Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kzPovDilIved0nh_gm7Ap-o6-GQ.roa
File: kzPovDilIved0nh_gm7Ap-o6-GQ.roa (raw, json)
Hash identifier: VeaA39Kro4UFKQWHemPLgELosO44hn45vqsmWXo3H8o=
Subject key identifier: 93:33:E8:BC:38:A5:22:F7:9D:D2:78:7F:82:6E:C0:A7:EA:3A:F8:64
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27F1303C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kzPovDilIved0nh_gm7Ap-o6-GQ.roa
Signing time: Sat 01 Jan 2022 16:09:11 +0000
ROA not before: Sat 01 Jan 2022 16:09:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60510
IP address blocks: 95.47.146.0/24 maxlen: 24
95.47.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 670117948 (0x27f1303c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:09:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9333e8bc38a522f79dd2787f826ec0a7ea3af864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c8:85:0d:7d:26:84:64:e5:94:f4:e3:24:33:
e0:ab:fb:7e:1c:07:48:a2:5c:3a:c1:0a:7d:59:79:
5c:b4:2c:01:eb:61:c0:cc:b9:46:83:4a:32:1f:6e:
d7:51:b5:81:a9:f0:c5:5a:81:11:7c:be:a5:5e:77:
14:56:59:03:9a:42:a0:29:2c:ae:8e:36:a7:a8:1c:
10:5a:ee:93:bf:86:d3:4b:f0:c9:73:d1:a0:5c:ba:
66:e7:40:42:1b:d9:fd:b6:11:1e:d6:cc:a4:a3:20:
c0:c8:51:87:ae:87:a5:1a:f7:3b:76:70:55:68:cf:
7f:70:93:fe:5b:81:80:98:f3:a9:10:4f:ba:a2:9d:
0a:f9:8a:70:b8:f4:ac:0c:46:0b:2a:36:42:aa:ba:
46:6e:87:e1:51:95:f5:64:d4:f3:64:ef:fe:a1:2b:
76:6b:8f:cd:7f:46:5d:71:4e:71:49:4a:95:9f:7d:
67:93:7b:60:17:4b:ef:ac:ed:f2:ea:bd:a5:f2:1c:
45:d7:42:ce:d8:37:f7:48:f4:6b:b2:cb:43:6a:a9:
89:c9:cb:6a:3a:33:e9:86:6b:2e:ac:0c:1b:2b:21:
d9:61:41:f0:e5:73:05:04:13:71:ca:fa:fe:82:9f:
80:44:0b:4f:4a:37:13:7f:72:14:75:36:09:1a:3c:
4e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:33:E8:BC:38:A5:22:F7:9D:D2:78:7F:82:6E:C0:A7:EA:3A:F8:64
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kzPovDilIved0nh_gm7Ap-o6-GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.146.0/24
95.47.155.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:22:fe:68:5b:4f:4c:b0:34:c7:27:56:4d:36:fb:a5:d6:ef:
e2:6d:a7:bc:99:cb:d3:2b:dd:5c:cd:5c:3e:af:99:8d:1f:55:
b5:b7:18:02:95:8f:db:0a:81:c4:ee:f4:f3:e4:af:c0:00:a2:
22:ea:37:73:7b:68:31:7e:a3:35:5b:53:fc:ab:fd:9d:ef:bd:
ca:45:4e:cd:35:be:94:3e:10:35:c6:db:b1:7a:7c:13:35:4f:
85:51:cf:9b:49:2d:b0:89:4d:20:f2:c0:fc:b9:91:cc:17:87:
fe:01:b0:f7:93:8c:c6:9e:de:37:fc:c6:e1:f7:53:4a:b7:67:
34:a7:ed:47:4b:5b:18:33:b8:9a:35:8c:0d:60:73:8c:04:9f:
ae:7e:05:c6:4f:79:23:f4:68:43:b7:77:2d:b2:d2:46:c4:9c:
c9:2e:95:76:13:a1:89:2f:cd:69:27:cb:d9:52:09:27:ae:18:
31:f3:64:54:db:cc:a6:a9:32:fb:4d:aa:15:8f:8d:db:bc:39:
06:19:c8:c2:ae:4b:40:9c:86:56:45:57:32:bb:06:36:21:1a:
94:72:75:e7:84:f8:1e:fe:54:1f:3b:96:e8:0f:0b:a0:11:c6:
f3:cb:af:0b:cb:93:0c:21:3d:6b:ca:c9:a3:32:52:6d:93:8e:
3a:d7:d6:06
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEJ/EwPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTMzM2U4YmMzOGE1
MjJmNzlkZDI3ODdmODI2ZWMwYTdlYTNhZjg2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXIhQ19JoRk5ZT04yQz4Kv7fhwHSKJcOsEKfVl5XLQsAeth
wMy5RoNKMh9u11G1ganwxVqBEXy+pV53FFZZA5pCoCksro42p6gcEFruk7+G00vw
yXPRoFy6ZudAQhvZ/bYRHtbMpKMgwMhRh66HpRr3O3ZwVWjPf3CT/luBgJjzqRBP
uqKdCvmKcLj0rAxGCyo2Qqq6Rm6H4VGV9WTU82Tv/qErdmuPzX9GXXFOcUlKlZ99
Z5N7YBdL76zt8uq9pfIcRddCztg390j0a7LLQ2qpicnLajoz6YZrLqwMGysh2WFB
8OVzBQQTccr6/oKfgEQLT0o3E39yFHU2CRo8TuECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSTM+i8OKUi953SeH+CbsCn6jr4ZDAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L2t6UG92RGlsSXZlZDBuaF9nbTdBcC1vNi1HUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF8vkgMEAF8vmzANBgkqhkiG9w0B
AQsFAAOCAQEATSL+aFtPTLA0xydWTTb7pdbv4m2nvJnL0yvdXM1cPq+ZjR9VtbcY
ApWP2wqBxO708+SvwACiIuo3c3toMX6jNVtT/Kv9ne+9ykVOzTW+lD4QNcbbsXp8
EzVPhVHPm0ktsIlNIPLA/LmRzBeH/gGw95OMxp7eN/zG4fdTSrdnNKftR0tbGDO4
mjWMDWBzjASfrn4Fxk95I/RoQ7d3LbLSRsScyS6VdhOhiS/NaSfL2VIJJ64YMfNk
VNvMpqky+02qFY+N27w5BhnIwq5LQJyGVkVXMrsGNiEalHJ154T4Hv5UHzuW6A8L
oBHG88uvC8uTDCE9a8rJozJSbZOOOtfWBg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:51 2025 by rpki-client