Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/kibp-vUBWORIcXVLn33nCKj9obo.roa
File: kibp-vUBWORIcXVLn33nCKj9obo.roa (raw, json)
Hash identifier: r0ayR+EyXG8P2N4kuSiEPZ1jt7RnLA3PL4GLmK3zyos=
Subject key identifier: 92:26:E9:FA:F5:01:58:E4:48:71:75:4B:9F:7D:E7:08:A8:FD:A1:BA
Certificate issuer: /CN=af3038a717b154e1cfa47116832da26f28b2a304
Certificate serial: 080D3CE1
Authority key identifier: AF:30:38:A7:17:B1:54:E1:CF:A4:71:16:83:2D:A2:6F:28:B2:A3:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/kibp-vUBWORIcXVLn33nCKj9obo.roa
Signing time: Sat 01 Jan 2022 05:53:46 +0000
ROA not before: Sat 01 Jan 2022 05:53:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49214
IP address blocks: 217.22.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135085281 (0x80d3ce1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af3038a717b154e1cfa47116832da26f28b2a304
Validity
Not Before: Jan 1 05:53:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9226e9faf50158e44871754b9f7de708a8fda1ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:42:f1:d2:5a:33:e8:d8:c0:a5:8e:75:7e:a3:
8a:5f:de:64:48:1c:34:e9:b8:9d:89:b3:9d:21:40:
c3:41:20:95:4b:90:22:c4:f0:41:9d:7e:64:ab:61:
fd:14:9d:a4:38:4e:f0:85:5a:b5:2c:d2:d9:72:12:
10:70:ac:e9:3a:c6:ce:cc:67:82:cd:17:21:0a:ea:
95:b7:39:ac:2a:42:de:fd:35:b6:7a:d1:6a:16:b2:
fd:c0:5d:9b:73:68:e3:cc:cf:a2:24:99:0d:83:9c:
37:fb:84:74:1a:bc:0a:ff:f9:79:c2:3f:07:86:67:
b4:f7:7e:06:fd:22:ce:9b:a9:42:a3:fb:58:8a:79:
b5:2b:04:fe:84:b9:ac:9f:e5:ea:5f:c2:2c:a8:3c:
8c:d8:07:ce:46:a5:b3:96:a2:1e:27:84:67:53:75:
6f:86:bb:91:db:64:42:53:fe:49:25:6a:a2:de:5b:
0e:84:ce:52:ae:f0:17:02:f1:f7:7e:94:02:c2:c7:
45:f6:cf:89:30:f8:46:a6:44:b5:9a:73:25:36:65:
08:db:33:12:f0:8b:51:88:19:cd:c6:92:48:51:24:
cb:a8:73:68:8b:13:e6:27:69:87:16:71:66:23:b4:
43:05:52:7d:c3:80:5a:94:99:02:64:99:5e:5b:83:
88:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:26:E9:FA:F5:01:58:E4:48:71:75:4B:9F:7D:E7:08:A8:FD:A1:BA
X509v3 Authority Key Identifier:
keyid:AF:30:38:A7:17:B1:54:E1:CF:A4:71:16:83:2D:A2:6F:28:B2:A3:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/kibp-vUBWORIcXVLn33nCKj9obo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.22.32.0/20
Signature Algorithm: sha256WithRSAEncryption
22:af:2b:02:7f:43:ac:ee:22:b1:a0:c6:e7:5f:98:c4:27:c1:
65:fa:00:54:18:36:57:88:ad:c1:23:3c:e2:d4:8a:59:a5:a6:
