Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/00849e-d8e6-4bb1-ad30-ad8bc8bc7967/1/kpp_RzZfdxHat-cw2iqcjIAP7Go.roa
File: kpp_RzZfdxHat-cw2iqcjIAP7Go.roa (raw, json)
Hash identifier: G60CgxS6msm9k/h4in/VcXnTUKvAEsxHRfIHZ78Jgfs=
Subject key identifier: 92:9A:7F:47:36:5F:77:11:DA:B7:E7:30:DA:2A:9C:8C:80:0F:EC:6A
Certificate issuer: /CN=7a17259a863c3d637d457e119b750df95e003fd6
Certificate serial: 01856E6FB30A26420CEDD0E5873C4343BAEA
Authority key identifier: 7A:17:25:9A:86:3C:3D:63:7D:45:7E:11:9B:75:0D:F9:5E:00:3F:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ehclmoY8PWN9RX4Rm3UN-V4AP9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/00849e-d8e6-4bb1-ad30-ad8bc8bc7967/1/kpp_RzZfdxHat-cw2iqcjIAP7Go.roa
Signing time: Sun 01 Jan 2023 17:44:52 +0000
ROA not before: Sun 01 Jan 2023 17:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 185.222.228.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:b3:0a:26:42:0c:ed:d0:e5:87:3c:43:43:ba:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a17259a863c3d637d457e119b750df95e003fd6
Validity
Not Before: Jan 1 17:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=929a7f47365f7711dab7e730da2a9c8c800fec6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9e:c0:3d:36:af:21:35:b0:c9:04:9a:eb:31:
ea:d2:42:33:38:4b:1f:81:b9:fb:5e:b8:2b:73:05:
25:d8:67:be:5d:af:de:06:ec:78:1d:db:26:d2:d1:
86:35:e5:be:6f:24:01:56:da:8d:fa:47:ad:30:b6:
5d:f6:0c:ef:43:cd:cd:07:bd:1f:fb:9d:c4:27:a5:
5f:a5:23:f7:0d:79:1a:d2:ec:f9:0d:e9:ab:cb:cc:
47:63:d4:f2:36:a8:63:e1:75:e2:53:0a:39:90:b5:
35:db:1b:79:8b:d1:f2:52:8a:6d:13:dd:2b:74:34:
07:97:96:e0:ad:98:13:1f:3e:b2:9d:82:c2:45:78:
6d:64:0c:92:38:eb:ba:19:91:51:38:8b:36:a9:98:
86:1e:e3:37:51:f6:0c:f9:63:2a:f5:19:bb:b6:17:
be:fa:50:ed:e6:a0:90:a1:2b:a3:fa:de:81:4b:45:
1d:ba:46:8b:00:dc:36:9b:70:ba:73:ea:39:4f:60:
ab:30:80:e3:2e:b4:5e:c4:38:1f:74:e4:3a:76:a5:
71:44:2a:77:c2:74:21:88:70:b2:7b:82:42:0b:c0:
4f:77:1f:e6:a1:6b:b4:82:bf:35:4c:2e:44:fd:5f:
89:a4:7e:e6:4f:6e:87:0d:f7:b7:54:8f:8f:9c:54:
13:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9A:7F:47:36:5F:77:11:DA:B7:E7:30:DA:2A:9C:8C:80:0F:EC:6A
X509v3 Authority Key Identifier:
keyid:7A:17:25:9A:86:3C:3D:63:7D:45:7E:11:9B:75:0D:F9:5E:00:3F:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehclmoY8PWN9RX4Rm3UN-V4AP9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/00849e-d8e6-4bb1-ad30-ad8bc8bc7967/1/kpp_RzZfdxHat-cw2iqcjIAP7Go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/00849e-d8e6-4bb1-ad30-ad8bc8bc7967/1/ehclmoY8PWN9RX4Rm3UN-V4AP9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.228.0/22
