Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/7efb35-9787-46f0-b799-d5c211eb3956/1/KnvHU7rOLFSw1dEZzrEkq1a8zC8.roa
File: KnvHU7rOLFSw1dEZzrEkq1a8zC8.roa (raw, json)
Hash identifier: 6244l/JjJ3ILrlZo7uRtmt5K6malrgh8R2OMT2eO4AM=
Subject key identifier: 2A:7B:C7:53:BA:CE:2C:54:B0:D5:D1:19:CE:B1:24:AB:56:BC:CC:2F
Certificate issuer: /CN=98fb7f08f956d3af95719c537fb3f9b7e33006b3
Certificate serial: 01857195920AE0FCDDBC78EC4EF88502CCFA
Authority key identifier: 98:FB:7F:08:F9:56:D3:AF:95:71:9C:53:7F:B3:F9:B7:E3:30:06:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mPt_CPlW06-VcZxTf7P5t-MwBrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/7efb35-9787-46f0-b799-d5c211eb3956/1/KnvHU7rOLFSw1dEZzrEkq1a8zC8.roa
Signing time: Mon 02 Jan 2023 08:25:05 +0000
ROA not before: Mon 02 Jan 2023 08:25:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202213
IP address blocks: 185.112.228.0/22 maxlen: 22
185.112.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:92:0a:e0:fc:dd:bc:78:ec:4e:f8:85:02:cc:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98fb7f08f956d3af95719c537fb3f9b7e33006b3
Validity
Not Before: Jan 2 08:25:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a7bc753bace2c54b0d5d119ceb124ab56bccc2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:25:ab:b6:35:02:4b:6b:92:f0:b2:3e:aa:88:
b5:15:03:7f:b1:3a:b9:0b:92:ae:84:99:01:49:43:
c1:c8:1a:72:c8:3f:5c:5a:85:7c:59:2e:21:a7:57:
d3:9e:1e:6f:09:0b:fc:2e:e3:a2:28:5b:4f:7b:40:
88:25:48:cc:68:1a:b5:fc:74:30:eb:17:c3:e8:ba:
c4:6e:3c:60:59:f4:43:b8:c7:19:7a:ed:38:41:03:
1b:03:3e:bc:55:60:84:1c:40:58:1b:39:25:5c:63:
b4:b9:f8:a9:a4:9a:e3:fd:60:e1:e2:34:e7:9a:15:
e1:da:74:70:f4:8a:4a:79:99:57:74:c9:68:f4:90:
3a:65:41:da:46:20:b8:66:a6:42:98:9f:64:ce:cb:
66:14:a9:4d:42:6d:72:18:7e:a4:15:2a:34:ca:02:
8b:84:6c:8e:cc:32:25:c3:96:45:3b:f5:5a:9e:ad:
c7:99:0c:89:db:1c:e9:11:6d:4a:8f:2f:aa:02:35:
25:22:83:f0:85:c5:c0:4f:9a:d2:d3:49:08:7e:31:
0e:6e:4a:4d:60:dd:24:72:3a:14:df:17:3e:52:62:
fb:a4:87:35:17:b0:12:cc:d0:4d:a3:95:b6:49:ee:
a5:12:50:6c:cc:39:a5:5a:5e:1b:89:c5:da:7f:bd:
e4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7B:C7:53:BA:CE:2C:54:B0:D5:D1:19:CE:B1:24:AB:56:BC:CC:2F
X509v3 Authority Key Identifier:
keyid:98:FB:7F:08:F9:56:D3:AF:95:71:9C:53:7F:B3:F9:B7:E3:30:06:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mPt_CPlW06-VcZxTf7P5t-MwBrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7efb35-9787-46f0-b799-d5c211eb3956/1/KnvHU7rOLFSw1dEZzrEkq1a8zC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7efb35-9787-46f0-b799-d5c211eb3956/1/mPt_CPlW06-VcZxTf7P5t-MwBrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.228.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:a1:d8:4f:6d:b0:25:65:52:b0:de:92:ba:4b:a1:f3:c4:53:
