:2d:2d:cc:16:3b:55:64:85:8a:2b:
6b:8c:74:3d:f5:c2:5a:a1:94:da:2c:80:84:ce:ca:6c:b7:60:
1c:d9:8c:54:7c:44:bb:25:6c:a3:63:45:5f:76:61:8d:8b:f8:
5e:d3:83:0c:56:be:89:65:9d:65:a5:3d:af:8c:1c:32:24:00:
d7:b2:f2:c1:e1:fd:1b:55:d7:a9:dc:63:65:5f:8f:8e:e7:56:
aa:48:ed:4b:0c:10:85:d2:1f:0b:31:f7:f5:61:6f:ed:21:09:
5b:68:a0:c2:08:d1:2b:f8:b1:bc:cb:30:6c:e9:63:99:80:1a:
9d:4f:89:72:8e:de:9f:37:5b:9b:6f:fa:cb:b1:4f:9c:59:c5:
bf:a7:cb:56:5c:33:2b:62:9a:bb:1a:33:dd:9d:6c:a0:9a:94:
05:ee:06:f9:b6:3c:80:5e:da:c0:62:e4:56:fe:04:c6:50:a4:
cf:c3:49:2e:38:c8:cb:0d:52:8f:9d:a6:a1:01:38:30:2a:9a:
32:b5:83:c6:b4:90:3e:d5:ae:bb:49:9a:1d:fa:83:f7:b4:98:
02:fa:8a:f3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEJ2mIWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmIyNjQ4NzQyNTg3
NmZhZTExZDBiZGMyNTNiMzEyN2Q0NWZhYjhkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlmu16kBdxLBTTwItafMQ88J8MBYuV3REds7jfxfCrXmf+H
Ll85FyrjRmGEHlO6f4Qoe5SZj3NufDqtGG7m5GLzZf6iwYvkiNSXJZhhe90wEuDS
Xfa7W3cHNvKhbZwl/VJ2gakgKOn1BMhtgdn+DA/UAYBAEYVO+04CpoWQJMaaUR5w
Fa3UbNgvWK72osa/p/uLns95jD5P57qK2/SOZpeVqht8mY0RUqDaftsCO036Jz+s
hVIxEZCmpMKQMfkrvSiAT9+s7XJ0jx2RgEMHGLjGRB9FXR7+flm6ymD8n/qfnj79
/yQkPtQ0scMn4Oc5SaOfecsqEjfUS9qW8uiVv7sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQrJkh0JYdvrhHQvcJTsxJ9Rfq40zAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0t5WklkQ1dIYjY0UjBMM0NVN01TZlVYNnVOTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAV8ukgMEAV8vNjANBgkqhkiG9w0B
AQsFAAOCAQEARxNXP9hxQ2EW5Sj4yhoOv/OlMTk8b/DSjEI6RBbZFrxL828F81OY
19CPUA4tLcwWO1VkhYora4x0PfXCWqGU2iyAhM7KbLdgHNmMVHxEuyVso2NFX3Zh
jYv4XtODDFa+iWWdZaU9r4wcMiQA17LyweH9G1XXqdxjZV+PjudWqkjtSwwQhdIf
CzH39WFv7SEJW2igwgjRK/ixvMswbOljmYAanU+Jco7enzdbm2/6y7FPnFnFv6fL
VlwzK2Kauxoz3Z1soJqUBe4G+bY8gF7awGLkVv4ExlCkz8NJLjjIyw1Sj52moQE4
MCqaMrWDxrSQPtWuu0maHfqD97SYAvqK8w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:24 2023 by rpki-client on console-ams.rpki-client.org