Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/KZL51skyzFDotBigfTaa-fEJ-qI.roa
File: KZL51skyzFDotBigfTaa-fEJ-qI.roa (raw, json)
Hash identifier: CWdwlx/we4LYUGjn5sF0LT1M3FIlS7aMRAXTKFdheUs=
Subject key identifier: 29:92:F9:D6:C9:32:CC:50:E8:B4:18:A0:7D:36:9A:F9:F1:09:FA:A2
Certificate issuer: /CN=f2485875c8470e6aacdc94742105f30c597ac2bb
Certificate serial: BE6B
Authority key identifier: F2:48:58:75:C8:47:0E:6A:AC:DC:94:74:21:05:F3:0C:59:7A:C2:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8khYdchHDmqs3JR0IQXzDFl6wrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/KZL51skyzFDotBigfTaa-fEJ-qI.roa
Signing time: Thu 21 Apr 2022 13:21:35 +0000
ROA not before: Thu 21 Apr 2022 13:21:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59480
IP address blocks: 95.215.220.0/23 maxlen: 23
2001:67c:1038::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48747 (0xbe6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2485875c8470e6aacdc94742105f30c597ac2bb
Validity
Not Before: Apr 21 13:21:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2992f9d6c932cc50e8b418a07d369af9f109faa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:69:87:fb:5c:a4:ad:68:46:b5:c9:63:4b:ce:
df:00:40:13:c7:49:c7:c9:20:a8:0a:79:c9:87:26:
76:8f:54:cd:48:aa:d3:5e:91:12:45:07:74:aa:91:
fe:d6:0f:ef:78:f6:00:04:ab:aa:18:e2:e1:ac:f2:
db:73:39:a5:34:32:68:27:87:b7:c1:27:b0:c6:fb:
aa:5e:ea:fd:87:8a:3d:78:7f:b9:ab:00:ab:30:78:
25:65:cc:4e:f4:b6:4e:3c:c7:79:56:7f:bd:8d:e5:
f7:7f:66:8c:02:55:a0:53:fd:7a:43:95:94:6d:1b:
7a:fa:4b:0b:dd:ce:41:ac:f6:83:34:fb:54:7c:f2:
98:98:06:a9:11:49:5f:37:c8:87:97:55:61:02:3e:
08:4a:53:e8:0b:3d:80:fe:6b:15:4b:89:f7:cd:c7:
57:92:4d:84:fe:91:4e:f0:8c:fe:16:b6:a2:0e:dc:
b2:7e:31:62:e3:aa:ab:0f:bb:5f:dd:45:74:95:52:
39:d5:f0:bb:86:8e:2d:60:e2:82:56:06:40:23:67:
ec:8a:47:72:98:23:1c:a2:83:dd:5c:ff:59:f3:1f:
ee:b4:5d:c4:3e:8a:10:60:81:1c:b0:06:6a:d6:4b:
ee:df:11:27:ab:46:bb:87:a9:bd:67:7e:73:30:f7:
ef:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:92:F9:D6:C9:32:CC:50:E8:B4:18:A0:7D:36:9A:F9:F1:09:FA:A2
X509v3 Authority Key Identifier:
keyid:F2:48:58:75:C8:47:0E:6A:AC:DC:94:74:21:05:F3:0C:59:7A:C2:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8khYdchHDmqs3JR0IQXzDFl6wrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/KZL51skyzFDotBigfTaa-fEJ-qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/8khYdchHDmqs3JR0IQXzDFl6wrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.220.0/23
IPv6:
2001:67c:1038::/48
Signature Algorithm: sha256WithRSAEncryption
