Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/K20PV7_MDQJf72mb9OwYEHm28jA.roa
File: K20PV7_MDQJf72mb9OwYEHm28jA.roa (raw, json)
Hash identifier: Co2EoShG+mZnF8izbIe387l+7cWYwBPbfeoHxkmgWBU=
Subject key identifier: 2B:6D:0F:57:BF:CC:0D:02:5F:EF:69:9B:F4:EC:18:10:79:B6:F2:30
Certificate issuer: /CN=58ffa14df2a89cb6709636f2b0b570abccf8b84b
Certificate serial: 018216B69FBBAA179AD30760C4D2AFE20659
Authority key identifier: 58:FF:A1:4D:F2:A8:9C:B6:70:96:36:F2:B0:B5:70:AB:CC:F8:B8:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WP-hTfKonLZwljbysLVwq8z4uEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/K20PV7_MDQJf72mb9OwYEHm28jA.roa
Signing time: Tue 19 Jul 2022 13:47:23 +0000
ROA not before: Tue 19 Jul 2022 13:47:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213251
IP address blocks: 185.216.214.0/24 maxlen: 24
2a0b:bbc0:1c00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:b6:9f:bb:aa:17:9a:d3:07:60:c4:d2:af:e2:06:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ffa14df2a89cb6709636f2b0b570abccf8b84b
Validity
Not Before: Jul 19 13:47:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b6d0f57bfcc0d025fef699bf4ec181079b6f230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9f:53:98:c3:d2:fb:35:90:ba:0a:6e:b2:66:
e9:27:06:7e:b3:60:77:1f:40:c2:d3:5b:72:6e:8c:
e4:36:f9:37:57:9e:2c:e0:14:d5:ca:92:5c:65:b9:
a5:5f:3e:b6:c4:69:c2:5f:60:15:19:35:65:3a:05:
9a:47:a4:01:96:7a:86:eb:fc:5a:31:5a:1f:1c:12:
05:6a:36:97:0f:79:14:d2:73:57:54:75:d2:27:05:
ac:ac:70:bd:26:1d:f2:6d:19:b3:8e:db:07:1f:d9:
74:34:d8:e5:14:f6:96:e8:8d:9b:45:d5:f3:44:c5:
9e:b8:3b:58:57:62:0a:3e:eb:e4:2c:90:1c:b5:0b:
b4:f0:b1:76:89:bb:53:2e:a5:9d:7b:fe:86:9c:a6:
5a:05:16:9f:68:e0:29:66:1f:25:28:3c:cf:6f:aa:
42:9b:cc:ee:41:ff:1e:fb:e5:b0:33:7f:7f:50:a7:
22:4c:ca:49:aa:7e:30:02:59:e1:6c:e2:0f:1e:34:
38:45:d0:bb:66:e7:d9:5e:3a:85:86:68:dc:39:b0:
9f:ab:dc:ca:8b:58:56:0a:da:46:3b:da:3f:6b:5b:
05:61:5f:0f:cb:0c:c2:ce:30:c8:ad:6c:f2:74:1e:
5a:d8:e6:64:36:49:f9:19:25:ed:d2:6d:b5:13:5e:
ae:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:6D:0F:57:BF:CC:0D:02:5F:EF:69:9B:F4:EC:18:10:79:B6:F2:30
X509v3 Authority Key Identifier:
keyid:58:FF:A1:4D:F2:A8:9C:B6:70:96:36:F2:B0:B5:70:AB:CC:F8:B8:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WP-hTfKonLZwljbysLVwq8z4uEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/K20PV7_MDQJf72mb9OwYEHm28jA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/WP-hTfKonLZwljbysLVwq8z4uEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.214.0/24
IPv6:
2a0b:bbc0:1c00::/40
