Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/K7il4bx9ctB-xH1SY3p4kktx6f0.roa
File: K7il4bx9ctB-xH1SY3p4kktx6f0.roa (raw, json)
Hash identifier: CiB5TvUO6ftXuYrh2RR0ovmq1Xy0sFs5Eh+sJO/RkDg=
Subject key identifier: 2B:B8:A5:E1:BC:7D:72:D0:7E:C4:7D:52:63:7A:78:92:4B:71:E9:FD
Certificate issuer: /CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Certificate serial: 03BC76F0
Authority key identifier: 56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/K7il4bx9ctB-xH1SY3p4kktx6f0.roa
Signing time: Sat 01 Jan 2022 05:57:43 +0000
ROA not before: Sat 01 Jan 2022 05:57:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199103
IP address blocks: 185.220.92.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62682864 (0x3bc76f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Validity
Not Before: Jan 1 05:57:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bb8a5e1bc7d72d07ec47d52637a78924b71e9fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9b:37:86:6e:4d:b5:cc:84:d8:c3:aa:e6:3a:
11:43:47:04:2e:76:b5:af:f3:c4:f4:7d:a2:58:ce:
2d:64:55:3b:27:bd:6e:a0:8c:30:37:30:f7:81:64:
6f:f6:51:fa:6e:89:dc:1c:c9:eb:bf:20:71:13:3f:
f6:95:a4:a4:63:40:11:96:b3:b7:8e:d6:50:75:fa:
2b:74:a2:19:3e:3c:6c:a3:27:a5:ad:c5:ab:92:21:
fa:2a:8d:ef:10:7b:cd:66:f3:7d:c4:5b:24:74:be:
21:0e:57:c1:08:ff:c4:0c:88:ef:e0:15:65:a7:d4:
b9:7e:e5:ce:74:8b:3b:1f:83:6e:ac:bd:2a:83:2a:
0d:5b:bd:ac:b2:84:23:14:7d:97:86:22:71:51:ab:
f9:42:79:0d:fd:03:83:1a:af:6f:09:53:bf:f6:7b:
62:ea:54:9f:35:ed:54:e9:31:6f:c2:89:87:87:17:
e7:ef:a1:cc:12:a8:12:7e:e2:24:80:7d:34:31:4a:
91:ca:3a:59:8f:f2:ce:fb:45:1b:5f:e0:78:11:c6:
2c:31:be:5a:11:a3:93:40:58:a4:7c:1f:ce:2b:0b:
32:42:e1:29:71:f8:ae:95:f9:a4:8b:84:a7:a8:20:
53:da:e4:5f:c4:79:8f:6f:89:66:94:65:c2:07:66:
68:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B8:A5:E1:BC:7D:72:D0:7E:C4:7D:52:63:7A:78:92:4B:71:E9:FD
X509v3 Authority Key Identifier:
keyid:56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/K7il4bx9ctB-xH1SY3p4kktx6f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VqSYe_jGtM3WV7vC0KXhPptibLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.92.0/23
Signature Algorithm: sha256WithRSAEncryption
37:de:e7:da:1e:09:76:e9:c4:c7:3d:7b:bd:eb:02:49:f7:0a:
74:98:9c:f9:b3:0d:e7:3b:ca:fc:d1:49:9f:a6:da:aa:bf:47:
7d:36:4d:ec:ce:ed:82:f9:9c:81:d8:3f:d3:0e:3f:5e:19:7e:
7f:aa:06:98:c8:fc:5a:e7:82:14:34:71:cf:e1:80:8f:73:71:
62:80:fe:a4:7a:75:6a:cf:d6:c5:c2:03:42:bd:a6:a8:59:76:
78:7b:e3:96:50:72:d5:06:99:2a:c3:51:00:e5:2e:71:a2:22:
ce:a9:6d:c9:f0:9b:56:89:1a:66:6f:79:64:5a:cd:f7:c0:78:
ba:62:38:08:58:6a:7c:b9:1a:89:02:d8:29:06:53:00:63:8e:
0b:e0:0c:af:90:d0:3a:fd:45:5d:56:9b:ad:b9:20:a7:d7:a0:
a1:90:b3:60:a4:d1:85:7e:51:6f:b5:d5:ee:2b:4e:8e:dd:4e:
51:5b:1d:4c:de:3f:04:3c:53:c7:1b:07:a0:e5:8b:f9:ed:43:
27:c7:ed:39:82:f6:3a:a2:ff:3f:6a:4f:03:db:39:07:31:34:
c7:d8:cd:a6:ae:8e:76:7d:21:20:0b:bb:ec:e1:9e:17:67:b8:
6f:3c:49:a6:6f:84:cd:65:2f:f7:f7:3b:d4:1b:e1:fc:92:d0:
e0:d7:80:07
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7x28DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NmE0OTg3YmY4YzZiNGNkZDY1N2JiYzJkMGE1ZTEzZTliNjI2Y2I5MB4XDTIyMDEw
MTA1NTc0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmJiOGE1ZTFiYzdk
NzJkMDdlYzQ3ZDUyNjM3YTc4OTI0YjcxZTlmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKybN4ZuTbXMhNjDquY6EUNHBC52ta/zxPR9oljOLWRVOye9
bqCMMDcw94Fkb/ZR+m6J3BzJ678gcRM/9pWkpGNAEZazt47WUHX6K3SiGT48bKMn
pa3Fq5Ih+iqN7xB7zWbzfcRbJHS+IQ5XwQj/xAyI7+AVZafUuX7lznSLOx+Dbqy9
KoMqDVu9rLKEIxR9l4YicVGr+UJ5Df0DgxqvbwlTv/Z7YupUnzXtVOkxb8KJh4cX
5++hzBKoEn7iJIB9NDFKkco6WY/yzvtFG1/geBHGLDG+WhGjk0BYpHwfzisLMkLh
KXH4rpX5pIuEp6ggU9rkX8R5j2+JZpRlwgdmaOMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQruKXhvH1y0H7EfVJjeniSS3Hp/TAfBgNVHSMEGDAWgBRWpJh7+Ma0zdZX
u8LQpeE+m2JsuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZxU1llX2pHdE0zV1Y3dkMwS1hoUHB0aWJMay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvODgwOWRkLTY2N2EtNDA0Ny04MTA0LWRlNTg2OThiNjQ3MC8x
L0s3aWw0Yng5Y3RCLXhIMVNZM3A0a2t0eDZmMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
ODgwOWRkLTY2N2EtNDA0Ny04MTA0LWRlNTg2OThiNjQ3MC8xL1ZxU1llX2pHdE0z
V1Y3dkMwS1hoUHB0aWJMay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbncXDANBgkqhkiG9w0BAQsFAAOC
AQEAN97n2h4JdunExz17vesCSfcKdJic+bMN5zvK/NFJn6baqr9HfTZN7M7tgvmc
gdg/0w4/Xhl+f6oGmMj8WueCFDRxz+GAj3NxYoD+pHp1as/WxcIDQr2mqFl2eHvj
llBy1QaZKsNRAOUucaIizqltyfCbVokaZm95ZFrN98B4umI4CFhqfLkaiQLYKQZT
AGOOC+AMr5DQOv1FXVabrbkgp9egoZCzYKTRhX5Rb7XV7itOjt1OUVsdTN4/BDxT
xxsHoOWL+e1DJ8ftOYL2OqL/P2pPA9s5BzE0x9jNpq6Odn0hIAu77OGeF2e4bzxJ
pm+EzWUv9/c71Bvh/JLQ4NeABw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:04:29 2025 by rpki-client