Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/ly2GQVnMzutI8RcRxyK9YeakDIo.roa
File: ly2GQVnMzutI8RcRxyK9YeakDIo.roa (raw, json)
Hash identifier: 1VvjGDI4aAZDWVQZL8PM5JvN61ea23dTDeHcnB6qfy4=
Subject key identifier: 97:2D:86:41:59:CC:CE:EB:48:F1:17:11:C7:22:BD:61:E6:A4:0C:8A
Certificate issuer: /CN=1f00b0aa8924c377889e3d3b996093b87a73d0e1
Certificate serial: 0185737AB976F298BFCDB83D0760913A459F
Authority key identifier: 1F:00:B0:AA:89:24:C3:77:88:9E:3D:3B:99:60:93:B8:7A:73:D0:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwCwqokkw3eInj07mWCTuHpz0OE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/ly2GQVnMzutI8RcRxyK9YeakDIo.roa
Signing time: Mon 02 Jan 2023 17:15:00 +0000
ROA not before: Mon 02 Jan 2023 17:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50264
IP address blocks: 185.165.22.0/24 maxlen: 24
185.165.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:b9:76:f2:98:bf:cd:b8:3d:07:60:91:3a:45:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f00b0aa8924c377889e3d3b996093b87a73d0e1
Validity
Not Before: Jan 2 17:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=972d864159ccceeb48f11711c722bd61e6a40c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:36:d8:5c:09:37:91:d0:c5:ed:ff:ca:61:3f:
d5:ce:61:ad:1f:b7:ae:0e:4f:b6:4b:0c:1c:56:dc:
d3:bd:21:23:d8:f9:5e:a6:27:c7:03:56:a8:fd:6d:
e0:6f:e5:f8:22:16:f4:78:8f:32:b1:bc:01:37:cf:
2a:f4:79:9c:d2:a7:c8:e5:3e:b4:c1:8f:be:0c:4a:
a1:ce:ee:7e:f6:2e:9a:d5:f2:c8:a7:66:a2:4e:fc:
10:02:00:5c:08:4c:e8:e3:07:a2:b3:ae:08:b9:d9:
aa:13:11:e6:0f:db:05:0b:1c:5c:fc:52:4e:62:3e:
7d:7d:47:a1:11:55:83:1f:3e:ba:1e:a5:50:12:1f:
f7:02:9f:58:c5:a0:43:44:f4:de:8f:14:0d:7f:9d:
b7:ab:03:84:9b:bf:4d:71:4c:1b:ab:3f:42:87:b5:
c1:8d:56:fe:55:07:54:29:ed:1a:06:da:79:b1:a0:
ba:14:23:66:ad:12:12:69:fc:ce:be:63:8f:26:7e:
52:70:ec:ec:45:ec:6f:b9:be:5c:fe:51:9c:1c:75:
6e:7f:86:52:76:7f:3b:4a:df:57:ba:d5:d2:0e:94:
6e:13:55:2b:5c:5d:cb:3d:0c:52:65:ce:82:cb:e5:
ab:87:dc:4f:24:7a:da:e9:47:c9:ce:c9:b5:60:9b:
1a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2D:86:41:59:CC:CE:EB:48:F1:17:11:C7:22:BD:61:E6:A4:0C:8A
X509v3 Authority Key Identifier:
keyid:1F:00:B0:AA:89:24:C3:77:88:9E:3D:3B:99:60:93:B8:7A:73:D0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwCwqokkw3eInj07mWCTuHpz0OE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/ly2GQVnMzutI8RcRxyK9YeakDIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/HwCwqokkw3eInj07mWCTuHpz0OE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.22.0/23