49:50:d6:13:08:6c:22:8d:e4:65:a4:4f:7b:f1:fc:46:9e:52:
16:af:12:29:55:3a:74:84:4a:63:28:c9:34:ef:7c:23:31:7e:
8f:01:d5:3a:42:d6:31:b1:e2:e8:60:90:85:66:1a:24:e3:55:
e8:8a:f2:96:b9:70:7e:0f:bb:12:45:ab:bf:52:18:e6:87:8b:
f3:14:5f:1e:9e:3c:df:01:dc:fa:85:33:63:8d:bb:4e:9a:2e:
c2:20:e8:84:be:d7:ff:b5:0c:0a:ab:a5:0d:61:0b:84:39:4a:
16:ce:15:10:b8:18:20:1a:43:46:00:4a:74:f5:93:0d:27:a1:
de:cd:bb:80:f2:dd:89:4c:a6:c7:ce:c0:08:19:f8:84:ce:1c:
98:62:25:21:69:87:a0:f0:3b:c3:ce:63:50:1a:7e:21:68:a4:
48:02:a1:5a:7f:7e:fc:a5:fc:32:0a:47:91:0c:3d:e1:03:a7:
78:5d:8b:6a:20:82:53:de:00:73:e0:2d:45:1b:dc:30:db:01:
59:0c:43:8e:f5:7e:5e:88:2a:05:40:22:02:ff:49:a1:a5:c3:
df:b6:31:60:5d:a6:4a:38:a2:e9:7b:14:83:37:50:28:55:64:
de:f9:f7:1b:97:b3:65:7b:39:a8:4e:03:f1:30:eb:39:b8:c0:
4c:b7:16:d6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIDAL5rMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYy
NDg1ODc1Yzg0NzBlNmFhY2RjOTQ3NDIxMDVmMzBjNTk3YWMyYmIwHhcNMjIwNDIx
MTMyMTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOTkyZjlkNmM5MzJj
YzUwZThiNDE4YTA3ZDM2OWFmOWYxMDlmYWEyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAp2mH+1ykrWhGtcljS87fAEATx0nHySCoCnnJhyZ2j1TNSKrT
XpESRQd0qpH+1g/vePYABKuqGOLhrPLbczmlNDJoJ4e3wSewxvuqXur9h4o9eH+5
qwCrMHglZcxO9LZOPMd5Vn+9jeX3f2aMAlWgU/16Q5WUbRt6+ksL3c5BrPaDNPtU
fPKYmAapEUlfN8iHl1VhAj4ISlPoCz2A/msVS4n3zcdXkk2E/pFO8Iz+FraiDtyy
fjFi46qrD7tf3UV0lVI51fC7ho4tYOKCVgZAI2fsikdymCMcooPdXP9Z8x/utF3E
PooQYIEcsAZq1kvu3xEnq0a7h6m9Z35zMPfvrwIDAQABo4ICGjCCAhYwHQYDVR0O
BBYEFCmS+dbJMsxQ6LQYoH02mvnxCfqiMB8GA1UdIwQYMBaAFPJIWHXIRw5qrNyU
dCEF8wxZesK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
OGtoWWRjaEhEbXFzM0pSMElRWHpERmw2d3JzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hOS81YTNmMGItODZmNS00MDZlLTkxZDUtOGZkNGMwMjQ0ODhlLzEv
S1pMNTFza3l6RkRvdEJpZ2ZUYWEtZkVKLXFJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81
YTNmMGItODZmNS00MDZlLTkxZDUtOGZkNGMwMjQ0ODhlLzEvOGtoWWRjaEhEbXFz
M0pSMElRWHpERmw2d3JzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAG
CCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBX9fcMA8EAgACMAkDBwAgAQZ8EDgw
DQYJKoZIhvcNAQELBQADggEBAElQ1hMIbCKN5GWkT3vx/EaeUhavEilVOnSESmMo
yTTvfCMxfo8B1TpC1jGx4uhgkIVmGiTjVeiK8pa5cH4PuxJFq79SGOaHi/MUXx6e
PN8B3PqFM2ONu06aLsIg6IS+1/+1DAqrpQ1hC4Q5ShbOFRC4GCAaQ0YASnT1kw0n
od7Nu4Dy3YlMpsfOwAgZ+ITOHJhiJSFph6DwO8POY1AafiFopEgCoVp/fvyl/DIK
R5EMPeEDp3hdi2ogglPeAHPgLUUb3DDbAVkMQ471fl6IKgVAIgL/SaGlw9+2MWBd
pko4oul7FIM3UChVZN759xuXs2V7OahOA/Ew6zm4wEy3FtY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:21 2024 by rpki-client on console-ams.rpki-client.org