Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/762006-f158-4e5a-b956-7fb6ea89637f/1/l3olt5QEVVzvhz-Ypkj_U96nv3Q.roa
File: l3olt5QEVVzvhz-Ypkj_U96nv3Q.roa (raw, json)
Hash identifier: OKHxkgEfWuIk5hgPzs7S6BI6kZkFwQr1Vo/yac1Up1E=
Subject key identifier: 97:7A:25:B7:94:04:55:5C:EF:87:3F:98:A6:48:FF:53:DE:A7:BF:74
Certificate issuer: /CN=cd060238d0668d45a041618ac5df767f59a0c4ae
Certificate serial: 0524E3
Authority key identifier: CD:06:02:38:D0:66:8D:45:A0:41:61:8A:C5:DF:76:7F:59:A0:C4:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQYCONBmjUWgQWGKxd92f1mgxK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/762006-f158-4e5a-b956-7fb6ea89637f/1/l3olt5QEVVzvhz-Ypkj_U96nv3Q.roa
Signing time: Fri 27 May 2022 13:48:13 +0000
ROA not before: Fri 27 May 2022 13:48:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201618
IP address blocks: 185.68.223.0/24 maxlen: 24
185.68.220.0/23 maxlen: 23
185.68.220.0/24 maxlen: 24
185.68.221.0/24 maxlen: 24
185.68.222.0/24 maxlen: 24
185.68.222.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 337123 (0x524e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd060238d0668d45a041618ac5df767f59a0c4ae
Validity
Not Before: May 27 13:48:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=977a25b79404555cef873f98a648ff53dea7bf74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c3:c5:55:0f:42:46:78:cf:78:13:b8:84:3d:
13:3d:65:71:e6:73:ac:be:14:27:41:27:dd:09:5e:
2c:2b:d0:12:3e:ed:d8:d1:47:30:60:71:e2:74:1b:
fa:16:f2:44:96:8d:c4:c1:d3:54:e5:c3:62:1e:bc:
2c:98:13:c2:ce:6e:21:13:76:df:60:89:a4:bc:3c:
38:dd:98:b7:83:97:86:aa:79:38:80:ab:79:f3:0b:
50:83:11:f1:ef:8b:52:b9:f4:bf:8a:3a:c1:06:87:
d6:cf:ca:6e:e4:13:10:5a:f6:32:51:33:ba:5b:f2:
b3:7d:36:3b:66:ac:f2:d2:9d:ef:d4:dc:12:e8:f1:
db:14:f7:b7:da:66:81:6d:02:ac:82:c2:35:64:bc:
ff:2a:2b:99:68:2b:e9:b8:eb:d3:74:b3:25:75:dc:
ee:ec:8e:38:4d:64:a7:c9:f6:99:88:2d:10:ea:98:
f5:7d:ce:df:5c:f9:0e:35:63:a4:49:7f:82:59:1d:
76:d6:6c:5e:30:ac:3e:9e:14:f5:b1:91:01:27:71:
9f:4b:20:b6:b2:4b:53:5f:6e:7e:23:75:be:32:91:
d8:e1:8f:05:8e:9e:d3:af:3a:8f:f3:08:a4:fc:7f:
0a:78:bc:e8:a9:a9:96:58:a7:1e:06:76:3d:dc:52:
77:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:7A:25:B7:94:04:55:5C:EF:87:3F:98:A6:48:FF:53:DE:A7:BF:74
X509v3 Authority Key Identifier:
keyid:CD:06:02:38:D0:66:8D:45:A0:41:61:8A:C5:DF:76:7F:59:A0:C4:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQYCONBmjUWgQWGKxd92f1mgxK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/762006-f158-4e5a-b956-7fb6ea89637f/1/l3olt5QEVVzvhz-Ypkj_U96nv3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/762006-f158-4e5a-b956-7fb6ea89637f/1/zQYCONBmjUWgQWGKxd92f1mgxK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.220.0/22
