Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/72cf2f-a781-4b57-b862-735a3fae6216/1/Kgf5rq63K9C63HvwIi411z7uoEI.roa
File: Kgf5rq63K9C63HvwIi411z7uoEI.roa (raw, json)
Hash identifier: kHEPIuYTO34mElw2oJoaXD+6/qQuYXjfCgUjyZ/x7sI=
Subject key identifier: 2A:07:F9:AE:AE:B7:2B:D0:BA:DC:7B:F0:22:2E:35:D7:3E:EE:A0:42
Certificate issuer: /CN=cc4b1e4b5b9a50031b59d4197321a099a8570540
Certificate serial: 018572710D531E3BA339A32AD74D90C507E0
Authority key identifier: CC:4B:1E:4B:5B:9A:50:03:1B:59:D4:19:73:21:A0:99:A8:57:05:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zEseS1uaUAMbWdQZcyGgmahXBUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/72cf2f-a781-4b57-b862-735a3fae6216/1/Kgf5rq63K9C63HvwIi411z7uoEI.roa
Signing time: Mon 02 Jan 2023 12:24:49 +0000
ROA not before: Mon 02 Jan 2023 12:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41405
IP address blocks: 185.7.240.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:0d:53:1e:3b:a3:39:a3:2a:d7:4d:90:c5:07:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc4b1e4b5b9a50031b59d4197321a099a8570540
Validity
Not Before: Jan 2 12:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a07f9aeaeb72bd0badc7bf0222e35d73eeea042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:03:53:ce:cb:72:6d:5f:c2:f8:3f:4c:63:2b:
55:37:17:5a:bf:a7:79:f9:1c:d6:f6:52:bb:a5:86:
06:d8:63:15:c2:83:25:b7:ba:73:26:a7:44:83:33:
3e:49:9f:0a:ee:ab:38:75:7a:45:26:50:23:ca:9b:
6b:ea:c6:5b:01:43:b3:5c:9c:73:09:45:82:e4:b3:
ed:da:69:5c:aa:29:d1:64:13:db:1f:1a:46:19:99:
02:af:10:dd:57:5d:81:91:e9:5f:59:76:12:37:cd:
21:64:94:0b:d5:74:63:01:2f:53:57:87:cd:4b:6c:
2a:7f:8f:33:91:22:64:24:cc:ad:f5:aa:cd:0a:32:
91:cc:ef:7e:9f:d4:39:87:c5:79:94:aa:ad:3b:9a:
bf:41:4a:3a:39:39:b4:bd:cc:7d:c4:5c:77:47:f2:
79:ac:be:43:6e:d8:0f:e8:71:e4:83:b0:b8:80:a7:
80:61:5b:04:14:bf:6a:ef:27:2a:c4:17:5e:dd:48:
b8:4d:a7:74:2d:63:7e:34:9f:93:52:7a:59:76:d0:
77:24:4a:06:bb:5e:ed:dc:5d:ed:fe:fe:37:e1:5c:
29:29:92:bb:40:d8:35:13:65:4b:af:74:79:24:81:
e3:8e:76:b2:9f:82:e4:75:f6:be:19:89:44:16:d2:
a3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:07:F9:AE:AE:B7:2B:D0:BA:DC:7B:F0:22:2E:35:D7:3E:EE:A0:42
X509v3 Authority Key Identifier:
keyid:CC:4B:1E:4B:5B:9A:50:03:1B:59:D4:19:73:21:A0:99:A8:57:05:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zEseS1uaUAMbWdQZcyGgmahXBUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/72cf2f-a781-4b57-b862-735a3fae6216/1/Kgf5rq63K9C63HvwIi411z7uoEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/72cf2f-a781-4b57-b862-735a3fae6216/1/zEseS1uaUAMbWdQZcyGgmahXBUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.240.0/22
