Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/e2ee51-1523-436e-ac75-ef6bd26a0305/1/iLC3Dbk6QsnAt7bs3XnQFRIOLfk.roa
File: iLC3Dbk6QsnAt7bs3XnQFRIOLfk.roa (raw, json)
Hash identifier: 5pQzfJArhh9Yl8clrDMD8gqg3ndnJEijDeUfUbAjeGg=
Subject key identifier: 88:B0:B7:0D:B9:3A:42:C9:C0:B7:B6:EC:DD:79:D0:15:12:0E:2D:F9
Certificate issuer: /CN=655aef3cef3d9afa027db33579f4a1fe8ad91c6f
Certificate serial: 018572FA8FBD0B215A73479CF146637AC421
Authority key identifier: 65:5A:EF:3C:EF:3D:9A:FA:02:7D:B3:35:79:F4:A1:FE:8A:D9:1C:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZVrvPO89mvoCfbM1efSh_orZHG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/e2ee51-1523-436e-ac75-ef6bd26a0305/1/iLC3Dbk6QsnAt7bs3XnQFRIOLfk.roa
Signing time: Mon 02 Jan 2023 14:55:01 +0000
ROA not before: Mon 02 Jan 2023 14:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210021
IP address blocks: 185.100.23.0/24 maxlen: 24
185.100.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:8f:bd:0b:21:5a:73:47:9c:f1:46:63:7a:c4:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=655aef3cef3d9afa027db33579f4a1fe8ad91c6f
Validity
Not Before: Jan 2 14:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88b0b70db93a42c9c0b7b6ecdd79d015120e2df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c3:16:31:65:b4:b4:3b:1f:6f:f2:0c:f4:5a:
07:4e:1b:8c:af:89:68:32:e7:c2:10:ae:31:72:30:
e4:90:0b:fb:0e:41:91:5a:a0:62:be:3c:f0:ef:e9:
35:ce:77:9a:af:49:22:be:b9:76:7b:48:4a:5d:24:
b7:11:86:85:e4:85:2d:4d:5a:24:c2:d6:3c:9b:41:
24:ee:9a:ba:c0:3f:4b:ab:c5:74:ed:f0:96:16:c6:
c0:32:0f:7f:7f:03:e2:7a:03:72:e7:a1:9d:81:d6:
1d:e1:91:24:fa:d4:ed:8a:55:20:3f:c5:d5:fc:ea:
78:be:d4:8d:ed:53:02:eb:a5:c0:fc:56:58:42:43:
64:7d:35:bd:c0:d4:ac:4e:96:7d:9f:5d:85:e8:95:
89:06:ed:76:c6:7e:98:ff:89:d9:93:1b:7f:c5:92:
92:8b:bd:35:14:0d:20:63:b3:58:c3:50:d8:aa:38:
6d:a8:e9:9c:da:16:ee:68:7e:15:ed:4e:bf:fd:55:
d1:5e:89:1d:27:4b:a8:2f:fd:d8:10:88:2f:b8:47:
2c:d9:e8:df:2a:0f:5f:4a:66:b7:c5:46:5f:2d:99:
41:6b:12:cd:a0:15:50:c4:00:2f:33:62:fa:ca:6d:
e0:ee:b5:74:dc:31:7e:43:fe:24:03:f9:4a:6f:8f:
05:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B0:B7:0D:B9:3A:42:C9:C0:B7:B6:EC:DD:79:D0:15:12:0E:2D:F9
X509v3 Authority Key Identifier:
keyid:65:5A:EF:3C:EF:3D:9A:FA:02:7D:B3:35:79:F4:A1:FE:8A:D9:1C:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZVrvPO89mvoCfbM1efSh_orZHG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e2ee51-1523-436e-ac75-ef6bd26a0305/1/iLC3Dbk6QsnAt7bs3XnQFRIOLfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e2ee51-1523-436e-ac75-ef6bd26a0305/1/ZVrvPO89mvoCfbM1efSh_orZHG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.22.0/23
