Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/_KtJlmB393tJSX88BTJQDTLkb78.roa
File: _KtJlmB393tJSX88BTJQDTLkb78.roa (raw, json)
Hash identifier: vA10qxv7+JxKj58iGbAUaIBZGHme2UrxrS2//lpD7ag=
Subject key identifier: FC:AB:49:96:60:77:F7:7B:49:49:7F:3C:05:32:50:0D:32:E4:6F:BF
Certificate issuer: /CN=050e3b7dfbd59910fe527cc7e29af64d53806c91
Certificate serial: 0182C6F9306C1E5DBF18118B02F8EB70BD51
Authority key identifier: 05:0E:3B:7D:FB:D5:99:10:FE:52:7C:C7:E2:9A:F6:4D:53:80:6C:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/_KtJlmB393tJSX88BTJQDTLkb78.roa
Signing time: Mon 22 Aug 2022 19:13:15 +0000
ROA not before: Mon 22 Aug 2022 19:13:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31117
IP address blocks: 185.171.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c6:f9:30:6c:1e:5d:bf:18:11:8b:02:f8:eb:70:bd:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=050e3b7dfbd59910fe527cc7e29af64d53806c91
Validity
Not Before: Aug 22 19:13:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fcab49966077f77b49497f3c0532500d32e46fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0a:f1:b6:6a:19:1d:ea:3a:2e:fd:db:23:86:
f6:f7:f2:1e:75:38:e3:62:82:a5:39:c2:ed:d6:24:
db:f3:be:c9:dc:82:6f:83:51:3c:5d:d3:ad:04:5a:
ed:d1:40:3b:26:74:67:af:74:ac:f9:a5:07:1a:fc:
99:f3:02:c5:91:d2:ad:73:e1:55:42:6c:6a:fc:59:
68:cf:eb:0f:1c:cc:eb:ee:fe:86:36:a7:c5:4c:fe:
08:8f:e2:81:9e:9a:ba:bd:d4:c9:83:6e:24:cb:35:
22:56:9f:5f:49:84:0f:fa:cc:a9:49:29:03:f7:9a:
e9:f5:b5:b1:6f:ef:68:98:ca:55:3f:25:eb:08:fb:
06:d5:32:45:38:7f:8c:f3:3b:57:8f:e8:1b:56:9a:
e6:f3:9f:aa:29:3c:85:cb:07:06:5f:24:ca:54:d1:
59:52:b9:7e:06:cf:89:b4:e5:d0:82:3f:7a:73:8c:
61:a8:40:da:8d:eb:93:ca:d9:40:4c:51:6b:34:9e:
a1:41:61:cf:28:16:92:69:1f:01:3c:9b:9e:24:69:
3f:31:76:7e:63:dd:6f:f4:cd:b7:ea:d8:72:3b:13:
84:10:3c:9d:ed:fb:70:b6:43:6a:38:2a:70:be:7c:
fc:8f:6e:6f:c4:c8:b5:80:bd:22:10:8c:f5:aa:5a:
49:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AB:49:96:60:77:F7:7B:49:49:7F:3C:05:32:50:0D:32:E4:6F:BF
X509v3 Authority Key Identifier:
keyid:05:0E:3B:7D:FB:D5:99:10:FE:52:7C:C7:E2:9A:F6:4D:53:80:6C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/_KtJlmB393tJSX88BTJQDTLkb78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/BQ47ffvVmRD-UnzH4pr2TVOAbJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.140.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:86:8c:5c:8c:60:6f:43:d9:86:8d:6e:e2:0e:35:67:1e:49:
c2:8e:00:01:0a:c7:47:13:93:99:fc:6d:c9:9d:1a:8c:79:72:
af:4f:5e:d3:05:bf:05:5d:55:03:07:ed:f6:b2:1f:d2:b9:48:
94:7a:bd:77:33:87:d1:ce:25:02:1c:a4:f6:aa:e7:7b:e3:86:
8a:4c:05:95:23:33:e4:c0:f6:f0:c2:c3:df:41:e5:8f:50:55:
40:47:c9:ce:f1:69:06:10:23:83:8e:98:c9:9f:cc:ac:49:64:
f1:8d:6d:95:f1:0c:cb:bf:24:0d:73:30:d0:2d:b1:ac:d7:d5:
c2:ea:8f:7d:3e:0a:b6:8b:08:65:46:38:b4:25:a1:81:ed:62:
95:3a:20:d5:af:95:a8:d6:15:f9:14:40:87:b3:3d:78:d1:46:
49:04:ff:83:f6:0d:70:7a:88:7f:ba:7b:8d:b9:98:f9:6d:b1:
74:06:e0:5d:1f:dd:4d:8c:8a:2d:e2:84:d5:68:1d:48:f0:11:
f0:40:d8:c7:e4:96:7d:df:e1:78:ad:77:83:25:4c:07:e1:f2:
40:84:c4:e6:8f:c0:5b:55:fb:ec:c4:27:16:ea:73:5f:8d:ad:
e8:24:4a:e7:0c:7c:31:96:8a:74:2f:11:97:ec:c5:fe:13:aa:
08:23:98:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLG+TBsHl2/GBGLAvjrcL1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MGUzYjdkZmJkNTk5MTBmZTUyN2NjN2UyOWFmNjRkNTM4
MDZjOTEwHhcNMjIwODIyMTkxMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2FiNDk5NjYwNzdmNzdiNDk0OTdmM2MwNTMyNTAwZDMyZTQ2ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhArxtmoZHeo6Lv3bI4b29/IedTjj
YoKlOcLt1iTb877J3IJvg1E8XdOtBFrt0UA7JnRnr3Ss+aUHGvyZ8wLFkdKtc+FV
Qmxq/Floz+sPHMzr7v6GNqfFTP4Ij+KBnpq6vdTJg24kyzUiVp9fSYQP+sypSSkD
95rp9bWxb+9omMpVPyXrCPsG1TJFOH+M8ztXj+gbVprm85+qKTyFywcGXyTKVNFZ
Url+Bs+JtOXQgj96c4xhqEDajeuTytlATFFrNJ6hQWHPKBaSaR8BPJueJGk/MXZ+
Y91v9M236thyOxOEEDyd7ftwtkNqOCpwvnz8j25vxMi1gL0iEIz1qlpJgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPyrSZZgd/d7SUl/PAUyUA0y5G+/MB8GA1UdIwQY
MBaAFAUOO3371ZkQ/lJ8x+Ka9k1TgGyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlE0N2ZmdlZtUkQtVW56SDRwcjJUVk9BYkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZDk2MGMtZTIzNC00YTA1LWFiYTIt
NGE4Nzc5ZTQ3OGM2LzEvX0t0SmxtQjM5M3RKU1g4OEJUSlFEVExrYjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZDk2MGMtZTIzNC00YTA1LWFiYTItNGE4Nzc5ZTQ3OGM2
LzEvQlE0N2ZmdlZtUkQtVW56SDRwcjJUVk9BYkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuauMMA0G
CSqGSIb3DQEBCwUAA4IBAQBOhoxcjGBvQ9mGjW7iDjVnHknCjgABCsdHE5OZ/G3J
nRqMeXKvT17TBb8FXVUDB+32sh/SuUiUer13M4fRziUCHKT2qud744aKTAWVIzPk
wPbwwsPfQeWPUFVAR8nO8WkGECODjpjJn8ysSWTxjW2V8QzLvyQNczDQLbGs19XC
6o99Pgq2iwhlRji0JaGB7WKVOiDVr5Wo1hX5FECHsz140UZJBP+D9g1weoh/unuN
uZj5bbF0BuBdH91NjIot4oTVaB1I8BHwQNjH5JZ93+F4rXeDJUwH4fJAhMTmj8Bb
VfvsxCcW6nNfja3oJErnDHwxlop0LxGX7MX+E6oII5iW
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:58:55 2025 by rpki-client