Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/kff-l9-aIMHWayNfDVt5iebvvFY.roa
File: kff-l9-aIMHWayNfDVt5iebvvFY.roa (raw, json)
Hash identifier: jUuT/XpNi9K7pUpf4PIHc5M3BW+dKPhIkbX0xM5Q0tM=
Subject key identifier: 91:F7:FE:97:DF:9A:20:C1:D6:6B:23:5F:0D:5B:79:89:E6:EF:BC:56
Certificate issuer: /CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca
Certificate serial: 055353D6
Authority key identifier: 9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/kff-l9-aIMHWayNfDVt5iebvvFY.roa
Signing time: Wed 13 Apr 2022 16:17:07 +0000
ROA not before: Wed 13 Apr 2022 16:17:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205908
IP address blocks: 23.252.72.0/24 maxlen: 24
167.160.18.0/24 maxlen: 24
2a10:4cc0::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89347030 (0x55353d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca
Validity
Not Before: Apr 13 16:17:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91f7fe97df9a20c1d66b235f0d5b7989e6efbc56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:be:f9:58:32:b0:97:59:cd:c8:d5:d8:82:4b:
9c:f6:18:47:16:96:3d:86:97:54:00:f7:39:33:10:
6e:25:1d:b3:ec:73:80:f1:b9:1e:39:cc:8c:70:8e:
48:10:b3:d0:1e:9e:04:a8:06:80:d5:31:e0:40:ce:
65:b9:ac:7a:6f:c8:fb:a7:25:07:49:bf:90:74:9b:
b7:cc:36:9b:40:dd:be:c8:6a:db:dd:67:77:c4:76:
87:c3:6a:cd:52:64:8b:f7:97:89:de:ba:26:fe:59:
6c:99:a3:ad:4e:67:c2:8d:a6:82:e3:36:00:4a:19:
fc:af:28:40:88:31:ed:7c:71:ef:35:8a:98:f0:2f:
68:61:33:77:3a:5a:08:bb:35:5d:ed:5d:76:81:d4:
c1:31:28:31:d0:9f:40:c6:b0:ec:45:22:f2:c9:55:
84:cf:0a:c4:7a:78:f9:c7:b7:29:b6:06:eb:22:42:
f0:9a:14:e4:69:f2:16:18:c5:7c:de:78:31:43:d5:
fe:4b:35:b3:cc:7c:d7:76:a7:e5:6d:41:1c:00:42:
d2:f0:b6:22:00:cf:25:c8:a4:fe:bb:ed:59:1a:65:
d7:3b:5f:4e:02:31:06:d0:f5:00:fd:40:54:dd:f7:
c0:40:df:3b:5c:c1:8f:8d:04:e0:da:b4:9d:b1:0a:
7f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F7:FE:97:DF:9A:20:C1:D6:6B:23:5F:0D:5B:79:89:E6:EF:BC:56
X509v3 Authority Key Identifier:
keyid:9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/kff-l9-aIMHWayNfDVt5iebvvFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.72.0/24
167.160.18.0/24
IPv6:
2a10:4cc0::/40
Signature Algorithm: sha256WithRSAEncryption
65:9f:fe:98:7d:9f:ad:19:25:b9:80:70:3b:08:79:88:63:e9:
9d:de:a2:db:db:90:b9:c1:9a:df:12:26:ea:74:fe:25:5c:8c:
4c:6a:70:0a:bd:a2:13:ee:61:54:3d:30:b9:66:4f:3d:16:68:
