Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/kZzfcWR-Yq5bNuGUH0VPdWRUnSE.roa
File: kZzfcWR-Yq5bNuGUH0VPdWRUnSE.roa (raw, json)
Hash identifier: Z/7d5aFVV0h9MDEks9xPwWYltgjLo4dODN3viV4cMSo=
Subject key identifier: 91:9C:DF:71:64:7E:62:AE:5B:36:E1:94:1F:45:4F:75:64:54:9D:21
Certificate issuer: /CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Certificate serial: 01857315D23E2E5ECDF07E83A400A39FE83E
Authority key identifier: 4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/kZzfcWR-Yq5bNuGUH0VPdWRUnSE.roa
Signing time: Mon 02 Jan 2023 15:24:47 +0000
ROA not before: Mon 02 Jan 2023 15:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196858
IP address blocks: 213.227.66.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:d2:3e:2e:5e:cd:f0:7e:83:a4:00:a3:9f:e8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Validity
Not Before: Jan 2 15:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=919cdf71647e62ae5b36e1941f454f7564549d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:17:e1:5e:b6:7a:8e:cf:cc:b1:37:bf:79:0d:
dd:38:f4:1d:8f:42:8d:e9:97:ed:be:34:d2:7b:80:
6b:6c:2c:55:1c:18:6b:41:47:53:1f:6e:4d:c8:87:
51:0b:f4:94:06:91:3a:89:ae:91:8c:c9:1b:0b:e7:
e5:54:02:f3:d3:3f:74:99:5b:0f:dd:c3:87:b9:3c:
b8:b1:6d:3b:00:14:7b:3d:ef:a3:2d:b1:f8:28:32:
16:00:49:63:8c:8f:e6:be:ee:20:fd:de:2b:43:b4:
80:e5:ee:73:d0:09:72:e0:aa:32:ca:b6:bb:b9:00:
9c:d4:75:64:1e:88:c2:a2:a0:52:18:1e:0e:d2:77:
c0:1e:22:36:78:78:7c:77:73:e7:a7:c8:69:f9:e4:
34:b0:a9:a2:fc:70:69:25:1b:29:dc:99:08:75:5d:
88:0c:aa:0c:4c:78:e9:97:75:b3:ec:3a:66:62:9a:
9c:21:cf:91:65:20:09:55:a0:03:e7:73:b3:c2:6c:
e8:16:27:d8:3b:03:ca:e7:d6:90:38:27:d5:c7:df:
b8:52:93:24:46:5b:31:ae:7e:25:36:f3:34:f8:93:
f9:27:e0:9c:fe:96:6b:17:0e:47:1e:02:b0:7a:b8:
11:1a:db:b0:4d:76:6f:c3:10:92:6f:05:db:cc:68:
68:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9C:DF:71:64:7E:62:AE:5B:36:E1:94:1F:45:4F:75:64:54:9D:21
X509v3 Authority Key Identifier:
keyid:4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/kZzfcWR-Yq5bNuGUH0VPdWRUnSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.227.66.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:f7:6f:ea:eb:ca:1e:8e:a5:3c:a3:b0:75:bb:05:90:72:a2:
35:44:38:7f:c9:88:10:8b:43:eb:1c:3e:17:e1:8f:0e:2c:51:
b5:30:8a:da:d9:b9:02:09:72:8b:70:41:7a:a1:1c:c4:71:6b:
b1:fa:cc:43:1d:2e:8d:9b:2e:0b:e3:dd:e4:02:ff:e0:7d:8c:
1c:36:2a:79:27:90:6e:b4:50:10:df:94:82:ba:ce:89:50:b6:
ac:51:1d:c2:97:ce:f8:2a:ff:53:42:a5:08:ff:69:c3:ac:ed:
20:6b:01:e1:05:56:f0:d2:b2:bc:b5:a0:f3:72:6d:69:79:e6:
7f:45:56:33:ba:b4:cf:8a:de:19:ea:36:91:0b:22:df:32:b3:
ca:5c:99:d0:ac:03:3a:a2:7f:0f:34:e9:2f:b0:f6:06:ac:92:
dd:64:ae:25:ae:dc:d1:8d:03:05:4b:88:a9:9a:52:71:a1:ce:
ae:0c:1b:1c:a7:8e:a7:7c:70:94:80:8d:7b:85:e0:78:c7:7c:
56:02:a3:a8:e0:ab:f6:12:61:5c:d9:4c:cf:af:e4:3f:5d:38:
1f:3b:fa:cc:ab:27:4f:1e:9b:31:24:e7:d3:56:d6:b5:08:4b:
3b:1d:94:bb:44:f1:d1:89:dc:76:fe:70:a9:18:3c:5e:c0:47:
ca:fd:b2:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFdI+Ll7N8H6DpACjn+g+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDA1Y2FhYjM0YmJmZGU2YjhlZTY2YzYwMDg2MGM2Y2U5
NmYzMmIwHhcNMjMwMTAyMTUyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTljZGY3MTY0N2U2MmFlNWIzNmUxOTQxZjQ1NGY3NTY0NTQ5ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRfhXrZ6js/MsTe/eQ3dOPQdj0KN
6ZftvjTSe4BrbCxVHBhrQUdTH25NyIdRC/SUBpE6ia6RjMkbC+flVALz0z90mVsP
3cOHuTy4sW07ABR7Pe+jLbH4KDIWAEljjI/mvu4g/d4rQ7SA5e5z0Aly4Koyyra7
uQCc1HVkHojCoqBSGB4O0nfAHiI2eHh8d3Pnp8hp+eQ0sKmi/HBpJRsp3JkIdV2I
DKoMTHjpl3Wz7DpmYpqcIc+RZSAJVaAD53OzwmzoFifYOwPK59aQOCfVx9+4UpMk
Rlsxrn4lNvM0+JP5J+Cc/pZrFw5HHgKwergRGtuwTXZvwxCSbwXbzGhovwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGc33FkfmKuWzbhlB9FT3VkVJ0hMB8GA1UdIwQY
MBaAFEtAXKqzS7/ea47mbGAIYMbOlvMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYt
ZDg3YWZmYjhiYzYxLzEva1p6ZmNXUi1ZcTViTnVHVUgwVlBkV1JVblNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYtZDg3YWZmYjhiYzYx
LzEvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1eNCMA0G
CSqGSIb3DQEBCwUAA4IBAQAr92/q68oejqU8o7B1uwWQcqI1RDh/yYgQi0PrHD4X
4Y8OLFG1MIra2bkCCXKLcEF6oRzEcWux+sxDHS6Nmy4L493kAv/gfYwcNip5J5Bu
tFAQ35SCus6JULasUR3Cl874Kv9TQqUI/2nDrO0gawHhBVbw0rK8taDzcm1peeZ/
RVYzurTPit4Z6jaRCyLfMrPKXJnQrAM6on8PNOkvsPYGrJLdZK4lrtzRjQMFS4ip
mlJxoc6uDBscp46nfHCUgI17heB4x3xWAqOo4Kv2EmFc2UzPr+Q/XTgfO/rMqydP
HpsxJOfTVta1CEs7HZS7RPHRidx2/nCpGDxewEfK/bI2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:09 2025 by rpki-client