Signature Algorithm: sha256WithRSAEncryption
bb:fa:3b:87:23:0b:fb:4d:34:e0:04:f6:12:e6:53:78:0d:be:
73:49:fa:89:70:a4:1c:72:5d:51:1b:19:87:3c:dc:8d:22:4f:
20:fa:23:dc:3c:75:a1:7f:0e:62:0d:95:e8:00:d3:d3:b2:ed:
12:2a:62:3c:1b:c7:21:73:47:d4:b3:65:31:98:42:b2:23:50:
e9:e0:eb:e4:00:77:38:4e:43:33:d5:b8:50:aa:77:1d:8b:93:
93:c1:05:3f:d7:66:41:7e:ad:20:66:7e:df:56:44:8a:de:53:
fb:78:23:84:b7:c5:4a:d4:8d:96:5e:47:eb:da:71:5c:a6:dc:
d6:70:8c:82:47:9e:ac:31:60:be:56:a2:16:32:a0:52:59:fe:
8a:ff:5c:08:a0:c5:53:85:17:d4:9b:63:10:52:9d:ab:8a:78:
90:51:3e:05:06:fd:0c:95:cd:35:50:ad:cd:8e:22:73:aa:ae:
79:83:c3:64:f2:d9:99:32:50:22:98:05:96:e1:24:e3:32:15:
67:af:30:95:1c:a1:3c:d1:7b:59:d2:9a:36:1f:c8:d3:f6:2f:
2d:a4:52:2a:33:c7:e0:b3:c2:84:e3:51:8d:a3:45:7b:da:64:
e6:5b:c8:e3:50:11:a4:4f:15:0a:87:0b:7b:86:20:c8:63:91:
d2:06:69:16
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYIWtp+7qhea0wdgxNKv4gZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZmZhMTRkZjJhODljYjY3MDk2MzZmMmIwYjU3MGFiY2Nm
OGI4NGIwHhcNMjIwNzE5MTM0NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjZkMGY1N2JmY2MwZDAyNWZlZjY5OWJmNGVjMTgxMDc5YjZmMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjp9TmMPS+zWQugpusmbpJwZ+s2B3
H0DC01tybozkNvk3V54s4BTVypJcZbmlXz62xGnCX2AVGTVlOgWaR6QBlnqG6/xa
MVofHBIFajaXD3kU0nNXVHXSJwWsrHC9Jh3ybRmzjtsHH9l0NNjlFPaW6I2bRdXz
RMWeuDtYV2IKPuvkLJActQu08LF2ibtTLqWde/6GnKZaBRafaOApZh8lKDzPb6pC
m8zuQf8e++WwM39/UKciTMpJqn4wAlnhbOIPHjQ4RdC7ZufZXjqFhmjcObCfq9zK
i1hWCtpGO9o/a1sFYV8PywzCzjDIrWzydB5a2OZkNkn5GSXt0m21E16uUQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCttD1e/zA0CX+9pm/TsGBB5tvIwMB8GA1UdIwQY
MBaAFFj/oU3yqJy2cJY28rC1cKvM+LhLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1AtaFRmS29uTFp3bGpieXNMVndxOHo0dUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8wYjA2YmMtYjhjNy00Zjc1LWIyOWUt
YzEwN2E3YWMwNDg4LzEvSzIwUFY3X01EUUpmNzJtYjlPd1lFSG0yOGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8wYjA2YmMtYjhjNy00Zjc1LWIyOWUtYzEwN2E3YWMwNDg4
LzEvV1AtaFRmS29uTFp3bGpieXNMVndxOHo0dUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAudjWMA4E
AgACMAgDBgAqC7vAHDANBgkqhkiG9w0BAQsFAAOCAQEAu/o7hyML+0004AT2EuZT
eA2+c0n6iXCkHHJdURsZhzzcjSJPIPoj3Dx1oX8OYg2V6ADT07LtEipiPBvHIXNH
1LNlMZhCsiNQ6eDr5AB3OE5DM9W4UKp3HYuTk8EFP9dmQX6tIGZ+31ZEit5T+3gj
hLfFStSNll5H69pxXKbc1nCMgkeerDFgvlaiFjKgUln+iv9cCKDFU4UX1JtjEFKd
q4p4kFE+BQb9DJXNNVCtzY4ic6queYPDZPLZmTJQIpgFluEk4zIVZ68wlRyhPNF7
WdKaNh/I0/YvLaRSKjPH4LPChONRjaNFe9pk5lvI41ARpE8VCocLe4YgyGOR0gZp
Fg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:37:29 2025 by rpki-client