Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/KZPYvfiJPlgkOuE9ORqzHu0D82o.roa
File: KZPYvfiJPlgkOuE9ORqzHu0D82o.roa (raw, json)
Hash identifier: 1xKC3OsW+nI0xezkSyMwEq3G9LWoUz5+A812AeCAvc8=
Subject key identifier: 29:93:D8:BD:F8:89:3E:58:24:3A:E1:3D:39:1A:B3:1E:ED:03:F3:6A
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 0540296D
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/KZPYvfiJPlgkOuE9ORqzHu0D82o.roa
Signing time: Mon 09 May 2022 13:00:47 +0000
ROA not before: Mon 09 May 2022 13:00:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46261
IP address blocks: 45.153.239.0/24 maxlen: 24
171.22.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88090989 (0x540296d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: May 9 13:00:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2993d8bdf8893e58243ae13d391ab31eed03f36a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:28:dd:9a:f8:4b:52:90:0d:7f:3c:e1:cc:dc:
bb:b3:92:08:9c:d3:1e:a1:f5:90:58:04:1d:6a:9d:
3e:fa:e1:e4:f2:fe:62:52:e3:b8:72:44:27:79:91:
d6:74:61:61:c3:94:21:e1:55:2b:0a:4e:0c:ea:e2:
ed:a3:55:f9:71:4c:6f:f2:5e:ac:73:1f:89:a4:61:
8c:e3:f7:96:91:d1:cf:97:ed:21:17:72:94:0b:11:
47:fa:32:20:d3:e2:68:ca:fe:fa:38:a4:38:29:93:
f9:f2:c7:e4:49:c4:93:34:e0:f5:16:81:cb:6b:d6:
e7:d4:e9:09:6f:d9:1a:14:00:e7:bd:e6:79:7b:91:
ca:8c:8e:db:53:83:be:b8:0d:d1:75:81:b1:11:02:
d9:1e:ce:14:13:46:8a:ea:ac:42:c7:54:6e:8d:be:
91:c8:75:6d:22:72:6a:68:60:90:64:e0:e9:c9:d3:
ac:a9:87:3b:24:86:d2:bc:b0:8a:00:f9:63:c4:af:
e1:a0:a9:84:ec:8e:5a:7e:d1:7e:19:58:09:bc:f8:
e6:d8:07:8d:c7:e6:36:b3:31:a2:77:fa:9d:e2:d7:
e8:e6:2b:52:d5:44:94:d9:29:40:51:32:1c:34:8c:
2f:fe:d7:9f:c1:5a:9d:0e:38:b3:1e:c1:3f:d5:4b:
b8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:93:D8:BD:F8:89:3E:58:24:3A:E1:3D:39:1A:B3:1E:ED:03:F3:6A
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/KZPYvfiJPlgkOuE9ORqzHu0D82o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.239.0/24
171.22.189.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:b0:ff:a1:84:40:d6:b9:23:9c:41:98:90:db:9d:4d:33:2c:
23:2b:ae:ea:65:ed:0f:b0:5e:42:55:79:db:d5:76:ae:ef:aa:
df:c6:26:55:42:8e:82:25:da:89:28:49:81:5c:d1:15:de:4b:
5d:cd:34:26:ed:d8:18:26:ff:85:a7:c8:96:fa:d3:b2:31:73:
55:b6:97:c8:23:18:d7:4d:60:4b:1c:a8:7c:82:7b:4f:4f:6e:
fb:14:5d:be:14:cb:1a:29:e3:3a:19:8c:4c:ad:a3:bf:43:fe:
6f:fd:46:74:42:fa:41:ff:15:42:a4:1c:b3:31:81:d1:3f:8c:
99:13:87:80:d9:f6:73:62:14:ac:b3:72:a7:eb:8b:a5:bc:87:
2b:99:cb:e7:cc:66:4c:91:18:c0:46:3c:3c:98:33:3c:7a:21:
22:55:0d:83:f5:2c:93:fe:0b:1d:43:fb:e6:82:07:62:17:c1:
2e:b2:71:99:d6:70:9f:95:25:5b:23:92:58:32:24:17:a6:8a:
d7:8c:cb:54:28:4c:d4:27:eb:f9:d4:45:88:0e:e9:dc:7b:b9:
f0:de:5c:eb:70:81:8e:9c:34:dd:f9:18:1b:cf:a4:b8:65:45:
b8:c5:3d:4b:78:7d:2f:51:82:35:f1:e6:16:e2:87:4e:08:f4:
6e:d8:d3:eb
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBUApbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzQ0NmRhN2E3MGJjZTc3M2VjMmJjMTY1NWFhZTMwYzNjMTg0MTJjMB4XDTIyMDUw
OTEzMDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk5M2Q4YmRmODg5
M2U1ODI0M2FlMTNkMzkxYWIzMWVlZDAzZjM2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMo3Zr4S1KQDX884czcu7OSCJzTHqH1kFgEHWqdPvrh5PL+
YlLjuHJEJ3mR1nRhYcOUIeFVKwpODOri7aNV+XFMb/JerHMfiaRhjOP3lpHRz5ft
IRdylAsRR/oyINPiaMr++jikOCmT+fLH5EnEkzTg9RaBy2vW59TpCW/ZGhQA573m
eXuRyoyO21ODvrgN0XWBsREC2R7OFBNGiuqsQsdUbo2+kch1bSJyamhgkGTg6cnT
rKmHOySG0rywigD5Y8Sv4aCphOyOWn7RfhlYCbz45tgHjcfmNrMxonf6neLX6OYr
UtVElNkpQFEyHDSML/7Xn8FanQ44sx7BP9VLuCMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQpk9i9+Ik+WCQ64T05GrMe7QPzajAfBgNVHSMEGDAWgBQjRG2npwvOdz7C
vBZVquMMPBhBLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kwUnRwNmNMem5jLXdyd1dWYXJqRER3WVFTdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvZjM1NDlmLTE4ZjctNDhiMC05MDFkLTI1Y2M5ZDZjZmJiOS8x
L0taUFl2ZmlKUGxna091RTlPUnF6SHUwRDgyby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
ZjM1NDlmLTE4ZjctNDhiMC05MDFkLTI1Y2M5ZDZjZmJiOS8xL0kwUnRwNmNMem5j
LXdyd1dWYXJqRER3WVFTdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC2Z7wMEAKsWvTANBgkqhkiG9w0B
AQsFAAOCAQEAHLD/oYRA1rkjnEGYkNudTTMsIyuu6mXtD7BeQlV529V2ru+q38Ym
VUKOgiXaiShJgVzRFd5LXc00Ju3YGCb/hafIlvrTsjFzVbaXyCMY101gSxyofIJ7
T09u+xRdvhTLGinjOhmMTK2jv0P+b/1GdEL6Qf8VQqQcszGB0T+MmROHgNn2c2IU
rLNyp+uLpbyHK5nL58xmTJEYwEY8PJgzPHohIlUNg/Usk/4LHUP75oIHYhfBLrJx
mdZwn5UlWyOSWDIkF6aK14zLVChM1Cfr+dRFiA7p3Hu58N5c63CBjpw03fkYG8+k
uGVFuMU9S3h9L1GCNfHmFuKHTgj0btjT6w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-ams.rpki-client.org