Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/KkYyNvVEsluik-tNABDnL50LnwU.roa
File: KkYyNvVEsluik-tNABDnL50LnwU.roa (raw, json)
Hash identifier: ZXGiCj06ieHyD3v/JcbrWyH67O1SOj7n/LSXDyi+rok=
Subject key identifier: 2A:46:32:36:F5:44:B2:5B:A2:93:EB:4D:00:10:E7:2F:9D:0B:9F:05
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 0182B143EFC0B1A814663EB7BE203DFD58C7
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/KkYyNvVEsluik-tNABDnL50LnwU.roa
Signing time: Thu 18 Aug 2022 14:03:15 +0000
ROA not before: Thu 18 Aug 2022 14:03:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 77.73.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b1:43:ef:c0:b1:a8:14:66:3e:b7:be:20:3d:fd:58:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Aug 18 14:03:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a463236f544b25ba293eb4d0010e72f9d0b9f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d1:c7:d9:db:d4:01:29:77:2b:60:0b:a4:f6:
ba:e7:42:3e:df:94:35:0c:8d:05:b7:d2:b4:c3:e0:
32:2a:f4:68:a4:c2:3b:30:eb:b0:86:8b:55:48:06:
28:28:0e:9b:eb:75:a7:7a:25:7f:bc:2e:aa:3b:26:
c5:3a:95:a1:1d:ac:5a:22:d0:22:cf:28:47:88:b9:
71:36:be:e0:40:37:94:af:86:0f:54:f6:29:9b:5e:
3b:50:9d:3f:21:5c:03:86:97:62:5e:d8:b5:d7:3f:
af:94:62:50:7d:ca:79:a5:6a:af:ea:18:32:54:e5:
a7:9a:4b:97:09:01:2a:f9:97:4b:f0:32:be:8f:2b:
02:16:d4:7a:d4:6b:f1:e4:59:5b:6f:82:12:c1:6c:
be:e1:04:15:ef:03:ac:ba:d2:b7:0b:f2:68:27:ff:
32:b0:fb:61:4d:3e:58:a9:ab:6d:eb:b8:af:36:ad:
7c:96:58:2f:52:43:f5:8a:aa:bd:b4:ba:49:03:d4:
c1:44:91:d3:43:26:14:27:5a:ab:4a:de:45:c6:ea:
d2:b4:b7:7c:4a:c4:f6:ed:09:56:fb:92:30:06:4d:
5d:c9:37:3e:6e:60:bd:11:1d:63:e4:c8:b1:8f:78:
84:c4:c2:ea:53:ef:2e:a7:72:1d:b9:03:3d:46:aa:
c7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:46:32:36:F5:44:B2:5B:A2:93:EB:4D:00:10:E7:2F:9D:0B:9F:05
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/KkYyNvVEsluik-tNABDnL50LnwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.132.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:31:13:a5:a6:ce:39:6b:0e:4c:c9:21:71:46:c7:93:cd:d3:
43:63:49:a7:73:2f:20:d0:72:6c:ff:83:83:f1:72:3a:d4:9e:
ca:cf:b6:ea:46:ec:4f:fb:9e:43:a4:23:a1:ba:a7:f4:67:c6:
8f:2c:c6:57:7a:67:6d:d6:92:34:25:4b:b5:d4:81:cf:5a:a7:
99:d7:98:36:0c:8c:47:68:2b:ec:00:51:e1:48:d4:b9:07:f8:
01:88:ac:97:f9:66:ac:8c:df:f7:64:3c:52:87:83:62:e0:0c:
15:72:5c:7d:b2:e6:ee:4a:b3:44:2a:fc:16:46:02:5c:3b:ac:
1f:b4:2b:38:1b:fd:dc:88:fb:cb:39:8a:ae:e9:2a:8c:a3:3e:
c8:d8:2d:45:ca:5c:5a:75:93:b4:84:ce:e3:15:85:4c:d8:65:
a5:14:00:f7:ef:4f:f4:a8:3a:d3:d2:f4:89:c9:e0:1c:c2:11:
5d:51:24:eb:33:9b:e6:04:49:c8:a6:f5:ee:5e:a3:72:19:f2:
60:24:1f:ab:7a:4f:4a:0f:cf:79:5d:53:f8:94:ca:20:6b:45:
be:d4:08:6f:ce:2f:6e:9f:a5:fb:b9:14:0d:11:11:57:fc:b6:
b6:68:db:a0:90:83:d1:06:e4:45:3e:4a:8e:50:98:cb:77:2e:
2b:8f:8d:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKxQ+/AsagUZj63viA9/VjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjIwODE4MTQwMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQ2MzIzNmY1NDRiMjViYTI5M2ViNGQwMDEwZTcyZjlkMGI5ZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdHH2dvUASl3K2ALpPa650I+35Q1
DI0Ft9K0w+AyKvRopMI7MOuwhotVSAYoKA6b63WneiV/vC6qOybFOpWhHaxaItAi
zyhHiLlxNr7gQDeUr4YPVPYpm147UJ0/IVwDhpdiXti11z+vlGJQfcp5pWqv6hgy
VOWnmkuXCQEq+ZdL8DK+jysCFtR61Gvx5Flbb4ISwWy+4QQV7wOsutK3C/JoJ/8y
sPthTT5Yqatt67ivNq18llgvUkP1iqq9tLpJA9TBRJHTQyYUJ1qrSt5FxurStLd8
SsT27QlW+5IwBk1dyTc+bmC9ER1j5Mixj3iExMLqU+8up3IduQM9RqrHTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpGMjb1RLJbopPrTQAQ5y+dC58FMB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvS2tZeU52VkVzbHVpay10TkFCRG5MNTBMbndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmEMA0G
CSqGSIb3DQEBCwUAA4IBAQANMROlps45aw5MySFxRseTzdNDY0mncy8g0HJs/4OD
8XI61J7Kz7bqRuxP+55DpCOhuqf0Z8aPLMZXemdt1pI0JUu11IHPWqeZ15g2DIxH
aCvsAFHhSNS5B/gBiKyX+WasjN/3ZDxSh4Ni4AwVclx9subuSrNEKvwWRgJcO6wf
tCs4G/3ciPvLOYqu6SqMoz7I2C1FylxadZO0hM7jFYVM2GWlFAD370/0qDrT0vSJ
yeAcwhFdUSTrM5vmBEnIpvXuXqNyGfJgJB+rek9KD895XVP4lMoga0W+1Ahvzi9u
n6X7uRQNERFX/La2aNugkIPRBuRFPkqOUJjLdy4rj420
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:51 2023 by rpki-client on console-fra.rpki-client.org