Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/PC1y7KzyLc6i5G0z8o9mo_fN2Ak.roa
File: PC1y7KzyLc6i5G0z8o9mo_fN2Ak.roa (raw, json)
Hash identifier: 7hNswW33n3oSC5ph61V9ebO75f3Wam18zwiA8Kc9bRQ=
Subject key identifier: 3C:2D:72:EC:AC:F2:2D:CE:A2:E4:6D:33:F2:8F:66:A3:F7:CD:D8:09
Certificate issuer: /CN=1f00b0aa8924c377889e3d3b996093b87a73d0e1
Certificate serial: 018578E39EDC98095FCD6294F8437B934D55
Authority key identifier: 1F:00:B0:AA:89:24:C3:77:88:9E:3D:3B:99:60:93:B8:7A:73:D0:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwCwqokkw3eInj07mWCTuHpz0OE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/PC1y7KzyLc6i5G0z8o9mo_fN2Ak.roa
Signing time: Tue 03 Jan 2023 18:27:41 +0000
ROA not before: Tue 03 Jan 2023 18:27:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50264
IP address blocks: 185.165.22.0/24 maxlen: 24
185.165.21.0/24 maxlen: 24
185.165.20.0/24 maxlen: 24
185.165.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:78:e3:9e:dc:98:09:5f:cd:62:94:f8:43:7b:93:4d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f00b0aa8924c377889e3d3b996093b87a73d0e1
Validity
Not Before: Jan 3 18:27:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c2d72ecacf22dcea2e46d33f28f66a3f7cdd809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:65:a3:3d:f6:40:30:70:51:13:22:26:ad:c1:
24:60:15:90:1c:4d:e6:57:69:c2:d1:10:e3:09:21:
76:fa:17:bc:11:5f:e5:5c:91:72:a9:9b:ed:79:14:
8f:af:1a:93:e2:4a:37:40:3a:d9:e8:98:8e:67:0a:
56:74:99:7e:ce:ee:2d:ab:1d:a3:1a:49:48:0d:b5:
fd:ac:f3:df:11:93:f7:b8:25:33:0b:ed:16:c9:0e:
ad:1e:38:69:76:8e:17:36:3b:bc:8a:9f:8e:85:cd:
12:42:2d:17:36:4b:45:10:db:66:c6:b1:81:a8:0d:
e3:2b:9c:41:5e:b8:3d:48:69:74:12:10:2b:78:b4:
8c:d9:ee:3f:bd:b1:ee:11:db:96:39:38:e3:fd:5e:
4f:53:b7:db:3b:a0:43:8c:6b:ab:7c:da:c2:83:17:
cf:34:f9:31:6b:9e:33:b8:fa:0f:52:fd:78:bc:61:
cf:ab:a0:b0:be:df:da:81:b3:1e:b7:00:90:bd:f8:
60:b9:81:88:c8:75:f2:2d:b2:4f:d0:86:b4:2c:04:
bb:dc:ad:01:8e:09:b8:94:5d:80:24:1f:fa:b5:54:
75:e1:ef:d4:2b:74:78:b5:4b:49:28:21:dc:50:74:
b3:47:29:e9:7c:82:3c:16:c5:40:66:fc:01:22:c0:
d9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:2D:72:EC:AC:F2:2D:CE:A2:E4:6D:33:F2:8F:66:A3:F7:CD:D8:09
X509v3 Authority Key Identifier:
keyid:1F:00:B0:AA:89:24:C3:77:88:9E:3D:3B:99:60:93:B8:7A:73:D0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwCwqokkw3eInj07mWCTuHpz0OE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/PC1y7KzyLc6i5G0z8o9mo_fN2Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/HwCwqokkw3eInj07mWCTuHpz0OE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.20.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:66:3c:38:d4:ab:95:94:cb:8f:b7:3a:81:2b:b1:bc:ec:c7:
