Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/eaf169-fd91-48f7-953b-7e69c7283de4/1/kLzyn_M5Pv9LPL1UD9keE44qwZk.roa
File: kLzyn_M5Pv9LPL1UD9keE44qwZk.roa (raw, json)
Hash identifier: I6qgb1inVWaVXVAZCFghlAqsqoLxvdJ4L9hob8e3mBQ=
Subject key identifier: 90:BC:F2:9F:F3:39:3E:FF:4B:3C:BD:54:0F:D9:1E:13:8E:2A:C1:99
Certificate issuer: /CN=09a8c234f2b0d6c9ca13e5411da29cf2c44f2891
Certificate serial: 7BBE67
Authority key identifier: 09:A8:C2:34:F2:B0:D6:C9:CA:13:E5:41:1D:A2:9C:F2:C4:4F:28:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CajCNPKw1snKE-VBHaKc8sRPKJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/eaf169-fd91-48f7-953b-7e69c7283de4/1/kLzyn_M5Pv9LPL1UD9keE44qwZk.roa
Signing time: Sat 01 Jan 2022 01:55:20 +0000
ROA not before: Sat 01 Jan 2022 01:55:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 212.52.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8109671 (0x7bbe67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09a8c234f2b0d6c9ca13e5411da29cf2c44f2891
Validity
Not Before: Jan 1 01:55:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90bcf29ff3393eff4b3cbd540fd91e138e2ac199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ce:87:45:36:18:3d:29:7b:3f:7d:65:9f:3e:
91:82:10:2a:27:08:50:ee:77:f7:29:66:04:fa:10:
bc:44:5c:fc:52:a3:77:b8:95:a2:7e:bb:06:e9:6c:
e7:70:c5:5f:21:df:86:55:e6:7c:04:b0:69:40:2e:
0e:74:5f:53:52:33:5a:73:17:37:e1:a2:70:f3:b1:
fd:7a:7d:74:dc:91:20:86:ba:85:de:ba:e6:8d:c3:
8b:f9:54:0f:0d:ba:65:23:cb:31:61:67:a1:26:db:
d0:64:32:7c:33:7c:dd:c8:01:9c:20:f4:49:58:ad:
3e:df:25:df:82:01:43:70:19:93:6b:f2:dd:c3:ad:
35:99:63:4c:3a:0d:bb:47:e9:36:e2:64:e5:ed:02:
3e:95:74:77:83:f2:89:69:89:47:98:73:ed:7b:0c:
90:81:a9:73:d0:1f:fa:dd:a0:09:5b:e9:0a:37:4d:
94:1e:c8:f5:32:7e:aa:4b:7d:33:3c:be:17:7c:b5:
23:0d:05:e3:78:b5:ea:64:ac:2c:6b:91:45:b0:96:
54:c1:0a:0c:f2:81:d1:15:37:b9:4d:3c:4d:db:e8:
ca:49:18:c6:7f:fe:01:35:52:e6:f6:bb:9d:57:8c:
87:45:b2:e1:3e:9e:78:00:58:d4:d5:d7:56:8f:88:
62:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BC:F2:9F:F3:39:3E:FF:4B:3C:BD:54:0F:D9:1E:13:8E:2A:C1:99
X509v3 Authority Key Identifier:
keyid:09:A8:C2:34:F2:B0:D6:C9:CA:13:E5:41:1D:A2:9C:F2:C4:4F:28:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CajCNPKw1snKE-VBHaKc8sRPKJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/eaf169-fd91-48f7-953b-7e69c7283de4/1/kLzyn_M5Pv9LPL1UD9keE44qwZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/eaf169-fd91-48f7-953b-7e69c7283de4/1/CajCNPKw1snKE-VBHaKc8sRPKJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.52.28.0/24
