Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/kyGsCscbW0JgiShYuXapqWED4J4.roa
File: kyGsCscbW0JgiShYuXapqWED4J4.roa (raw, json)
Hash identifier: hht2dWlR71Lo1W7OSnnwmSS5QoFh25bOGd676VRqhFE=
Subject key identifier: 93:21:AC:0A:C7:1B:5B:42:60:89:28:58:B9:76:A9:A9:61:03:E0:9E
Certificate issuer: /CN=294a1cdb68f154cf95418a308c82d8da50775109
Certificate serial: 03516D35
Authority key identifier: 29:4A:1C:DB:68:F1:54:CF:95:41:8A:30:8C:82:D8:DA:50:77:51:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUoc22jxVM-VQYowjILY2lB3UQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/kyGsCscbW0JgiShYuXapqWED4J4.roa
Signing time: Sat 01 Jan 2022 02:54:50 +0000
ROA not before: Sat 01 Jan 2022 02:54:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15404
IP address blocks: 193.16.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55668021 (0x3516d35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=294a1cdb68f154cf95418a308c82d8da50775109
Validity
Not Before: Jan 1 02:54:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9321ac0ac71b5b4260892858b976a9a96103e09e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d2:25:37:a9:dc:a0:7a:c7:a8:29:da:01:de:
c8:eb:8b:5a:1d:28:16:f9:04:0e:6d:58:84:82:04:
f6:41:29:76:c1:ee:7b:b0:97:74:32:c9:5f:7f:b4:
fe:a5:27:0e:40:29:f5:19:90:39:a9:ea:97:9f:42:
32:10:1e:c2:1c:b0:a7:75:21:b8:a5:60:35:1c:37:
1c:d3:bf:ed:06:47:49:16:38:fb:65:2f:d5:81:72:
ac:5f:c4:da:95:68:1c:19:a2:e6:6a:08:c4:28:0c:
4d:4c:bd:2a:44:89:6e:b2:29:8c:48:d6:6a:9a:f5:
df:2c:f2:c6:9e:1b:41:88:20:b7:27:d6:f1:bf:da:
59:9e:d9:b7:27:c7:c1:57:1d:64:0a:5e:21:79:75:
d0:35:d5:c2:19:a5:7a:5c:4b:22:25:95:bf:e6:d1:
34:d8:e9:b8:83:c5:1e:e6:89:68:93:f7:86:36:53:
6c:78:92:f6:c9:98:80:14:dc:06:28:a4:87:33:79:
27:3e:51:89:4f:94:74:c3:38:38:c4:08:04:af:9c:
ad:ba:df:93:3e:34:2c:c7:ce:f7:c7:75:1a:91:4a:
d3:fd:b2:35:81:d2:f6:fa:60:93:e8:e7:c0:85:5f:
64:77:4d:86:71:43:7c:6c:18:94:42:6e:96:e8:d8:
0c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:21:AC:0A:C7:1B:5B:42:60:89:28:58:B9:76:A9:A9:61:03:E0:9E
X509v3 Authority Key Identifier:
keyid:29:4A:1C:DB:68:F1:54:CF:95:41:8A:30:8C:82:D8:DA:50:77:51:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUoc22jxVM-VQYowjILY2lB3UQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/kyGsCscbW0JgiShYuXapqWED4J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/KUoc22jxVM-VQYowjILY2lB3UQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.245.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:6a:61:aa:87:fd:eb:79:9c:93:95:10:ec:eb:f1:1a:fb:54:
66:57:4f:b6:df:5d:78:83:72:14:14:7c:c5:e2:e8:63:75:2e:
30:ee:6d:71:c4:6d:a5:a7:58:00:be:ce:d2:e0:3c:1c:d6:34:
81:c6:aa:c4:55:32:9e:c5:9d:f0:2d:ed:75:93:d0:26:7c:b6:
71:7a:78:c6:46:b1:62:27:f1:17:99:e2:f8:81:b2:c7:1a:03:
b1:d6:f6:13:c3:be:f3:49:5e:04:af:6a:9a:90:e3:48:53:8c:
25:21:ba:6c:f5:f4:c1:f7:0c:d9:c0:52:23:b9:02:5e:be:8a:
d6:43:09:e1:c6:bc:89:87:a1:b5:54:06:b7:72:56:0a:b9:25:
65:02:e2:13:bd:5d:04:ee:70:e9:81:7d:73:a5:d9:b3:35:ec:
fe:50:d3:2d:b4:6c:ec:49:ff:58:00:29:b6:7c:1d:42:b1:23:
d7:ba:fb:2f:f3:38:dc:e1:6d:81:cf:5a:88:83:28:39:b3:9f:
45:7e:14:71:ba:13:ce:8c:02:2f:8e:b3:fa:af:05:d9:ee:d6:
c8:a7:3f:c8:fa:76:62:09:41:47:ac:2c:3b:cf:c0:17:95:59:
e3:72:7e:c1:bd:29:45:81:23:21:ad:2f:30:a3:74:ff:8f:84:
10:d8:52:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA1FtNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTRhMWNkYjY4ZjE1NGNmOTU0MThhMzA4YzgyZDhkYTUwNzc1MTA5MB4XDTIyMDEw
MTAyNTQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTMyMWFjMGFjNzFi
NWI0MjYwODkyODU4Yjk3NmE5YTk2MTAzZTA5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3SJTep3KB6x6gp2gHeyOuLWh0oFvkEDm1YhIIE9kEpdsHu
e7CXdDLJX3+0/qUnDkAp9RmQOanql59CMhAewhywp3UhuKVgNRw3HNO/7QZHSRY4
+2Uv1YFyrF/E2pVoHBmi5moIxCgMTUy9KkSJbrIpjEjWapr13yzyxp4bQYggtyfW
8b/aWZ7ZtyfHwVcdZApeIXl10DXVwhmlelxLIiWVv+bRNNjpuIPFHuaJaJP3hjZT
bHiS9smYgBTcBiikhzN5Jz5RiU+UdMM4OMQIBK+crbrfkz40LMfO98d1GpFK0/2y
NYHS9vpgk+jnwIVfZHdNhnFDfGwYlEJulujYDH8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSTIawKxxtbQmCJKFi5dqmpYQPgnjAfBgNVHSMEGDAWgBQpShzbaPFUz5VB
ijCMgtjaUHdRCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tVb2MyMmp4Vk0tVlFZb3dqSUxZMmxCM1VRay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvMDRmNDc0LWUzYjUtNDU5NS1hMDQ0LTY1N2U0MWM2M2NhOS8x
L2t5R3NDc2NiVzBKZ2lTaFl1WGFwcVdFRDRKNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
MDRmNDc0LWUzYjUtNDU5NS1hMDQ0LTY1N2U0MWM2M2NhOS8xL0tVb2MyMmp4Vk0t
VlFZb3dqSUxZMmxCM1VRay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEQ9TANBgkqhkiG9w0BAQsFAAOC
AQEAO2phqof963mck5UQ7OvxGvtUZldPtt9deINyFBR8xeLoY3UuMO5tccRtpadY
AL7O0uA8HNY0gcaqxFUynsWd8C3tdZPQJny2cXp4xkaxYifxF5ni+IGyxxoDsdb2
E8O+80leBK9qmpDjSFOMJSG6bPX0wfcM2cBSI7kCXr6K1kMJ4ca8iYehtVQGt3JW
CrklZQLiE71dBO5w6YF9c6XZszXs/lDTLbRs7En/WAAptnwdQrEj17r7L/M43OFt
gc9aiIMoObOfRX4UcboTzowCL46z+q8F2e7WyKc/yPp2YglBR6wsO8/AF5VZ43J+
wb0pRYEjIa0vMKN0/4+EENhSSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:36 2024 by rpki-client on console-ams.rpki-client.org