fd:a5:fe:58:7e:43:15:d0:c1:63:ee:6b:29:2e:3f:d6:ec:0d:
b6:e1:5d:b8:9b:8c:e3:ae:3c:dd:de:7a:c6:f0:71:2e:2b:c4:
86:86:b0:75:d6:9e:8e:cf:65:24:8d:6f:39:f6:fd:bf:f3:cb:
ec:c5:77:85:8b:90:14:a1:93:80:8d:77:53:8b:92:93:f1:1b:
13:77:79:df:1d:0c:64:c7:63:d9:34:fa:2e:37:26:be:2d:aa:
76:3a:a7:5a:bb:0b:64:1a:09:4c:b0:57:85:8e:57:82:a2:d0:
84:9c:0e:1f:38:6d:01:2e:5f:b0:79:82:9c:48:1c:2a:61:61:
26:42:48:59:df:05:9a:9c:c6:62:7a:70:f6:7a:74:b0:ca:9e:
18:d0:52:60:0d:c1:26:54:62:c1:38:05:ca:04:a5:bb:52:e6:
47:c4:af:fe:7b:67:98:7b:4f:31:61:a9:29:ae:8f:f5:92:4a:
7c:3c:d5:ce:a5:76:f3:f9:29:10:80:23:f2:86:13:05:f5:33:
a7:44:17:0c:60:b5:8a:08:92:63:1c:e0:bb:18:d7:46:17:61:
cf:df:49:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECA084TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjMwMzhhNzE3YjE1NGUxY2ZhNDcxMTY4MzJkYTI2ZjI4YjJhMzA0MB4XDTIyMDEw
MTA1NTM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIyNmU5ZmFmNTAx
NThlNDQ4NzE3NTRiOWY3ZGU3MDhhOGZkYTFiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOBC8dJaM+jYwKWOdX6jil/eZEgcNOm4nYmznSFAw0EglUuQ
IsTwQZ1+ZKth/RSdpDhO8IVatSzS2XISEHCs6TrGzsxngs0XIQrqlbc5rCpC3v01
tnrRahay/cBdm3No48zPoiSZDYOcN/uEdBq8Cv/5ecI/B4ZntPd+Bv0izpupQqP7
WIp5tSsE/oS5rJ/l6l/CLKg8jNgHzkals5aiHieEZ1N1b4a7kdtkQlP+SSVqot5b
DoTOUq7wFwLx936UAsLHRfbPiTD4RqZEtZpzJTZlCNszEvCLUYgZzcaSSFEky6hz
aIsT5idphxZxZiO0QwVSfcOAWpSZAmSZXluDiM8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSSJun69QFY5EhxdUuffecIqP2hujAfBgNVHSMEGDAWgBSvMDinF7FU4c+k
cRaDLaJvKLKjBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J6QTRweGV4Vk9IUHBIRVdneTJpYnlpeW93US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvNmNmYjc4LTYzYmMtNDgyMC1iOTAzLTg2MGM0OWQwZWI2YS8x
L2tpYnAtdlVCV09SSWNYVkxuMzNuQ0tqOW9iby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
NmNmYjc4LTYzYmMtNDgyMC1iOTAzLTg2MGM0OWQwZWI2YS8xL3J6QTRweGV4Vk9I
UHBIRVdneTJpYnlpeW93US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNkWIDANBgkqhkiG9w0BAQsFAAOC
AQEAIq8rAn9DrO4isaDG51+YxCfBZfoAVBg2V4itwSM84tSKWaWm/aX+WH5DFdDB
Y+5rKS4/1uwNtuFduJuM46483d56xvBxLivEhoawddaejs9lJI1vOfb9v/PL7MV3
hYuQFKGTgI13U4uSk/EbE3d53x0MZMdj2TT6Ljcmvi2qdjqnWrsLZBoJTLBXhY5X
gqLQhJwOHzhtAS5fsHmCnEgcKmFhJkJIWd8FmpzGYnpw9np0sMqeGNBSYA3BJlRi
wTgFygSlu1LmR8Sv/ntnmHtPMWGpKa6P9ZJKfDzVzqV28/kpEIAj8oYTBfUzp0QX
DGC1igiSYxzguxjXRhdhz99JCQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:00 2025 by rpki-client