Signature Algorithm: sha256WithRSAEncryption
31:ce:2c:04:2a:e5:bc:4d:c2:8f:65:65:0c:2b:42:9d:03:4f:
41:bd:54:ac:fa:b2:b1:e0:2b:46:d2:ad:f8:83:fe:e3:4c:51:
39:1c:d9:b6:90:88:f6:53:f2:f4:94:9e:e9:f4:0a:22:fd:23:
57:48:7a:4d:b8:24:a4:c2:95:22:2c:98:b6:0c:b0:de:15:76:
a1:9e:b7:8f:63:5f:22:8f:4b:8c:20:82:51:f7:1f:d6:5a:59:
a2:5d:b6:23:70:7b:cf:42:ef:b9:1a:f6:90:86:bc:7f:d6:e4:
95:6a:94:1b:94:ff:97:c8:cf:e4:3a:ab:e9:1c:3b:d4:fd:57:
70:47:d0:57:b2:65:a9:4d:65:50:af:11:d9:f7:eb:06:ee:7a:
d3:38:ec:46:39:03:41:50:63:94:44:13:84:db:8a:79:bc:5f:
59:c0:e3:d1:98:08:88:30:ef:d8:21:5a:87:ae:c0:86:93:b9:
eb:65:e8:59:23:13:69:0b:86:db:01:d9:a4:19:be:b6:c3:d4:
bb:ca:6e:29:3d:6d:93:b9:1d:6a:80:7e:41:2e:42:50:31:1d:
29:48:6c:82:27:a1:fa:18:bd:fb:9a:77:ea:50:d9:ce:e2:9c:
bb:31:9d:a8:e4:9e:c9:c7:a1:78:f0:16:cb:2c:50:c8:6c:2e:
95:8e:a1:8d
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDe75nMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA5
YThjMjM0ZjJiMGQ2YzljYTEzZTU0MTFkYTI5Y2YyYzQ0ZjI4OTEwHhcNMjIwMTAx
MDE1NTIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5MGJjZjI5ZmYzMzkz
ZWZmNGIzY2JkNTQwZmQ5MWUxMzhlMmFjMTk5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuM6HRTYYPSl7P31lnz6RghAqJwhQ7nf3KWYE+hC8RFz8UqN3
uJWifrsG6WzncMVfId+GVeZ8BLBpQC4OdF9TUjNacxc34aJw87H9en103JEghrqF
3rrmjcOL+VQPDbplI8sxYWehJtvQZDJ8M3zdyAGcIPRJWK0+3yXfggFDcBmTa/Ld
w601mWNMOg27R+k24mTl7QI+lXR3g/KJaYlHmHPtewyQgalz0B/63aAJW+kKN02U
Hsj1Mn6qS30zPL4XfLUjDQXjeLXqZKwsa5FFsJZUwQoM8oHRFTe5TTxN2+jKSRjG
f/4BNVLm9rudV4yHRbLhPp54AFjU1ddWj4hiYwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJC88p/zOT7/Szy9VA/ZHhOOKsGZMB8GA1UdIwQYMBaAFAmowjTysNbJyhPl
QR2inPLETyiRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Q2FqQ05QS3cxc25LRS1WQkhhS2M4c1JQS0pFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82YS9lYWYxNjktZmQ5MS00OGY3LTk1M2ItN2U2OWM3MjgzZGU0LzEv
a0x6eW5fTTVQdjlMUEwxVUQ5a2VFNDRxd1prLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9l
YWYxNjktZmQ5MS00OGY3LTk1M2ItN2U2OWM3MjgzZGU0LzEvQ2FqQ05QS3cxc25L
RS1WQkhhS2M4c1JQS0pFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1DQcMA0GCSqGSIb3DQEBCwUAA4IB
AQAxziwEKuW8TcKPZWUMK0KdA09BvVSs+rKx4CtG0q34g/7jTFE5HNm2kIj2U/L0
lJ7p9Aoi/SNXSHpNuCSkwpUiLJi2DLDeFXahnrePY18ij0uMIIJR9x/WWlmiXbYj
cHvPQu+5GvaQhrx/1uSVapQblP+XyM/kOqvpHDvU/VdwR9BXsmWpTWVQrxHZ9+sG
7nrTOOxGOQNBUGOURBOE24p5vF9ZwOPRmAiIMO/YIVqHrsCGk7nrZehZIxNpC4bb
AdmkGb62w9S7ym4pPW2TuR1qgH5BLkJQMR0pSGyCJ6H6GL37mnfqUNnO4py7MZ2o
5J7Jx6F48BbLLFDIbC6VjqGN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:08 2023 by rpki-client on console-ams.rpki-client.org