cb:89:b7:8e:4f:76:c0:3a:9a:bd:67:ef:f1:2e:48:37:f9:bc:
19:a2:e4:31:c7:81:cb:70:ac:5b:44:fc:90:80:57:cc:d5:7a:
ce:6b:59:44:f1:c9:24:91:10:f9:9d:af:47:30:d0:5e:f5:b0:
36:b2:c0:93:13:c8:c5:4f:62:74:d2:82:32:87:72:12:5a:01:
29:0c:e2:24:ef:75:0b:e2:cf:ea:dc:cf:cd:67:dc:9d:82:66:
99:bf:d4:a8:54:1c:61:47:20:73:f5:5c:41:30:e6:a8:21:93:
88:40:4f:94:7e:44:75:31:37:ed:4b:1e:22:5f:5e:8e:f2:de:
c1:9a:8f:32:62:6e:b7:b4:31:16:aa:7e:53:54:fc:3a:79:43:
70:45:f8:e3:47:0d:79:2c:eb:e2:93:dc:14:d7:63:b6:e7:fd:
2c:2d:fc:e4:45:68:d0:57:0e:c5:5f:33:46:54:28:a5:cd:b4:
57:33:cb:12:25:70:c1:a0:c7:48:1c:96:fd:f6:ef:eb:b5:cc:
0b:99:06:c8:14:76:66:35:6f:3e:ff:b4:fc:58:f3:3c:3a:44:
0d:b7:0a:4c:01:6f:ef:60:5b:86:76:6b:c4:ea:ea:d6:fb:b1:
e3:a7:10:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV4457cmAlfzWKU+EN7k01VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDBiMGFhODkyNGMzNzc4ODllM2QzYjk5NjA5M2I4N2E3
M2QwZTEwHhcNMjMwMTAzMTgyNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzJkNzJlY2FjZjIyZGNlYTJlNDZkMzNmMjhmNjZhM2Y3Y2RkODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2WjPfZAMHBREyImrcEkYBWQHE3m
V2nC0RDjCSF2+he8EV/lXJFyqZvteRSPrxqT4ko3QDrZ6JiOZwpWdJl+zu4tqx2j
GklIDbX9rPPfEZP3uCUzC+0WyQ6tHjhpdo4XNju8ip+Ohc0SQi0XNktFENtmxrGB
qA3jK5xBXrg9SGl0EhAreLSM2e4/vbHuEduWOTjj/V5PU7fbO6BDjGurfNrCgxfP
NPkxa54zuPoPUv14vGHPq6Cwvt/agbMetwCQvfhguYGIyHXyLbJP0Ia0LAS73K0B
jgm4lF2AJB/6tVR14e/UK3R4tUtJKCHcUHSzRynpfII8FsVAZvwBIsDZuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwtcuys8i3OouRtM/KPZqP3zdgJMB8GA1UdIwQY
MBaAFB8AsKqJJMN3iJ49O5lgk7h6c9DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdDd3Fva2t3M2VJbmowN21XQ1R1SHB6ME9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81NjE1ZWMtNTFjNS00YTRkLWI2Zjkt
ZTQwN2U2MDI1YTQzLzEvUEMxeTdLenlMYzZpNUcwejhvOW1vX2ZOMkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81NjE1ZWMtNTFjNS00YTRkLWI2ZjktZTQwN2U2MDI1YTQz
LzEvSHdDd3Fva2t3M2VJbmowN21XQ1R1SHB6ME9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaUUMA0G
CSqGSIb3DQEBCwUAA4IBAQAqZjw41KuVlMuPtzqBK7G87MfLibeOT3bAOpq9Z+/x
Lkg3+bwZouQxx4HLcKxbRPyQgFfM1XrOa1lE8ckkkRD5na9HMNBe9bA2ssCTE8jF
T2J00oIyh3ISWgEpDOIk73UL4s/q3M/NZ9ydgmaZv9SoVBxhRyBz9VxBMOaoIZOI
QE+UfkR1MTftSx4iX16O8t7Bmo8yYm63tDEWqn5TVPw6eUNwRfjjRw15LOvik9wU
12O25/0sLfzkRWjQVw7FXzNGVCilzbRXM8sSJXDBoMdIHJb99u/rtcwLmQbIFHZm
NW8+/7T8WPM8OkQNtwpMAW/vYFuGdmvE6urW+7HjpxA0
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:22:22 2025 by rpki-client