Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/KzInGMlZb36YNI57UC-nB5UySA0.roa
File: KzInGMlZb36YNI57UC-nB5UySA0.roa (raw, json)
Hash identifier: 6TXyEKzJ+m5r5tCVcuYFCqIztROD8DGDaS3jWDJPBsM=
Subject key identifier: 2B:32:27:18:C9:59:6F:7E:98:34:8E:7B:50:2F:A7:07:95:32:48:0D
Certificate issuer: /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial: 01836B391CABFDE237F9EF6A7407E4808D26
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/KzInGMlZb36YNI57UC-nB5UySA0.roa
Signing time: Fri 23 Sep 2022 16:40:48 +0000
ROA not before: Fri 23 Sep 2022 16:40:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202945
IP address blocks: 45.154.60.0/24 maxlen: 24
2a0f:b100::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6b:39:1c:ab:fd:e2:37:f9:ef:6a:74:07:e4:80:8d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Validity
Not Before: Sep 23 16:40:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b322718c9596f7e98348e7b502fa7079532480d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fb:78:d8:54:23:f6:c1:3b:c7:32:38:25:55:
ce:bc:34:35:8e:82:86:7e:1c:35:df:91:ea:88:1b:
b0:e0:da:b2:5c:de:8b:6e:e1:e1:3d:d4:83:dc:cf:
9f:0b:93:bc:53:04:84:96:79:24:e2:8f:d7:ce:f7:
cf:49:91:82:d3:10:a9:fb:49:7e:8c:e3:74:b7:7d:
8b:7a:56:73:00:f2:a6:7f:24:84:c1:35:bc:33:47:
b0:45:a0:f7:ff:2f:87:00:a2:fd:43:ab:cb:96:62:
8f:29:44:3c:dd:90:b5:1c:87:29:2c:25:37:65:84:
ca:d7:e0:dd:5e:0f:09:0c:08:06:b9:81:ef:07:3c:
ed:6b:79:e5:05:e8:26:ad:bc:81:e1:d1:48:08:a0:
45:52:4d:07:d9:a0:01:e5:c7:97:20:30:00:c6:6d:
f7:06:30:4f:d3:f4:d3:04:e0:a0:e2:6a:dd:7b:61:
8f:85:d6:31:af:50:d1:1b:e5:d2:14:fa:0f:d4:23:
4c:7e:f8:db:5d:22:8b:b1:a5:c3:38:f9:ba:f0:14:
e9:67:ca:e2:50:bf:27:7b:41:ab:74:32:bd:60:5a:
d4:9f:64:47:c3:24:e1:18:bf:e2:d8:a2:17:ff:d5:
02:75:ea:77:74:15:43:73:a5:a9:39:dc:52:8b:bb:
77:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:32:27:18:C9:59:6F:7E:98:34:8E:7B:50:2F:A7:07:95:32:48:0D
X509v3 Authority Key Identifier:
keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/KzInGMlZb36YNI57UC-nB5UySA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.60.0/24
IPv6:
2a0f:b100::/44
Signature Algorithm: sha256WithRSAEncryption
bb:33:d2:d9:03:11:e4:62:30:46:80:65:8c:25:20:b3:c0:15:
0d:75:68:8c:40:f6:8a:ba:4e:86:e7:fb:7d:51:d4:c6:b3:5e:
15:5b:65:ba:ad:fb:f7:5a:0d:30:e3:f9:ee:d6:b4:de:fc:75:
bb:64:a1:ce:33:72:2b:1b:6a:d7:c1:da:5f:0a:66:25:25:4f:
48:dd:45:3f:91:57:f4:47:90:55:02:1a:bc:7e:6f:08:27:aa:
19:76:8c:4d:1a:47:07:82:da:95:b1:0b:75:fa:41:ea:b7:8d:
ed:a4:1d:54:67:51:3c:5a:6a:22:59:ae:dc:b8:2b:d4:38:15:
a2:05:61:4e:4a:20:77:44:db:1a:6e:69:d5:06:aa:6d:f7:6a:
07:f1:c9:ed:b5:ce:a2:eb:b4:36:2e:39:dc:df:12:b0:e2:ca:
87:97:73:25:d1:94:ad:5c:17:98:a9:a4:18:d5:8b:7b:4e:e8:
28:ea:4f:62:44:4a:56:4b:af:c5:dc:3c:bf:ba:1d:c8:13:e5:
ff:3b:03:7c:2e:a8:83:22:68:1f:29:39:9b:5c:32:71:39:e8:
04:31:36:55:af:dc:75:f5:8b:8a:44:03:e6:84:3c:55:56:8c:
5f:00:5f:4a:52:e3:14:29:8f:73:3a:20:87:fb:08:2d:af:a6:
78:46:63:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYNrORyr/eI3+e9qdAfkgI0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjIwOTIzMTY0MDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjMyMjcxOGM5NTk2ZjdlOTgzNDhlN2I1MDJmYTcwNzk1MzI0ODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivt42FQj9sE7xzI4JVXOvDQ1joKG
fhw135HqiBuw4NqyXN6LbuHhPdSD3M+fC5O8UwSElnkk4o/XzvfPSZGC0xCp+0l+
jON0t32LelZzAPKmfySEwTW8M0ewRaD3/y+HAKL9Q6vLlmKPKUQ83ZC1HIcpLCU3
ZYTK1+DdXg8JDAgGuYHvBzzta3nlBegmrbyB4dFICKBFUk0H2aAB5ceXIDAAxm33
BjBP0/TTBOCg4mrde2GPhdYxr1DRG+XSFPoP1CNMfvjbXSKLsaXDOPm68BTpZ8ri
UL8ne0GrdDK9YFrUn2RHwyThGL/i2KIX/9UCdep3dBVDc6WpOdxSi7t3HwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCsyJxjJWW9+mDSOe1AvpweVMkgNMB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvS3pJbkdNbFpiMzZZTkk1N1VDLW5CNVV5U0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZo8MA8E
AgACMAkDBwQqD7EAAAAwDQYJKoZIhvcNAQELBQADggEBALsz0tkDEeRiMEaAZYwl
ILPAFQ11aIxA9oq6Tobn+31R1MazXhVbZbqt+/daDTDj+e7WtN78dbtkoc4zcisb
atfB2l8KZiUlT0jdRT+RV/RHkFUCGrx+bwgnqhl2jE0aRweC2pWxC3X6Qeq3je2k
HVRnUTxaaiJZrty4K9Q4FaIFYU5KIHdE2xpuadUGqm33agfxye21zqLrtDYuOdzf
ErDiyoeXcyXRlK1cF5ippBjVi3tO6CjqT2JESlZLr8XcPL+6HcgT5f87A3wuqIMi
aB8pOZtcMnE56AQxNlWv3HX1i4pEA+aEPFVWjF8AX0pS4xQpj3M6IIf7CC2vpnhG
Y40=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:43 2023 by rpki-client on console-fra.rpki-client.org