Signature Algorithm: sha256WithRSAEncryption
98:df:1b:12:e1:50:d1:9c:3e:ba:30:3a:56:ca:1a:89:3a:5f:
88:a2:57:be:80:c9:0f:6c:a9:1a:74:de:fe:e7:c7:d1:da:dd:
3f:42:bb:ac:5d:93:02:f0:c0:cc:bb:6c:4b:94:1f:58:ab:14:
8f:0a:3e:a1:db:ea:b7:16:62:2a:26:a4:3a:de:ed:cd:96:38:
83:fe:60:09:7a:b6:c0:6d:8b:74:e9:0d:b6:3e:37:21:e2:9b:
eb:c7:04:df:cd:ca:2f:04:25:05:21:07:3a:c0:31:52:0e:f3:
81:2e:32:0d:99:3d:7a:9a:d3:08:de:38:c3:56:72:6e:8b:e7:
79:0c:83:95:6d:6a:53:08:39:af:29:43:00:7c:80:1e:e8:70:
39:68:bc:b9:96:eb:8d:f0:5e:fa:6d:5c:0b:c1:ce:3d:d6:2f:
8b:27:cc:f0:2b:f5:b9:7a:3d:58:21:f3:01:3d:85:11:f1:30:
c5:43:11:0d:0f:79:f8:85:11:7b:df:f8:61:99:0c:c9:fd:ab:
55:15:a8:d2:c6:2e:49:86:50:03:8a:13:7a:c4:ba:3d:4f:03:
15:0b:e6:08:b6:3e:a6:ba:f4:14:b7:5b:13:2e:39:d4:b8:7b:
9c:4c:70:df:0a:0b:7c:74:30:32:c0:cf:70:26:bf:12:b5:2b:
47:73:59:df
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDBSTjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNk
MDYwMjM4ZDA2NjhkNDVhMDQxNjE4YWM1ZGY3NjdmNTlhMGM0YWUwHhcNMjIwNTI3
MTM0ODEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NzdhMjViNzk0MDQ1
NTVjZWY4NzNmOThhNjQ4ZmY1M2RlYTdiZjc0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxMPFVQ9CRnjPeBO4hD0TPWVx5nOsvhQnQSfdCV4sK9ASPu3Y
0UcwYHHidBv6FvJElo3EwdNU5cNiHrwsmBPCzm4hE3bfYImkvDw43Zi3g5eGqnk4
gKt58wtQgxHx74tSufS/ijrBBofWz8pu5BMQWvYyUTO6W/KzfTY7Zqzy0p3v1NwS
6PHbFPe32maBbQKsgsI1ZLz/KiuZaCvpuOvTdLMlddzu7I44TWSnyfaZiC0Q6pj1
fc7fXPkONWOkSX+CWR121mxeMKw+nhT1sZEBJ3GfSyC2sktTX25+I3W+MpHY4Y8F
jp7TrzqP8wik/H8KeLzoqamWWKceBnY93FJ3awIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJd6JbeUBFVc74c/mKZI/1Pep790MB8GA1UdIwQYMBaAFM0GAjjQZo1FoEFh
isXfdn9ZoMSuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
elFZQ09OQm1qVVdnUVdHS3hkOTJmMW1neEs0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yNS83NjIwMDYtZjE1OC00ZTVhLWI5NTYtN2ZiNmVhODk2MzdmLzEv
bDNvbHQ1UUVWVnp2aHotWXBral9VOTZudjNRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS83
NjIwMDYtZjE1OC00ZTVhLWI5NTYtN2ZiNmVhODk2MzdmLzEvelFZQ09OQm1qVVdn
UVdHS3hkOTJmMW1neEs0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUTcMA0GCSqGSIb3DQEBCwUAA4IB
AQCY3xsS4VDRnD66MDpWyhqJOl+Iole+gMkPbKkadN7+58fR2t0/QrusXZMC8MDM
u2xLlB9YqxSPCj6h2+q3FmIqJqQ63u3NljiD/mAJerbAbYt06Q22Pjch4pvrxwTf
zcovBCUFIQc6wDFSDvOBLjINmT16mtMI3jjDVnJui+d5DIOVbWpTCDmvKUMAfIAe
6HA5aLy5luuN8F76bVwLwc491i+LJ8zwK/W5ej1YIfMBPYUR8TDFQxEND3n4hRF7
3/hhmQzJ/atVFajSxi5JhlADihN6xLo9TwMVC+YItj6muvQUt1sTLjnUuHucTHDf
Cgt8dDAywM9wJr8StStHc1nf
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:00:36 2025 by rpki-client