Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/3lwLyZV0bNQsF3CdDa_tLVEuIfY.roa
File: 3lwLyZV0bNQsF3CdDa_tLVEuIfY.roa (raw, json)
Hash identifier: +OOew0a8/cez/fyhGqxGSobgscu5NLFaqAJXpJkrJtw=
Subject key identifier: DE:5C:0B:C9:95:74:6C:D4:2C:17:70:9D:0D:AF:ED:2D:51:2E:21:F6
Certificate issuer: /CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Certificate serial: 0F82B50E
Authority key identifier: 29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/3lwLyZV0bNQsF3CdDa_tLVEuIfY.roa
Signing time: Mon 27 Jun 2022 20:37:31 +0000
ROA not before: Mon 27 Jun 2022 20:37:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205371
IP address blocks: 185.220.112.0/24 maxlen: 24
185.220.115.0/24 maxlen: 24
185.220.113.0/24 maxlen: 24
185.220.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 260224270 (0xf82b50e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Validity
Not Before: Jun 27 20:37:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de5c0bc995746cd42c17709d0dafed2d512e21f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ad:a0:26:59:a1:4e:62:81:29:cc:10:35:9f:
73:07:42:3d:1b:6e:76:b1:ed:02:33:e8:be:a3:da:
c5:c0:5a:df:d7:9e:a8:89:ce:60:4a:36:10:5b:2b:
50:73:df:7a:ef:00:78:b4:92:37:07:51:b1:de:69:
28:2b:95:d7:8d:41:09:29:e6:17:19:95:9f:d9:99:
16:2a:9a:89:ea:a6:6c:d2:88:10:d9:27:d8:9e:81:
b6:65:fd:5e:5a:e4:35:de:93:13:d7:d7:a9:f7:39:
50:70:e8:08:a7:71:1b:32:d3:ab:89:b4:3f:96:fd:
47:dc:9f:e0:73:b0:d1:bf:52:46:1f:24:6c:76:8b:
9b:62:d5:3d:ff:1d:9d:1e:a8:30:1f:bd:bd:50:34:
73:ed:f5:54:52:f3:67:d4:db:02:a7:65:7f:52:07:
50:ad:b1:8e:c6:e7:e5:3e:8d:43:dc:2c:9e:54:9a:
ce:48:fe:33:00:fb:85:ee:a1:7e:4c:d3:cb:cd:bc:
ac:ce:38:c3:99:d9:ae:6c:40:fd:18:96:5c:79:54:
de:b5:35:26:f1:dc:1f:7d:70:f8:dd:4d:54:56:9b:
57:c1:53:29:35:82:ee:48:bd:36:d2:14:cc:17:8d:
7d:a3:e7:a6:c2:80:c1:9c:8e:c7:6e:23:87:d9:ac:
2e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:5C:0B:C9:95:74:6C:D4:2C:17:70:9D:0D:AF:ED:2D:51:2E:21:F6
X509v3 Authority Key Identifier:
keyid:29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/3lwLyZV0bNQsF3CdDa_tLVEuIfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/KVtqNKIQm6fE2X92x0Rm8UwzM-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.112.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:7f:b7:ef:59:b9:da:ba:4f:85:ad:71:63:c6:f8:f0:b3:42:
fd:a5:32:f3:79:fe:25:83:89:37:f3:11:87:1a:94:c1:fe:e3:
16:3c:68:cc:57:e3:9b:39:d4:cb:ff:d8:47:e8:63:50:61:5a:
34:60:46:2e:a1:5c:6e:7c:c2:4a:95:d8:cb:ca:70:78:89:0f:
8a:c2:4b:af:e3:02:be:6a:36:95:b3:42:da:09:f2:24:98:81:
12:cf:09:f8:df:c1:f2:ff:39:62:90:6d:5c:86:dd:73:a2:5a:
09:60:94:db:4b:97:c9:42:7a:29:0d:16:73:9f:1e:72:54:cc:
9e:a9:24:f3:fe:6d:8c:91:97:79:7b:c5:7f:e5:0e:6a:2a:f1:
1d:f4:69:ae:db:5e:cb:20:9c:9e:69:b0:51:0d:4f:97:0f:86:
2d:af:a9:d2:57:05:92:23:d1:ca:49:d5:71:60:81:74:b1:89:
5f:43:e0:5e:56:62:0e:d4:39:54:a9:c8:e0:1a:e2:7d:b6:82:
cb:98:37:8e:a8:1d:63:6c:a3:7f:18:ba:4e:68:b0:4c:35:6f:
5f:77:1e:ea:1c:45:4c:81:49:75:fd:bd:ec:0e:46:61:fe:f1:
23:76:97:09:a1:77:37:80:8f:4c:bd:1f:14:2d:2a:2e:5e:83:
54:f7:40:8f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIED4K1DjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTViNmEzNGEyMTA5YmE3YzRkOTdmNzZjNzQ0NjZmMTRjMzMzM2UwMB4XDTIyMDYy
NzIwMzczMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU1YzBiYzk5NTc0
NmNkNDJjMTc3MDlkMGRhZmVkMmQ1MTJlMjFmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANatoCZZoU5igSnMEDWfcwdCPRtudrHtAjPovqPaxcBa39ee
qInOYEo2EFsrUHPfeu8AeLSSNwdRsd5pKCuV141BCSnmFxmVn9mZFiqaieqmbNKI
ENkn2J6BtmX9XlrkNd6TE9fXqfc5UHDoCKdxGzLTq4m0P5b9R9yf4HOw0b9SRh8k
bHaLm2LVPf8dnR6oMB+9vVA0c+31VFLzZ9TbAqdlf1IHUK2xjsbn5T6NQ9wsnlSa
zkj+MwD7he6hfkzTy828rM44w5nZrmxA/RiWXHlU3rU1JvHcH31w+N1NVFabV8FT
KTWC7ki9NtIUzBeNfaPnpsKAwZyOx24jh9msLlMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTeXAvJlXRs1CwXcJ0Nr+0tUS4h9jAfBgNVHSMEGDAWgBQpW2o0ohCbp8TZ
f3bHRGbxTDMz4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tWdHFOS0lRbTZmRTJYOTJ4MFJtOFV3ek0tQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvZTliMTczLTkyYjYtNDIxMC1hOGUwLWI3OTdhNDQwNmYzMC8x
LzNsd0x5WlYwYk5Rc0YzQ2REYV90TFZFdUlmWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
ZTliMTczLTkyYjYtNDIxMC1hOGUwLWI3OTdhNDQwNmYzMC8xL0tWdHFOS0lRbTZm
RTJYOTJ4MFJtOFV3ek0tQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnccDANBgkqhkiG9w0BAQsFAAOC
AQEAtn+371m52rpPha1xY8b48LNC/aUy83n+JYOJN/MRhxqUwf7jFjxozFfjmznU
y//YR+hjUGFaNGBGLqFcbnzCSpXYy8pweIkPisJLr+MCvmo2lbNC2gnyJJiBEs8J
+N/B8v85YpBtXIbdc6JaCWCU20uXyUJ6KQ0Wc58eclTMnqkk8/5tjJGXeXvFf+UO
airxHfRprtteyyCcnmmwUQ1Plw+GLa+p0lcFkiPRyknVcWCBdLGJX0PgXlZiDtQ5
VKnI4BrifbaCy5g3jqgdY2yjfxi6TmiwTDVvX3ce6hxFTIFJdf297A5GYf7xI3aX
CaF3N4CPTL0fFC0qLl6DVPdAjw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:30 2025 by rpki-client