Signature Algorithm: sha256WithRSAEncryption
af:d0:3d:a8:7f:7e:74:8b:aa:e3:6c:66:c1:d5:d2:e4:92:c0:
ef:d3:21:d4:da:61:22:ec:23:ca:11:31:e0:47:68:e7:ee:cf:
1e:89:19:9e:46:33:73:c7:4e:1b:7b:f7:44:64:8d:fd:02:d0:
2b:22:8a:97:cc:40:bf:91:bc:de:b5:d4:a8:72:0a:5b:ee:49:
38:4e:37:98:34:95:68:91:58:ee:34:09:0b:7c:46:6e:a4:f8:
fa:64:36:0c:27:b9:f2:b0:a3:af:5f:33:9b:94:2c:40:8b:d5:
f7:33:a1:ce:e6:9e:7b:59:3b:98:de:60:a5:0a:64:52:51:6e:
8b:e7:11:f7:46:a3:5b:b1:29:6f:cf:ec:e7:03:33:bd:10:b1:
01:fa:f5:7c:81:e1:1a:cb:f4:ce:c5:07:2d:81:53:5f:9b:36:
c0:fb:5c:ac:d2:a4:fd:aa:cc:fa:eb:b3:28:ae:58:fb:48:fe:
2e:5a:8b:67:b4:1b:e7:70:2c:6a:67:01:99:6d:b6:ec:66:56:
3a:8b:87:7b:86:87:b5:d1:d3:c2:91:f6:53:49:f4:c7:a8:9b:
e5:df:4b:7f:03:39:1d:4d:1a:9b:a4:05:28:ae:d5:88:ec:7a:
c1:a3:b9:53:18:c9:72:b7:d9:60:1a:9d:8f:d3:b0:dc:8f:ea:
ca:e7:89:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzerl28pi/zbg9B2CROkWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDBiMGFhODkyNGMzNzc4ODllM2QzYjk5NjA5M2I4N2E3
M2QwZTEwHhcNMjMwMTAyMTcxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzJkODY0MTU5Y2NjZWViNDhmMTE3MTFjNzIyYmQ2MWU2YTQwYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjbYXAk3kdDF7f/KYT/VzmGtH7eu
Dk+2SwwcVtzTvSEj2PlepifHA1ao/W3gb+X4Ihb0eI8ysbwBN88q9Hmc0qfI5T60
wY++DEqhzu5+9i6a1fLIp2aiTvwQAgBcCEzo4weis64IudmqExHmD9sFCxxc/FJO
Yj59fUehEVWDHz66HqVQEh/3Ap9YxaBDRPTejxQNf523qwOEm79NcUwbqz9Ch7XB
jVb+VQdUKe0aBtp5saC6FCNmrRISafzOvmOPJn5ScOzsRexvub5c/lGcHHVuf4ZS
dn87St9XutXSDpRuE1UrXF3LPQxSZc6Cy+Wrh9xPJHra6UfJzsm1YJsaNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcthkFZzM7rSPEXEccivWHmpAyKMB8GA1UdIwQY
MBaAFB8AsKqJJMN3iJ49O5lgk7h6c9DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdDd3Fva2t3M2VJbmowN21XQ1R1SHB6ME9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81NjE1ZWMtNTFjNS00YTRkLWI2Zjkt
ZTQwN2U2MDI1YTQzLzEvbHkyR1FWbk16dXRJOFJjUnh5SzlZZWFrRElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81NjE1ZWMtNTFjNS00YTRkLWI2ZjktZTQwN2U2MDI1YTQz
LzEvSHdDd3Fva2t3M2VJbmowN21XQ1R1SHB6ME9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuaUWMA0G
CSqGSIb3DQEBCwUAA4IBAQCv0D2of350i6rjbGbB1dLkksDv0yHU2mEi7CPKETHg
R2jn7s8eiRmeRjNzx04be/dEZI39AtArIoqXzEC/kbzetdSocgpb7kk4TjeYNJVo
kVjuNAkLfEZupPj6ZDYMJ7nysKOvXzOblCxAi9X3M6HO5p57WTuY3mClCmRSUW6L
5xH3RqNbsSlvz+znAzO9ELEB+vV8geEay/TOxQctgVNfmzbA+1ys0qT9qsz667Mo
rlj7SP4uWotntBvncCxqZwGZbbbsZlY6i4d7hoe10dPCkfZTSfTHqJvl30t/Azkd
TRqbpAUortWI7HrBo7lTGMlyt9lgGp2P07Dcj+rK54mG
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:26:07 2025 by rpki-client