Signature Algorithm: sha256WithRSAEncryption
25:8e:e1:6d:f7:ac:e3:64:d4:1f:c3:9f:65:e3:d2:43:a1:18:
b8:6d:2b:9d:c1:2f:55:fb:50:25:5f:13:1b:24:2b:48:fc:c2:
99:c0:3c:6a:3a:65:ac:e6:ea:97:ef:77:1d:5d:a6:ab:3b:55:
fd:ab:b1:15:04:50:ec:18:a7:da:d5:5f:85:e1:38:66:62:00:
4c:7c:fb:05:50:5a:cc:21:aa:3f:cb:4b:ac:3b:07:eb:e2:f5:
ae:33:08:25:14:9b:c3:05:3d:fd:ea:1d:26:31:c0:78:0a:94:
f0:06:91:8d:67:10:4a:f0:be:a9:4b:9f:86:8d:7d:3d:23:d2:
10:39:b0:1b:ba:d5:24:05:4f:49:78:36:55:0a:08:ca:b9:e7:
74:61:01:fc:9c:c6:0f:c3:3b:16:f9:0a:d1:a8:1e:2b:a8:45:
d2:95:f9:3f:6a:9f:93:79:ed:85:63:73:b3:6b:c8:79:b8:66:
91:52:78:74:46:a4:6b:7f:00:60:4a:78:63:ce:57:53:63:ea:
f1:40:78:83:66:cf:4b:79:c1:43:3d:dd:c2:bd:7b:8d:25:d1:
73:dd:1f:b1:56:10:d0:b9:b9:0d:0b:7c:04:02:71:b4:7e:90:
4e:67:73:5c:3e:2c:ec:07:60:54:ed:84:fc:97:a9:b7:b9:73:
d5:a1:b8:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+o+9CyFac0ec8UZjesQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NWFlZjNjZWYzZDlhZmEwMjdkYjMzNTc5ZjRhMWZlOGFk
OTFjNmYwHhcNMjMwMTAyMTQ1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGIwYjcwZGI5M2E0MmM5YzBiN2I2ZWNkZDc5ZDAxNTEyMGUyZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMMWMWW0tDsfb/IM9FoHThuMr4lo
MufCEK4xcjDkkAv7DkGRWqBivjzw7+k1znear0kivrl2e0hKXSS3EYaF5IUtTVok
wtY8m0Ek7pq6wD9Lq8V07fCWFsbAMg9/fwPiegNy56GdgdYd4ZEk+tTtilUgP8XV
/Op4vtSN7VMC66XA/FZYQkNkfTW9wNSsTpZ9n12F6JWJBu12xn6Y/4nZkxt/xZKS
i701FA0gY7NYw1DYqjhtqOmc2hbuaH4V7U6//VXRXokdJ0uoL/3YEIgvuEcs2ejf
Kg9fSma3xUZfLZlBaxLNoBVQxAAvM2L6ym3g7rV03DF+Q/4kA/lKb48FbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiwtw25OkLJwLe27N150BUSDi35MB8GA1UdIwQY
MBaAFGVa7zzvPZr6An2zNXn0of6K2RxvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlZydlBPODltdm9DZmJNMWVmU2hfb3JaSEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9lMmVlNTEtMTUyMy00MzZlLWFjNzUt
ZWY2YmQyNmEwMzA1LzEvaUxDM0RiazZRc25BdDdiczNYblFGUklPTGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9lMmVlNTEtMTUyMy00MzZlLWFjNzUtZWY2YmQyNmEwMzA1
LzEvWlZydlBPODltdm9DZmJNMWVmU2hfb3JaSEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWQWMA0G
CSqGSIb3DQEBCwUAA4IBAQAljuFt96zjZNQfw59l49JDoRi4bSudwS9V+1AlXxMb
JCtI/MKZwDxqOmWs5uqX73cdXaarO1X9q7EVBFDsGKfa1V+F4ThmYgBMfPsFUFrM
Iao/y0usOwfr4vWuMwglFJvDBT396h0mMcB4CpTwBpGNZxBK8L6pS5+GjX09I9IQ
ObAbutUkBU9JeDZVCgjKued0YQH8nMYPwzsW+QrRqB4rqEXSlfk/ap+Tee2FY3Oz
a8h5uGaRUnh0RqRrfwBgSnhjzldTY+rxQHiDZs9LecFDPd3CvXuNJdFz3R+xVhDQ
ubkNC3wEAnG0fpBOZ3NcPizsB2BU7YT8l6m3uXPVobiL
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:50:13 2025 by rpki-client