Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/KlA8l-EK0Adw3Gwi3wot18yC9Pw.roa
File: KlA8l-EK0Adw3Gwi3wot18yC9Pw.roa (raw, json)
Hash identifier: Bj6teSdXo6Vnfct3Gd4Baml3OQeZaZodGDJv3c5me0I=
Subject key identifier: 2A:50:3C:97:E1:0A:D0:07:70:DC:6C:22:DF:0A:2D:D7:CC:82:F4:FC
Certificate issuer: /CN=467350d5975a272a88bfb8810af45981cd55935a
Certificate serial: 959774
Authority key identifier: 46:73:50:D5:97:5A:27:2A:88:BF:B8:81:0A:F4:59:81:CD:55:93:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/KlA8l-EK0Adw3Gwi3wot18yC9Pw.roa
Signing time: Sat 01 Jan 2022 03:01:36 +0000
ROA not before: Sat 01 Jan 2022 03:01:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12590
IP address blocks: 185.118.222.0/24 maxlen: 24
185.118.221.0/24 maxlen: 24
185.118.220.0/24 maxlen: 24
185.118.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9803636 (0x959774)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=467350d5975a272a88bfb8810af45981cd55935a
Validity
Not Before: Jan 1 03:01:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a503c97e10ad00770dc6c22df0a2dd7cc82f4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:54:75:79:ae:8c:40:d8:32:9b:f1:0b:4b:0c:
48:46:ca:7a:94:c9:d0:28:c2:97:5b:1d:ac:c6:1b:
08:48:ce:da:df:3b:c3:d0:8d:cd:67:95:ca:85:98:
76:7a:5b:9c:4c:72:89:a1:cb:e5:35:86:b5:06:01:
81:eb:8f:1f:27:12:bc:2c:4f:2c:d5:be:16:3c:92:
24:90:71:2d:89:6f:2b:ce:f1:2b:61:58:52:e8:02:
9c:76:6e:d6:d6:a9:dd:ab:a3:f8:b7:28:48:a2:e8:
5a:8f:6a:94:cc:d6:b2:96:fb:d8:a4:93:24:05:f3:
2d:d9:14:e1:4c:0e:4a:46:4a:ac:ff:e8:01:e5:49:
2c:f1:40:9d:11:1f:c2:6d:5c:e5:b1:22:fc:8c:31:
ac:3d:69:19:04:a1:30:0e:10:4c:51:0a:09:e8:81:
b7:2a:5f:a6:40:a2:53:e6:fe:3d:4f:53:bd:92:9a:
f0:8d:9f:66:35:98:82:3b:57:cf:ed:ac:24:ab:3f:
97:2c:26:96:fc:ee:1f:21:e3:b9:dd:55:e0:a2:02:
1b:24:5f:d2:0b:c9:7e:d1:4b:5f:96:eb:36:ea:b8:
89:7d:b4:12:69:ca:88:19:88:fb:08:49:f4:91:10:
b9:c8:90:3b:05:c6:0c:a4:5f:ee:d6:f5:f5:ea:b9:
6b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:50:3C:97:E1:0A:D0:07:70:DC:6C:22:DF:0A:2D:D7:CC:82:F4:FC
X509v3 Authority Key Identifier:
keyid:46:73:50:D5:97:5A:27:2A:88:BF:B8:81:0A:F4:59:81:CD:55:93:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/KlA8l-EK0Adw3Gwi3wot18yC9Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.220.0/22
Signature Algorithm: sha256WithRSAEncryption
af:ec:bc:b0:74:58:58:59:8b:c1:69:d3:99:4a:3f:ea:c1:c7:
0f:e1:d6:3d:31:b1:b7:49:93:44:8a:5e:44:63:5e:04:61:d4:
9a:e8:c4:8e:c8:6f:de:97:d7:5a:c8:bd:de:06:16:26:04:3c:
58:f2:b2:35:28:66:b7:57:0b:69:c1:5b:45:0f:26:7b:14:96:
71:43:b5:83:96:38:24:39:fd:2a:e8:ec:d7:28:cd:5b:d8:ef:
3f:c3:c2:d5:5f:a1:9f:54:74:f5:0f:c8:ba:ee:4c:1f:23:77:
e2:d8:d5:6e:1e:53:f0:7b:9b:a5:ae:a7:99:75:79:09:f3:66:
f0:b8:67:33:06:71:49:ca:b7:79:31:3b:00:19:1b:a8:9e:a3:
78:25:4c:75:e2:3a:23:66:28:e1:24:29:be:54:df:a9:e5:d5:
ad:0f:be:0a:cb:c3:7f:6d:1a:95:da:af:14:cc:4b:c0:8e:42:
48:a6:d0:af:2e:15:35:02:49:32:81:3e:4c:c5:45:95:d9:d2:
0c:1c:13:b9:4a:21:9c:46:11:7f:a3:cf:db:7c:fb:07:e1:d1:
0e:2c:f2:89:e8:dc:d6:22:08:df:d3:57:47:1b:0e:37:d6:f1:
38:fb:a1:e5:23:0f:f2:45:35:c0:cf:20:e9:31:07:0b:72:0b:
f5:6e:e1:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJWXdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NjczNTBkNTk3NWEyNzJhODhiZmI4ODEwYWY0NTk4MWNkNTU5MzVhMB4XDTIyMDEw
MTAzMDEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE1MDNjOTdlMTBh
ZDAwNzcwZGM2YzIyZGYwYTJkZDdjYzgyZjRmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN1UdXmujEDYMpvxC0sMSEbKepTJ0CjCl1sdrMYbCEjO2t87
w9CNzWeVyoWYdnpbnExyiaHL5TWGtQYBgeuPHycSvCxPLNW+FjySJJBxLYlvK87x
K2FYUugCnHZu1tap3auj+LcoSKLoWo9qlMzWspb72KSTJAXzLdkU4UwOSkZKrP/o
AeVJLPFAnREfwm1c5bEi/IwxrD1pGQShMA4QTFEKCeiBtypfpkCiU+b+PU9TvZKa
8I2fZjWYgjtXz+2sJKs/lywmlvzuHyHjud1V4KICGyRf0gvJftFLX5brNuq4iX20
EmnKiBmI+whJ9JEQuciQOwXGDKRf7tb19eq5a7sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQqUDyX4QrQB3DcbCLfCi3XzIL0/DAfBgNVHSMEGDAWgBRGc1DVl1onKoi/
uIEK9FmBzVWTWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JuTlExWmRhSnlxSXY3aUJDdlJaZ2MxVmsxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvYzU3Yjc1LTEwYTctNDcyMy05NGVhLWU4NTc0NzdhNzAwOC8x
L0tsQThsLUVLMEFkdzNHd2kzd290MTh5QzlQdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
YzU3Yjc1LTEwYTctNDcyMy05NGVhLWU4NTc0NzdhNzAwOC8xL1JuTlExWmRhSnlx
SXY3aUJDdlJaZ2MxVmsxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl23DANBgkqhkiG9w0BAQsFAAOC
AQEAr+y8sHRYWFmLwWnTmUo/6sHHD+HWPTGxt0mTRIpeRGNeBGHUmujEjshv3pfX
Wsi93gYWJgQ8WPKyNShmt1cLacFbRQ8mexSWcUO1g5Y4JDn9Kujs1yjNW9jvP8PC
1V+hn1R09Q/Iuu5MHyN34tjVbh5T8Hubpa6nmXV5CfNm8LhnMwZxScq3eTE7ABkb
qJ6jeCVMdeI6I2Yo4SQpvlTfqeXVrQ++CsvDf20aldqvFMxLwI5CSKbQry4VNQJJ
MoE+TMVFldnSDBwTuUohnEYRf6PP23z7B+HRDizyiejc1iII39NXRxsON9bxOPuh
5SMP8kU1wM8g6TEHC3IL9W7h3A==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:45:04 2025 by rpki-client