Signature Algorithm: sha256WithRSAEncryption
88:b2:66:bb:ac:c1:58:f6:cb:79:30:c3:7a:b8:c3:b0:fe:69:
e2:f5:da:33:58:92:c2:c2:6f:09:3f:de:9d:5e:e2:59:a4:1f:
5c:2b:5d:ad:d2:71:03:f7:0a:ea:d2:9e:1e:47:9d:f3:90:ee:
7e:59:61:dd:46:60:d2:23:fd:33:df:98:2a:3d:c5:a3:bf:14:
4f:35:5f:be:c5:99:ce:be:1c:30:ce:57:1c:33:4b:30:c0:18:
dd:44:c0:29:03:66:41:1b:ce:67:f2:69:7f:b0:2d:c4:07:89:
f7:fa:4f:69:29:8f:b2:ea:9e:ce:83:25:16:72:bd:d4:96:d4:
6c:ec:3f:e1:40:99:19:f4:c9:48:3c:42:05:58:57:6a:27:12:
2c:00:02:78:48:12:7d:9a:8e:23:b9:50:24:e8:2a:3a:b3:e6:
10:e7:fb:dd:74:31:56:ef:27:89:7b:3d:e5:f5:5a:2d:05:e7:
0a:04:d9:41:3a:b5:c9:33:5d:25:8b:37:be:5b:ae:58:fb:c6:
cc:fd:2b:c7:9e:16:62:53:3a:d5:ac:22:d8:4d:25:93:f7:38:
b2:0f:1d:f8:8c:99:75:83:1e:e4:7c:0a:b4:2a:aa:0c:d8:14:
0b:7e:cc:60:74:39:fc:c3:2f:aa:09:40:ef:c5:0f:86:1b:23:
81:58:47:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycQ1THjujOaMq102QxQfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNGIxZTRiNWI5YTUwMDMxYjU5ZDQxOTczMjFhMDk5YTg1
NzA1NDAwHhcNMjMwMTAyMTIyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA3ZjlhZWFlYjcyYmQwYmFkYzdiZjAyMjJlMzVkNzNlZWVhMDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQNTzstybV/C+D9MYytVNxdav6d5
+RzW9lK7pYYG2GMVwoMlt7pzJqdEgzM+SZ8K7qs4dXpFJlAjyptr6sZbAUOzXJxz
CUWC5LPt2mlcqinRZBPbHxpGGZkCrxDdV12BkelfWXYSN80hZJQL1XRjAS9TV4fN
S2wqf48zkSJkJMyt9arNCjKRzO9+n9Q5h8V5lKqtO5q/QUo6OTm0vcx9xFx3R/J5
rL5DbtgP6HHkg7C4gKeAYVsEFL9q7ycqxBde3Ui4Tad0LWN+NJ+TUnpZdtB3JEoG
u17t3F3t/v434VwpKZK7QNg1E2VLr3R5JIHjjnayn4Lkdfa+GYlEFtKjHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoH+a6utyvQutx78CIuNdc+7qBCMB8GA1UdIwQY
MBaAFMxLHktbmlADG1nUGXMhoJmoVwVAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekVzZVMxdWFVQU1iV2RRWmN5R2dtYWhYQlVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83MmNmMmYtYTc4MS00YjU3LWI4NjIt
NzM1YTNmYWU2MjE2LzEvS2dmNXJxNjNLOUM2M0h2d0lpNDExejd1b0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83MmNmMmYtYTc4MS00YjU3LWI4NjItNzM1YTNmYWU2MjE2
LzEvekVzZVMxdWFVQU1iV2RRWmN5R2dtYWhYQlVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQfwMA0G
CSqGSIb3DQEBCwUAA4IBAQCIsma7rMFY9st5MMN6uMOw/mni9dozWJLCwm8JP96d
XuJZpB9cK12t0nED9wrq0p4eR53zkO5+WWHdRmDSI/0z35gqPcWjvxRPNV++xZnO
vhwwzlccM0swwBjdRMApA2ZBG85n8ml/sC3EB4n3+k9pKY+y6p7OgyUWcr3UltRs
7D/hQJkZ9MlIPEIFWFdqJxIsAAJ4SBJ9mo4juVAk6Co6s+YQ5/vddDFW7yeJez3l
9VotBecKBNlBOrXJM10lize+W65Y+8bM/SvHnhZiUzrVrCLYTSWT9ziyDx34jJl1
gx7kfAq0KqoM2BQLfsxgdDn8wy+qCUDvxQ+GGyOBWEfB
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:13:26 2025 by rpki-client