Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/KyyirUvJmOnT7FXQt7rcJ9uCfYE.roa
File: KyyirUvJmOnT7FXQt7rcJ9uCfYE.roa (raw, json)
Hash identifier: 8B4SHS3fNa+C7Pa6e8bMaLZPc/igh+4vuBVKOc27op8=
Subject key identifier: 2B:2C:A2:AD:4B:C9:98:E9:D3:EC:55:D0:B7:BA:DC:27:DB:82:7D:81
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 799A87
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/KyyirUvJmOnT7FXQt7rcJ9uCfYE.roa
Signing time: Sat 01 Jan 2022 02:52:46 +0000
ROA not before: Sat 01 Jan 2022 02:52:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50979
IP address blocks: 195.123.208.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7969415 (0x799a87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Jan 1 02:52:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b2ca2ad4bc998e9d3ec55d0b7badc27db827d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:86:41:3a:fc:09:77:90:b3:c2:32:b2:67:ef:
dc:f9:a7:21:1a:a2:f2:55:17:ec:8b:54:79:28:55:
f3:37:41:0f:1b:da:e2:63:53:a2:9b:5a:4f:04:d4:
f2:7c:ea:4a:7b:2d:48:8a:4e:e8:21:45:05:83:28:
68:7e:83:85:ff:4f:df:cb:0a:df:bc:8b:94:62:ad:
04:dc:56:31:e2:22:a0:95:9c:d3:06:81:c3:ee:a0:
1a:52:6d:13:2c:a2:29:2b:05:9a:31:31:6f:bf:e5:
c4:72:7b:24:f1:6f:6b:be:76:b3:d0:ac:47:6d:2d:
cb:37:21:57:43:a3:53:b6:a4:54:3d:46:3d:99:7d:
ab:a3:13:60:4e:52:6e:44:6a:c1:b2:84:c3:d0:2e:
f6:2b:a1:9c:15:80:ae:ff:91:09:27:13:0a:ec:5d:
c2:34:b7:8c:54:ba:80:16:55:1b:9a:28:03:32:ef:
86:ef:1a:94:13:af:e1:5c:c0:db:71:54:2d:93:51:
c8:69:2d:5f:5a:3c:4c:04:42:b0:4e:37:02:d6:f9:
53:2c:c0:c3:7b:f3:72:b2:bf:db:8e:35:f7:cc:63:
3f:aa:aa:93:f5:94:30:cc:0f:dd:f4:fe:c2:20:e3:
59:5c:1f:68:0b:2d:2e:e4:45:0e:ba:65:de:ea:e9:
64:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:2C:A2:AD:4B:C9:98:E9:D3:EC:55:D0:B7:BA:DC:27:DB:82:7D:81
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/KyyirUvJmOnT7FXQt7rcJ9uCfYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.208.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:79:78:f3:84:47:8f:40:9a:b6:0b:35:4e:87:58:db:a2:e8:
07:c4:da:3c:06:9e:ea:76:91:9b:bd:80:bc:42:ed:a1:6e:7b:
9e:a4:fb:a6:0f:4c:3b:11:b1:cc:a9:26:f9:df:58:03:70:ea:
fc:58:69:56:bf:9c:b5:fa:35:c2:b7:73:cd:f9:f2:a6:61:9a:
ac:2e:15:1c:fb:bc:05:dc:61:e4:60:5e:e6:29:3c:04:1b:3e:
67:45:f9:c3:34:07:e5:e3:c3:be:f6:5b:9b:8e:cc:89:1b:90:
15:71:5d:a0:65:ca:23:b7:3e:14:da:10:3f:3a:7f:d1:16:0d:
74:23:8c:54:b1:f2:fe:fb:26:49:88:23:89:35:15:ee:73:e8:
74:f2:50:d1:e6:b1:dd:6d:b9:be:d5:fb:dd:0d:c6:a1:dd:2b:
fa:f0:b6:8c:7d:56:f0:4c:55:46:04:ba:f2:49:02:8e:76:e0:
60:84:f7:e2:f0:25:eb:6f:e9:c5:c4:e8:1d:fc:03:e9:d4:82:
d5:d9:20:d5:4b:d0:86:8e:47:07:79:63:d8:29:aa:80:cf:46:
47:4e:5f:47:2d:4a:87:1c:88:c5:4a:4a:89:78:bc:36:11:95:
b4:6f:1a:03:67:b9:43:03:e4:7c:bd:2d:31:18:b5:c8:81:da:
91:10:6f:ed
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDeZqHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk0
ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFhMzRmNWUwHhcNMjIwMTAx
MDI1MjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyYjJjYTJhZDRiYzk5
OGU5ZDNlYzU1ZDBiN2JhZGMyN2RiODI3ZDgxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAr4ZBOvwJd5CzwjKyZ+/c+achGqLyVRfsi1R5KFXzN0EPG9ri
Y1Oim1pPBNTyfOpKey1Iik7oIUUFgyhofoOF/0/fywrfvIuUYq0E3FYx4iKglZzT
BoHD7qAaUm0TLKIpKwWaMTFvv+XEcnsk8W9rvnaz0KxHbS3LNyFXQ6NTtqRUPUY9
mX2roxNgTlJuRGrBsoTD0C72K6GcFYCu/5EJJxMK7F3CNLeMVLqAFlUbmigDMu+G
7xqUE6/hXMDbcVQtk1HIaS1fWjxMBEKwTjcC1vlTLMDDe/Nysr/bjjX3zGM/qqqT
9ZQwzA/d9P7CIONZXB9oCy0u5EUOumXe6ulkiwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFCssoq1LyZjp0+xV0Le63Cfbgn2BMB8GA1UdIwQYMBaAFJTZjo/saAd1oVcm
bgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0YzdlLzEv
S3l5aXJVdkptT25UN0ZYUXQ3cmNKOXVDZllFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83
YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0YzdlLzEvbE5tT2oteG9CM1do
VnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDw3vQMA0GCSqGSIb3DQEBCwUAA4IB
AQAbeXjzhEePQJq2CzVOh1jbougHxNo8Bp7qdpGbvYC8Qu2hbnuepPumD0w7EbHM
qSb531gDcOr8WGlWv5y1+jXCt3PN+fKmYZqsLhUc+7wF3GHkYF7mKTwEGz5nRfnD
NAfl48O+9lubjsyJG5AVcV2gZcojtz4U2hA/On/RFg10I4xUsfL++yZJiCOJNRXu
c+h08lDR5rHdbbm+1fvdDcah3Sv68LaMfVbwTFVGBLrySQKOduBghPfi8CXrb+nF
xOgd/APp1ILV2SDVS9CGjkcHeWPYKaqAz0ZHTl9HLUqHHIjFSkqJeLw2EZW0bxoD
Z7lDA+R8vS0xGLXIgdqREG/t
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:33 2025 by rpki-client