Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/KRZIpm4fSsUREw2PQZIh_fbejxk.roa
File: KRZIpm4fSsUREw2PQZIh_fbejxk.roa (raw, json)
Hash identifier: mai+t+bhIPaCQNIjIaHo+VLg3sjj8qfrlUodIKwXEss=
Subject key identifier: 29:16:48:A6:6E:1F:4A:C5:11:13:0D:8F:41:92:21:FD:F6:DE:8F:19
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 111D80E1
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/KRZIpm4fSsUREw2PQZIh_fbejxk.roa
Signing time: Sat 01 Jan 2022 14:04:45 +0000
ROA not before: Sat 01 Jan 2022 14:04:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59708
IP address blocks: 80.253.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287146209 (0x111d80e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 1 14:04:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=291648a66e1f4ac511130d8f419221fdf6de8f19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:70:d5:3b:af:7b:88:5a:88:68:30:b4:18:
da:b9:f7:a7:49:e1:81:27:88:54:f2:07:58:b4:ce:
b4:5d:77:dc:6a:5f:89:f6:25:ee:a9:d0:e6:37:78:
52:51:53:76:ed:09:49:ec:6f:9f:6a:ab:d2:e2:f1:
cd:53:0f:4b:cf:fe:3e:7d:b5:85:3d:fc:ac:1c:43:
1f:3e:10:78:5e:22:97:7c:51:b6:9d:d5:3a:17:1e:
07:27:54:08:ee:9e:90:43:6b:c6:07:c9:50:e5:af:
d0:5c:46:b8:2b:9e:f3:ad:9c:23:5d:67:9e:0f:e6:
6d:15:85:cc:03:9d:61:e6:9d:a0:68:42:03:5f:c7:
6f:a9:22:c3:99:f9:a6:eb:ab:f0:4c:3f:71:c0:4b:
e7:28:45:55:49:5f:d4:51:16:59:21:c7:0b:b6:29:
4f:a8:13:24:14:d0:d1:69:5f:8f:60:1b:c6:e6:4f:
51:b7:91:a6:f6:6b:d0:db:f4:d9:da:01:b0:f9:da:
89:c6:5f:13:30:c9:9d:ac:f3:3d:1a:0a:67:15:fd:
1a:0d:d9:40:2e:34:ff:2e:18:6e:ac:99:10:22:74:
38:43:62:ea:2e:6a:e8:42:f9:af:a4:cf:1b:e7:0c:
94:16:7e:eb:22:25:0d:d1:e1:54:a3:70:0f:8d:5d:
80:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:16:48:A6:6E:1F:4A:C5:11:13:0D:8F:41:92:21:FD:F6:DE:8F:19
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/KRZIpm4fSsUREw2PQZIh_fbejxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.157.0/24
Signature Algorithm: sha256WithRSAEncryption
13:f5:4f:ec:eb:82:e1:bf:04:f8:0f:fe:e3:ee:0e:0b:c4:10:
a7:f3:6b:b6:87:4d:6d:bb:1d:9f:c0:9b:d8:14:cc:1c:62:db:
2a:6d:98:b8:65:86:a6:f1:63:91:f7:34:f1:3e:b5:2a:fb:ec:
85:1c:e6:51:2f:0d:7b:b7:40:48:eb:84:5a:6f:e3:4b:ca:57:
45:d4:12:02:3f:f1:22:41:1b:2b:98:7b:5d:3a:a3:c7:44:75:
6e:7a:05:31:84:6e:21:46:70:5b:0f:c9:16:ac:b5:2a:f6:41:
21:36:47:42:7e:5b:76:9a:48:3a:40:9c:f1:58:1a:06:08:43:
f4:1e:aa:1c:b5:43:44:c0:6e:d4:4a:df:e6:1c:f6:f7:63:87:
09:66:ad:b8:5b:33:0f:4b:0f:63:24:06:6e:ff:9a:6e:a4:19:
69:e2:c6:58:77:32:c3:23:80:1e:f6:52:18:1d:76:3d:c7:62:
2d:41:6e:9d:22:96:13:0a:ee:aa:f2:6c:bf:56:1b:ea:88:83:
96:e7:fc:62:c6:ec:1c:39:f8:86:58:ca:47:eb:0c:d1:50:07:
6b:92:83:43:0b:0d:46:a9:13:39:ae:32:fc:e0:a6:92:e2:ff:
1b:1b:58:62:ab:6f:2b:65:d0:91:aa:e6:46:67:e4:ef:10:bf:
ec:70:c2:bf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEER2A4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjY5OGM0YjYxMmFmZWUyY2JiMWNkZDUwOWU0ZjAyNDZmYmI4MGUxMB4XDTIyMDEw
MTE0MDQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkxNjQ4YTY2ZTFm
NGFjNTExMTMwZDhmNDE5MjIxZmRmNmRlOGYxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzxcNU7r3uIWohoMLQY2rn3p0nhgSeIVPIHWLTOtF133Gpf
ifYl7qnQ5jd4UlFTdu0JSexvn2qr0uLxzVMPS8/+Pn21hT38rBxDHz4QeF4il3xR
tp3VOhceBydUCO6ekENrxgfJUOWv0FxGuCue862cI11nng/mbRWFzAOdYeadoGhC
A1/Hb6kiw5n5puur8Ew/ccBL5yhFVUlf1FEWWSHHC7YpT6gTJBTQ0Wlfj2AbxuZP
UbeRpvZr0Nv02doBsPnaicZfEzDJnazzPRoKZxX9Gg3ZQC40/y4YbqyZECJ0OENi
6i5q6EL5r6TPG+cMlBZ+6yIlDdHhVKNwD41dgPMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpFkimbh9KxRETDY9BkiH99t6PGTAfBgNVHSMEGDAWgBRbaYxLYSr+4sux
zdUJ5PAkb7uA4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1cybU1TMkVxX3VMTHNjM1ZDZVR3SkctN2dPRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvYzE2ZjU1LWI0NGQtNDBjMy05ZGFjLWNjMmZhZmUzYThiNC8x
L0tSWklwbTRmU3NVUkV3MlBRWkloX2ZiZWp4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
YzE2ZjU1LWI0NGQtNDBjMy05ZGFjLWNjMmZhZmUzYThiNC8xL1cybU1TMkVxX3VM
THNjM1ZDZVR3SkctN2dPRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFD9nTANBgkqhkiG9w0BAQsFAAOC
AQEAE/VP7OuC4b8E+A/+4+4OC8QQp/NrtodNbbsdn8Cb2BTMHGLbKm2YuGWGpvFj
kfc08T61KvvshRzmUS8Ne7dASOuEWm/jS8pXRdQSAj/xIkEbK5h7XTqjx0R1bnoF
MYRuIUZwWw/JFqy1KvZBITZHQn5bdppIOkCc8VgaBghD9B6qHLVDRMBu1Erf5hz2
92OHCWatuFszD0sPYyQGbv+abqQZaeLGWHcywyOAHvZSGB12PcdiLUFunSKWEwru
qvJsv1Yb6oiDluf8YsbsHDn4hljKR+sM0VAHa5KDQwsNRqkTOa4y/OCmkuL/GxtY
YqtvK2XQkarmRmfk7xC/7HDCvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:01 2024 by rpki-client on console-fra.rpki-client.org