Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/KF_xipOTqebxBfh1H91Rmh0bhFA.roa
File: KF_xipOTqebxBfh1H91Rmh0bhFA.roa (raw, json)
Hash identifier: yZgAXICfzy9yjsFaJI4PcXTHmDxJJTHvAJ193D0tE2I=
Subject key identifier: 28:5F:F1:8A:93:93:A9:E6:F1:05:F8:75:1F:DD:51:9A:1D:1B:84:50
Certificate issuer: /CN=9b340699c8ed970a8c9ed8c162088f2067c33250
Certificate serial: 01856ECB59DC6E69DB4F40367ABC9AEF857D
Authority key identifier: 9B:34:06:99:C8:ED:97:0A:8C:9E:D8:C1:62:08:8F:20:67:C3:32:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzQGmcjtlwqMntjBYgiPIGfDMlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/KF_xipOTqebxBfh1H91Rmh0bhFA.roa
Signing time: Sun 01 Jan 2023 19:24:58 +0000
ROA not before: Sun 01 Jan 2023 19:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2116
IP address blocks: 185.85.128.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:59:dc:6e:69:db:4f:40:36:7a:bc:9a:ef:85:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b340699c8ed970a8c9ed8c162088f2067c33250
Validity
Not Before: Jan 1 19:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=285ff18a9393a9e6f105f8751fdd519a1d1b8450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bc:64:d4:ab:7e:7f:2e:f7:51:5d:ec:0a:26:
1c:b2:01:4a:0a:48:3f:53:11:19:7b:de:27:64:82:
51:d3:4d:a0:a6:9b:d8:90:43:70:0c:f2:1f:5b:5b:
6b:34:27:f4:64:b1:41:b2:fc:9d:0f:d4:27:d3:c5:
ec:22:c9:11:53:51:db:bd:f3:87:8b:fb:99:30:ae:
c4:3d:6f:f3:c2:cd:ae:12:6d:6b:42:4f:d4:86:8b:
f1:32:59:8a:79:f9:2e:d2:94:d6:f4:3c:26:4f:9f:
a7:b4:18:a5:b9:4d:a7:c5:74:65:5a:1b:aa:50:4a:
6c:88:12:ef:16:6a:f9:69:f4:fd:d6:1a:02:ed:de:
ab:5c:0b:05:0a:3e:63:43:1b:ab:d4:73:e8:03:ca:
8c:3c:6b:f2:d5:e3:04:32:e4:77:ba:18:4d:61:47:
bd:5e:a8:4d:2e:4c:5c:ff:10:9c:cf:af:f0:1c:af:
15:b3:9f:ee:e3:f3:25:da:91:9d:41:c3:fa:fd:b0:
ba:26:68:e4:79:2d:d8:77:94:a3:f9:e3:66:aa:38:
06:41:7e:a9:f1:e4:bd:ae:b6:57:1a:f9:1c:99:f1:
80:1d:09:f7:3c:10:75:11:bf:51:8c:f1:45:99:5f:
d3:45:6e:0f:e5:88:f5:1f:09:33:2d:43:7c:59:38:
92:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5F:F1:8A:93:93:A9:E6:F1:05:F8:75:1F:DD:51:9A:1D:1B:84:50
X509v3 Authority Key Identifier:
keyid:9B:34:06:99:C8:ED:97:0A:8C:9E:D8:C1:62:08:8F:20:67:C3:32:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzQGmcjtlwqMntjBYgiPIGfDMlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/KF_xipOTqebxBfh1H91Rmh0bhFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/mzQGmcjtlwqMntjBYgiPIGfDMlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.128.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:2d:95:1e:7b:08:ce:e4:64:11:2d:c9:26:03:57:a1:fc:02:
13:6d:e8:36:37:03:2e:51:13:e1:7c:9a:e7:70:4b:71:7f:8e:
4b:53:70:45:92:a7:63:48:f6:99:ba:c5:1a:c8:4c:51:6a:56:
1f:9c:61:24:f2:c7:98:62:b3:46:2b:b3:2b:90:b1:38:c4:58:
cc:6a:59:2e:3a:8a:87:de:a6:48:50:23:b7:98:3b:41:cf:c1:
f6:a6:c0:f4:08:56:7d:1f:b8:09:8f:88:67:e2:14:04:a4:8a:
42:88:a7:d5:be:75:3a:80:67:ec:ed:e5:e9:ee:21:a5:45:31:
e8:f6:ec:2f:37:de:2b:b4:41:0d:2d:f1:e5:5a:70:ae:ca:e2:
07:1c:f0:a4:24:38:4d:d8:b0:ca:c8:d6:7a:0c:0b:81:d5:41:
87:ad:07:d3:7f:42:fc:c6:35:1c:c9:3b:1f:35:de:45:8c:91:
eb:7c:ac:71:08:d4:4a:5f:33:c1:af:06:8e:6b:e3:2d:58:f8:
e6:63:f0:ae:1d:06:76:c3:c9:a8:5e:7f:c8:3a:36:f0:94:43:
e8:96:4b:c8:ce:d4:7f:2e:a3:24:c6:15:2a:4c:b0:44:3a:1f:
e5:aa:27:b4:cf:71:4b:89:dc:7a:b7:ee:4e:5c:d2:5b:cc:ec:
e5:21:e0:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy1ncbmnbT0A2erya74V9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzQwNjk5YzhlZDk3MGE4YzllZDhjMTYyMDg4ZjIwNjdj
MzMyNTAwHhcNMjMwMTAxMTkyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODVmZjE4YTkzOTNhOWU2ZjEwNWY4NzUxZmRkNTE5YTFkMWI4NDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbxk1Kt+fy73UV3sCiYcsgFKCkg/
UxEZe94nZIJR002gppvYkENwDPIfW1trNCf0ZLFBsvydD9Qn08XsIskRU1HbvfOH
i/uZMK7EPW/zws2uEm1rQk/UhovxMlmKefku0pTW9DwmT5+ntBiluU2nxXRlWhuq
UEpsiBLvFmr5afT91hoC7d6rXAsFCj5jQxur1HPoA8qMPGvy1eMEMuR3uhhNYUe9
XqhNLkxc/xCcz6/wHK8Vs5/u4/Ml2pGdQcP6/bC6JmjkeS3Yd5Sj+eNmqjgGQX6p
8eS9rrZXGvkcmfGAHQn3PBB1Eb9RjPFFmV/TRW4P5Yj1HwkzLUN8WTiSZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChf8YqTk6nm8QX4dR/dUZodG4RQMB8GA1UdIwQY
MBaAFJs0BpnI7ZcKjJ7YwWIIjyBnwzJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpRR21janRsd3FNbnRqQllnaVBJR2ZETWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82ZjQ5NDAtNWFiYy00OWI0LTk3NDct
ZTA4YmUwZWRhZjc2LzEvS0ZfeGlwT1RxZWJ4QmZoMUg5MVJtaDBiaEZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82ZjQ5NDAtNWFiYy00OWI0LTk3NDctZTA4YmUwZWRhZjc2
LzEvbXpRR21janRsd3FNbnRqQllnaVBJR2ZETWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVWAMA0G
CSqGSIb3DQEBCwUAA4IBAQAqLZUeewjO5GQRLckmA1eh/AITbeg2NwMuURPhfJrn
cEtxf45LU3BFkqdjSPaZusUayExRalYfnGEk8seYYrNGK7MrkLE4xFjMalkuOoqH
3qZIUCO3mDtBz8H2psD0CFZ9H7gJj4hn4hQEpIpCiKfVvnU6gGfs7eXp7iGlRTHo
9uwvN94rtEENLfHlWnCuyuIHHPCkJDhN2LDKyNZ6DAuB1UGHrQfTf0L8xjUcyTsf
Nd5FjJHrfKxxCNRKXzPBrwaOa+MtWPjmY/CuHQZ2w8moXn/IOjbwlEPolkvIztR/
LqMkxhUqTLBEOh/lqie0z3FLidx6t+5OXNJbzOzlIeCD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:38 2025 by rpki-client