Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/e1lJrim1qBvrsq7z2NTcs54wqDk.roa
File: e1lJrim1qBvrsq7z2NTcs54wqDk.roa (raw, json)
Hash identifier: 3Z5pE9dDYbqyuMxlSRnKWgFUISWtXUFlFhDasyOcBnE=
Subject key identifier: 7B:59:49:AE:29:B5:A8:1B:EB:B2:AE:F3:D8:D4:DC:B3:9E:30:A8:39
Certificate issuer: /CN=200c70d36e013b07e4e6d8ec3ea4ee413b4aaa98
Certificate serial: 018B064281AC5E069736217A98318D4362FB
Authority key identifier: 20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/e1lJrim1qBvrsq7z2NTcs54wqDk.roa
Signing time: Fri 06 Oct 2023 18:31:43 +0000
ROA not before: Fri 06 Oct 2023 18:31:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212763
IP address blocks: 185.165.3.0/24 maxlen: 24
185.165.0.0/23 maxlen: 23
185.165.0.0/24 maxlen: 24
185.165.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:06:42:81:ac:5e:06:97:36:21:7a:98:31:8d:43:62:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=200c70d36e013b07e4e6d8ec3ea4ee413b4aaa98
Validity
Not Before: Oct 6 18:31:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b5949ae29b5a81bebb2aef3d8d4dcb39e30a839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e3:93:c2:a0:13:bf:44:ec:83:c1:27:75:f0:
a6:a1:be:06:59:ec:22:ab:1b:53:85:d8:50:51:63:
22:24:5e:98:ce:0e:68:f7:66:39:cd:05:1c:65:f4:
ba:29:b2:e9:e0:7f:39:72:45:6f:62:bc:a5:88:c8:
ed:13:7a:56:bb:fa:5a:ad:03:f5:08:24:c3:99:a1:
d5:b0:dc:b3:0e:10:72:f3:52:d5:a5:35:ba:3a:4a:
70:b1:b0:fc:bc:02:0d:5e:2d:fd:33:d1:09:74:6f:
dd:71:75:21:55:87:ca:2a:dc:9e:e5:ed:da:1a:49:
a4:96:d4:8d:a9:50:4d:9f:ab:14:70:31:72:77:4f:
cd:52:d5:24:a9:4d:72:eb:fd:50:de:11:a9:df:cc:
f5:e4:0a:69:92:02:cd:71:de:d7:83:03:f1:42:0c:
8f:ff:b4:9a:ae:db:7a:56:f5:2a:98:22:e6:84:63:
2a:9e:5e:ce:cb:25:97:05:10:12:0b:97:30:bc:40:
24:e2:b1:ba:89:85:da:c6:9e:04:49:0b:c4:ed:70:
89:13:4e:b0:48:2a:d8:61:0b:a0:25:8e:91:8d:a7:
d1:5b:1c:f3:6e:2b:d7:27:4a:9a:8e:29:8c:50:74:
27:05:24:af:68:c9:47:c4:82:0d:fc:26:e9:4f:46:
65:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:59:49:AE:29:B5:A8:1B:EB:B2:AE:F3:D8:D4:DC:B3:9E:30:A8:39
X509v3 Authority Key Identifier:
keyid:20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/e1lJrim1qBvrsq7z2NTcs54wqDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.0.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:6e:c6:4a:34:1a:62:e4:ff:49:3b:60:4b:e6:ac:d6:f2:b3:
7f:b1:6a:aa:e4:16:17:5c:aa:73:73:37:67:64:9e:fa:da:47:
b5:a7:1a:45:44:0f:3b:0d:ee:72:92:f0:91:aa:82:89:ff:dc:
36:e0:5d:fb:c4:1c:4f:97:60:47:7c:de:ee:22:27:b2:f9:e7:
95:f2:2a:98:4f:be:9f:d0:92:15:9d:5e:27:49:6a:a4:9d:54:
43:14:6a:d7:ec:6e:9e:5c:cf:03:8e:e6:2f:01:40:08:ba:e3:
bd:7a:c2:97:3a:67:23:4a:79:a0:1c:b1:89:44:20:2e:b2:b9:
70:d4:67:28:90:c1:c3:59:53:1f:9c:05:aa:36:e1:1e:3d:2f:
13:af:54:9a:b3:b5:b9:28:cf:af:2c:92:f5:31:7f:24:73:eb:
0e:6b:57:9d:25:3c:69:b6:b5:f4:db:4a:94:e9:7f:d1:8c:3f:
b0:df:05:f2:b5:ad:ba:16:ac:8c:58:df:18:33:2d:25:6c:62:
a3:d1:68:0a:30:23:6e:7f:67:40:8e:67:a4:98:3f:71:32:54:
65:64:4b:70:d4:e6:3a:ce:59:07:f0:76:42:6e:d2:c3:95:32:
54:29:ea:f4:a8:b3:fd:8e:ea:89:44:9b:ff:44:0d:09:ba:89:
0f:65:54:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsGQoGsXgaXNiF6mDGNQ2L7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMGM3MGQzNmUwMTNiMDdlNGU2ZDhlYzNlYTRlZTQxM2I0
YWFhOTgwHhcNMjMxMDA2MTgzMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjU5NDlhZTI5YjVhODFiZWJiMmFlZjNkOGQ0ZGNiMzllMzBhODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweOTwqATv0Tsg8EndfCmob4GWewi
qxtThdhQUWMiJF6Yzg5o92Y5zQUcZfS6KbLp4H85ckVvYryliMjtE3pWu/parQP1
CCTDmaHVsNyzDhBy81LVpTW6OkpwsbD8vAINXi39M9EJdG/dcXUhVYfKKtye5e3a
GkmkltSNqVBNn6sUcDFyd0/NUtUkqU1y6/1Q3hGp38z15AppkgLNcd7XgwPxQgyP
/7Sartt6VvUqmCLmhGMqnl7OyyWXBRASC5cwvEAk4rG6iYXaxp4ESQvE7XCJE06w
SCrYYQugJY6RjafRWxzzbivXJ0qajimMUHQnBSSvaMlHxIIN/CbpT0ZlBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHtZSa4ptagb67Ku89jU3LOeMKg5MB8GA1UdIwQY
MBaAFCAMcNNuATsH5ObY7D6k7kE7SqqYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNWVlMGQtNDc1Zi00MWQ3LTljMjUt
MTU4MDNmZmIxNzQ2LzEvZTFsSnJpbTFxQnZyc3E3ejJOVGNzNTR3cURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNWVlMGQtNDc1Zi00MWQ3LTljMjUtMTU4MDNmZmIxNzQ2
LzEvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaUAMA0G
CSqGSIb3DQEBCwUAA4IBAQBtbsZKNBpi5P9JO2BL5qzW8rN/sWqq5BYXXKpzczdn
ZJ762ke1pxpFRA87De5ykvCRqoKJ/9w24F37xBxPl2BHfN7uIiey+eeV8iqYT76f
0JIVnV4nSWqknVRDFGrX7G6eXM8DjuYvAUAIuuO9esKXOmcjSnmgHLGJRCAusrlw
1GcokMHDWVMfnAWqNuEePS8Tr1Sas7W5KM+vLJL1MX8kc+sOa1edJTxptrX020qU
6X/RjD+w3wXyta26FqyMWN8YMy0lbGKj0WgKMCNuf2dAjmekmD9xMlRlZEtw1OY6
zlkH8HZCbtLDlTJUKer0qLP9juqJRJv/RA0JuokPZVRL
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:34:12 2025 by rpki-client