95:a4:27:d6:bf:66:30:3c:02:c9:44:73:26:4b:bc:ac:79:f7:
6b:85:b2:ea:bd:ab:fa:69:fd:3e:da:ee:74:b7:f2:0e:7c:8c:
05:13:63:03:fb:28:ba:be:87:a4:10:22:ef:4a:b0:a7:75:0f:
98:9b:9d:da:11:39:12:71:e6:08:7c:8c:14:43:7c:77:e6:6a:
44:14:68:54:dd:5b:9a:8d:ad:0b:84:91:a0:c8:98:66:58:3c:
df:70:aa:4d:ba:f6:ab:fe:4e:33:96:12:41:0e:1e:77:8f:4c:
08:bd:de:b1:f6:76:87:71:61:66:ca:03:ce:72:69:c9:39:32:
f6:f1:5d:70:37:51:0b:24:51:11:98:a5:2e:ce:70:9c:91:d9:
0d:5a:30:9e:a0:83:4e:a3:25:b0:01:8d:02:b9:cf:53:1e:1e:
d8:3e:28:0c:e0:af:09:d3:cf:69:1f:c6:e9:64:46:ae:e1:fa:
08:73:47:49:18:99:9d:37:d4:59:d8:2f:1d:31:84:67:b3:ae:
f9:38:5d:79:10:37:07:40:01:7a:d1:7b:85:74:ba:e4:dc:e3:
50:fe:02:1f:b2:76:1c:04:8b:26:12:93:60:ba:cf:62:43:cd:
87:a0:d7:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlZIK4PzdvHjsTviFAsz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZmI3ZjA4Zjk1NmQzYWY5NTcxOWM1MzdmYjNmOWI3ZTMz
MDA2YjMwHhcNMjMwMTAyMDgyNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdiYzc1M2JhY2UyYzU0YjBkNWQxMTljZWIxMjRhYjU2YmNjYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyWrtjUCS2uS8LI+qoi1FQN/sTq5
C5KuhJkBSUPByBpyyD9cWoV8WS4hp1fTnh5vCQv8LuOiKFtPe0CIJUjMaBq1/HQw
6xfD6LrEbjxgWfRDuMcZeu04QQMbAz68VWCEHEBYGzklXGO0ufippJrj/WDh4jTn
mhXh2nRw9IpKeZlXdMlo9JA6ZUHaRiC4ZqZCmJ9kzstmFKlNQm1yGH6kFSo0ygKL
hGyOzDIlw5ZFO/Vanq3HmQyJ2xzpEW1Kjy+qAjUlIoPwhcXAT5rS00kIfjEObkpN
YN0kcjoU3xc+UmL7pIc1F7ASzNBNo5W2Se6lElBszDmlWl4bicXaf73k9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCp7x1O6zixUsNXRGc6xJKtWvMwvMB8GA1UdIwQY
MBaAFJj7fwj5VtOvlXGcU3+z+bfjMAazMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVB0X0NQbFcwNi1WY1p4VGY3UDV0LU13QnJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83ZWZiMzUtOTc4Ny00NmYwLWI3OTkt
ZDVjMjExZWIzOTU2LzEvS252SFU3ck9MRlN3MWRFWnpyRWtxMWE4ekM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83ZWZiMzUtOTc4Ny00NmYwLWI3OTktZDVjMjExZWIzOTU2
LzEvbVB0X0NQbFcwNi1WY1p4VGY3UDV0LU13QnJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXDkMA0G
CSqGSIb3DQEBCwUAA4IBAQArodhPbbAlZVKw3pK6S6HzxFOVpCfWv2YwPALJRHMm
S7ysefdrhbLqvav6af0+2u50t/IOfIwFE2MD+yi6voekECLvSrCndQ+Ym53aETkS
ceYIfIwUQ3x35mpEFGhU3Vuaja0LhJGgyJhmWDzfcKpNuvar/k4zlhJBDh53j0wI
vd6x9naHcWFmygPOcmnJOTL28V1wN1ELJFERmKUuznCckdkNWjCeoINOoyWwAY0C
uc9THh7YPigM4K8J089pH8bpZEau4foIc0dJGJmdN9RZ2C8dMYRns675OF15EDcH
QAF60XuFdLrk3ONQ/gIfsnYcBIsmEpNgus9iQ82HoNfl
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:43:24 2025 by rpki-client