6d:3b:47:e3:3a:61:ce:1d:79:c6:bf:53:f0:93:f2:22:ba:72:
51:d3:fb:86:ea:5f:62:cf:63:28:5c:9c:df:ae:e2:62:8d:29:
e8:2c:c6:0a:75:ad:15:86:e2:1b:8f:1d:a9:77:33:08:51:08:
a3:d6:84:a7:8f:f6:8b:b7:10:41:73:3a:7a:01:03:7e:d9:3b:
aa:fe:ed:42:0f:86:cb:67:21:c0:dc:48:b1:5e:8f:11:04:9b:
20:e8:81:a1:b4:8f:15:42:3f:db:9f:09:a6:ef:4f:08:50:3a:
ca:c9:6c:12:e5:8c:20:2c:ba:65:cc:02:8f:f6:07:c8:50:15:
40:99:8d:5b:34:c8:df:93:b2:8a:d5:58:03:72:e8:fe:fe:88:
a1:23:e1:b4:e2:0d:3e:a4:51:d2:b7:15:d4:36:0a:57:08:38:
75:fb:eb:90:cd:bc:d4:7a:21:98:39:ac:1e:15:90:f2:e7:a8:
85:c3:70:5d:20:d3:e3:56:30:d3:f8:a2:55:31:67:55:6f:e0:
10:2b:1c:ab
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEBVNT1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YmFkMTBmOTcyZTY3ODllMmE0Mzc3YTJjMjllZTA4YmMzYTM2N2NhMB4XDTIyMDQx
MzE2MTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFmN2ZlOTdkZjlh
MjBjMWQ2NmIyMzVmMGQ1Yjc5ODllNmVmYmM1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALC++VgysJdZzcjV2IJLnPYYRxaWPYaXVAD3OTMQbiUds+xz
gPG5HjnMjHCOSBCz0B6eBKgGgNUx4EDOZbmsem/I+6clB0m/kHSbt8w2m0Ddvshq
291nd8R2h8NqzVJki/eXid66Jv5ZbJmjrU5nwo2mguM2AEoZ/K8oQIgx7Xxx7zWK
mPAvaGEzdzpaCLs1Xe1ddoHUwTEoMdCfQMaw7EUi8slVhM8KxHp4+ce3KbYG6yJC
8JoU5GnyFhjFfN54MUPV/ks1s8x813an5W1BHABC0vC2IgDPJcik/rvtWRpl1ztf
TgIxBtD1AP1AVN33wEDfO1zBj40E4Nq0nbEKf3kCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBSR9/6X35ogwdZrI18NW3mJ5u+8VjAfBgNVHSMEGDAWgBSbrRD5cuZ4nipD
d6LCnuCLw6NnyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L202MFEtWExtZUo0cVEzZWl3cDdnaThPalo4by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvYjRmNmQzLWE0YzAtNDM3Yy1iNGM2LTBkMzgxNGVhNzNjNy8x
L2tmZi1sOS1hSU1IV2F5TmZEVnQ1aWVidnZGWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
YjRmNmQzLWE0YzAtNDM3Yy1iNGM2LTBkMzgxNGVhNzNjNy8xL202MFEtWExtZUo0
cVEzZWl3cDdnaThPalo4by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwEgQCAAEwDAMEABf8SAMEAKegEjAOBAIAAjAIAwYA
KhBMwAAwDQYJKoZIhvcNAQELBQADggEBAGWf/ph9n60ZJbmAcDsIeYhj6Z3eotvb
kLnBmt8SJup0/iVcjExqcAq9ohPuYVQ9MLlmTz0WaG07R+M6Yc4deca/U/CT8iK6
clHT+4bqX2LPYyhcnN+u4mKNKegsxgp1rRWG4huPHal3MwhRCKPWhKeP9ou3EEFz
OnoBA37ZO6r+7UIPhstnIcDcSLFejxEEmyDogaG0jxVCP9ufCabvTwhQOsrJbBLl
jCAsumXMAo/2B8hQFUCZjVs0yN+TsorVWANy6P7+iKEj4bTiDT6kUdK3FdQ2ClcI
OHX765DNvNR6IZg5rB4VkPLnqIXDcF0g0+NWMNP4olUxZ1Vv4BArHKs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:50 2025 by rpki-client