Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/_KFNbQjimXAdE_Bk6wl4SmYu2so.roa
File: _KFNbQjimXAdE_Bk6wl4SmYu2so.roa (raw, json)
Hash identifier: ib+QuDMsm6AP9OO3yB41MadmfoHFU+HXX3kMbT5J2+I=
Subject key identifier: FC:A1:4D:6D:08:E2:99:70:1D:13:F0:64:EB:09:78:4A:66:2E:DA:CA
Certificate issuer: /CN=27b24fd66efe6dc5c3aab2e2e651a4e207fe62e7
Certificate serial: 01ADF959
Authority key identifier: 27:B2:4F:D6:6E:FE:6D:C5:C3:AA:B2:E2:E6:51:A4:E2:07:FE:62:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/_KFNbQjimXAdE_Bk6wl4SmYu2so.roa
Signing time: Sat 01 Jan 2022 15:03:38 +0000
ROA not before: Sat 01 Jan 2022 15:03:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35819
IP address blocks: 185.51.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28178777 (0x1adf959)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27b24fd66efe6dc5c3aab2e2e651a4e207fe62e7
Validity
Not Before: Jan 1 15:03:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fca14d6d08e299701d13f064eb09784a662edaca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:27:de:a3:c1:a8:ba:da:ea:0a:5c:39:7a:6a:
f4:f3:f7:e7:06:85:03:df:e8:ea:6f:6a:58:cb:19:
ca:95:13:75:22:34:6c:25:f0:04:e6:5d:76:7f:94:
d8:25:85:08:ce:64:08:92:9a:c7:74:ed:b1:ed:93:
b3:ab:7c:9a:7e:f1:30:a4:b5:e7:8c:80:27:c5:90:
8f:d2:32:ac:1a:5d:ae:8f:71:f5:7f:1c:d3:a8:ea:
4e:06:b8:c0:19:26:e0:59:c5:82:8a:56:06:0a:30:
df:e8:c6:e8:7b:b7:74:49:d3:00:1a:96:61:b6:5b:
db:56:ca:fe:8a:30:64:98:c3:7e:f3:60:97:96:cd:
11:f4:ad:52:0b:84:67:0e:c9:cf:da:17:64:64:5a:
87:ef:9a:9a:63:ca:7e:26:46:81:b6:a2:68:41:0d:
f0:d7:1f:3f:ef:da:af:74:f0:60:52:33:6c:2f:b3:
91:88:70:96:68:39:3a:18:5a:a0:0f:00:79:18:f7:
86:54:c6:9c:ea:59:b6:ed:77:3f:13:c1:81:d9:d5:
45:da:09:da:ed:f3:0d:25:6b:33:c3:28:ab:5c:b8:
73:0b:11:c6:4a:9d:32:9a:fe:61:3a:66:8a:55:d1:
a4:45:15:f3:c4:61:7e:b2:3e:47:d7:52:4d:b4:de:
2c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A1:4D:6D:08:E2:99:70:1D:13:F0:64:EB:09:78:4A:66:2E:DA:CA
X509v3 Authority Key Identifier:
keyid:27:B2:4F:D6:6E:FE:6D:C5:C3:AA:B2:E2:E6:51:A4:E2:07:FE:62:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/_KFNbQjimXAdE_Bk6wl4SmYu2so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.123.0/24
Signature Algorithm: sha256WithRSAEncryption
78:0a:5b:f9:8e:39:2f:5d:af:cb:e6:b3:22:45:4f:3f:1a:df:
89:15:34:66:ff:4e:30:be:0c:b9:85:34:ed:74:d2:35:33:dc:
17:57:d1:c9:76:ce:46:e6:8e:84:c5:a7:26:e2:b4:be:5e:55:
01:90:8c:af:5f:bf:40:96:72:94:71:6b:b2:1e:f9:de:e9:22:
b5:b7:70:cd:5e:69:2e:85:7e:2a:54:d7:7c:24:4e:c6:e5:36:
68:57:ba:ce:09:f4:c3:31:f7:59:6b:f0:5a:de:0f:92:0f:10:
f0:f8:73:b7:8d:ac:23:9c:8e:65:7e:40:f5:fb:ce:c1:77:c2:
e6:a9:6b:30:be:eb:f7:74:77:8a:85:ad:ac:6b:d2:ac:5a:ab:
14:84:46:68:8a:06:18:11:39:d9:a2:00:d0:00:f2:e5:c5:b5:
8b:a1:59:0c:6a:f0:19:36:55:22:5a:09:a1:40:c0:a2:c2:39:
b6:7c:0a:c6:31:e2:ad:58:81:5a:e5:9e:97:6d:1b:b1:96:19:
97:5c:ca:fc:99:e0:7f:42:60:ae:c2:32:7a:a7:76:1e:a4:06:
59:cb:8e:61:6f:dd:89:95:17:ae:39:17:a5:2b:e8:2e:04:14:
ff:5b:62:d7:db:48:0c:cb:80:51:de:d2:12:7d:23:ee:5a:4c:
1f:7f:f0:18
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAa35WTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2IyNGZkNjZlZmU2ZGM1YzNhYWIyZTJlNjUxYTRlMjA3ZmU2MmU3MB4XDTIyMDEw
MTE1MDMzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmNhMTRkNmQwOGUy
OTk3MDFkMTNmMDY0ZWIwOTc4NGE2NjJlZGFjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwn3qPBqLra6gpcOXpq9PP35waFA9/o6m9qWMsZypUTdSI0
bCXwBOZddn+U2CWFCM5kCJKax3Ttse2Ts6t8mn7xMKS154yAJ8WQj9IyrBpdro9x
9X8c06jqTga4wBkm4FnFgopWBgow3+jG6Hu3dEnTABqWYbZb21bK/oowZJjDfvNg
l5bNEfStUguEZw7Jz9oXZGRah++ammPKfiZGgbaiaEEN8NcfP+/ar3TwYFIzbC+z
kYhwlmg5OhhaoA8AeRj3hlTGnOpZtu13PxPBgdnVRdoJ2u3zDSVrM8Moq1y4cwsR
xkqdMpr+YTpmilXRpEUV88RhfrI+R9dSTbTeLEMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT8oU1tCOKZcB0T8GTrCXhKZi7ayjAfBgNVHSMEGDAWgBQnsk/Wbv5txcOq
suLmUaTiB/5i5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o3SlAxbTctYmNYRHFyTGk1bEdrNGdmLVl1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvYmIwMWNlLWI5YjAtNGIxNS05NDAwLTM5NGY1MGQ0YmEzOC8x
L19LRk5iUWppbVhBZEVfQms2d2w0U21ZdTJzby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
YmIwMWNlLWI5YjAtNGIxNS05NDAwLTM5NGY1MGQ0YmEzOC8xL0o3SlAxbTctYmNY
RHFyTGk1bEdrNGdmLVl1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkzezANBgkqhkiG9w0BAQsFAAOC
AQEAeApb+Y45L12vy+azIkVPPxrfiRU0Zv9OML4MuYU07XTSNTPcF1fRyXbORuaO
hMWnJuK0vl5VAZCMr1+/QJZylHFrsh753ukitbdwzV5pLoV+KlTXfCROxuU2aFe6
zgn0wzH3WWvwWt4Pkg8Q8Phzt42sI5yOZX5A9fvOwXfC5qlrML7r93R3ioWtrGvS
rFqrFIRGaIoGGBE52aIA0ADy5cW1i6FZDGrwGTZVIloJoUDAosI5tnwKxjHirViB
WuWel20bsZYZl1zK/Jngf0JgrsIyeqd2HqQGWcuOYW/diZUXrjkXpSvoLgQU/1ti
19tIDMuAUd7SEn0j7lpMH3/wGA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:28 2025 by rpki-client