Signature Algorithm: sha256WithRSAEncryption
80:13:9d:95:c3:20:26:3e:d7:00:37:71:a2:42:2e:4c:52:77:
9e:45:eb:ac:48:4b:b4:a2:67:a2:14:a3:96:cb:af:78:cf:fa:
16:9e:21:df:64:1f:b0:f9:d7:f7:a1:25:55:e5:80:a9:7a:08:
5a:ac:a2:ee:f3:16:d1:76:b2:99:52:d1:dc:06:34:5a:d6:00:
43:99:04:72:c8:93:65:cc:07:86:38:3a:24:ec:f0:5f:be:95:
a7:a3:e0:b6:c9:df:d2:6d:ad:5c:6a:27:86:42:f8:b0:5e:f6:
b4:5e:20:57:9f:33:e6:0b:23:d6:38:30:f3:86:dc:06:6b:e0:
4f:44:a4:90:36:92:39:a1:f4:15:57:50:31:0f:9f:c5:5c:9c:
57:88:ab:c0:f1:48:bd:e4:75:bb:1e:33:9b:ea:4f:09:53:48:
ac:07:9a:f2:56:af:98:c9:e3:b4:ed:80:d8:35:58:90:cb:66:
62:c7:9d:88:9d:f1:8a:ea:d7:80:ae:c5:8f:1b:b5:f7:db:cb:
7c:08:20:b5:f5:26:d8:5b:66:b3:0a:b9:1b:e9:2d:ae:0a:26:
42:d3:dd:80:26:39:f5:00:4f:c5:61:0b:2e:34:dc:d7:1a:60:
a7:42:63:6c:4a:f0:a1:e7:42:0c:17:dd:0f:a0:f7:f6:1d:3a:
4c:2f:49:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub7MKJkIM7dDlhzxDQ7rqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTcyNTlhODYzYzNkNjM3ZDQ1N2UxMTliNzUwZGY5NWUw
MDNmZDYwHhcNMjMwMTAxMTc0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjlhN2Y0NzM2NWY3NzExZGFiN2U3MzBkYTJhOWM4YzgwMGZlYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ7APTavITWwyQSa6zHq0kIzOEsf
gbn7XrgrcwUl2Ge+Xa/eBux4Hdsm0tGGNeW+byQBVtqN+ketMLZd9gzvQ83NB70f
+53EJ6VfpSP3DXka0uz5Demry8xHY9TyNqhj4XXiUwo5kLU12xt5i9HyUoptE90r
dDQHl5bgrZgTHz6ynYLCRXhtZAySOOu6GZFROIs2qZiGHuM3UfYM+WMq9Rm7the+
+lDt5qCQoSuj+t6BS0UdukaLANw2m3C6c+o5T2CrMIDjLrRexDgfdOQ6dqVxRCp3
wnQhiHCye4JCC8BPdx/moWu0gr81TC5E/V+JpH7mT26HDfe3VI+PnFQTXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJKaf0c2X3cR2rfnMNoqnIyAD+xqMB8GA1UdIwQY
MBaAFHoXJZqGPD1jfUV+EZt1DfleAD/WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhjbG1vWThQV045Ulg0Um0zVU4tVjRBUDlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wMDg0OWUtZDhlNi00YmIxLWFkMzAt
YWQ4YmM4YmM3OTY3LzEva3BwX1J6WmZkeEhhdC1jdzJpcWNqSUFQN0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wMDg0OWUtZDhlNi00YmIxLWFkMzAtYWQ4YmM4YmM3OTY3
LzEvZWhjbG1vWThQV045Ulg0Um0zVU4tVjRBUDlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud7kMA0G
CSqGSIb3DQEBCwUAA4IBAQCAE52VwyAmPtcAN3GiQi5MUneeReusSEu0omeiFKOW
y694z/oWniHfZB+w+df3oSVV5YCpegharKLu8xbRdrKZUtHcBjRa1gBDmQRyyJNl
zAeGODok7PBfvpWno+C2yd/Sba1caieGQviwXva0XiBXnzPmCyPWODDzhtwGa+BP
RKSQNpI5ofQVV1AxD5/FXJxXiKvA8Ui95HW7HjOb6k8JU0isB5ryVq+YyeO07YDY
NViQy2Zix52InfGK6teArsWPG7X328t8CCC19SbYW2azCrkb6S2uCiZC092AJjn1
AE/FYQsuNNzXGmCnQmNsSvCh50IMF90PoPf2HTpML0kz
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:50:49 2025 by rpki-client