Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/iyR-9PhBe-e__aH9zaWxPSSMVZE.roa
File: iyR-9PhBe-e__aH9zaWxPSSMVZE.roa (raw, json)
Hash identifier: bnbBZSF0q86iArr6ryICKDjS/Ffkn+YWIEERj628K8o=
Subject key identifier: 8B:24:7E:F4:F8:41:7B:E7:BF:FD:A1:FD:CD:A5:B1:3D:24:8C:55:91
Certificate issuer: /CN=ca0c2dacafdfa53997ed3b0a70dfbc270a933bf4
Certificate serial: 322CAFB5
Authority key identifier: CA:0C:2D:AC:AF:DF:A5:39:97:ED:3B:0A:70:DF:BC:27:0A:93:3B:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/iyR-9PhBe-e__aH9zaWxPSSMVZE.roa
Signing time: Sat 01 Jan 2022 14:56:10 +0000
ROA not before: Sat 01 Jan 2022 14:56:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15533
IP address blocks: 185.4.4.0/24 maxlen: 24
185.4.4.0/22 maxlen: 24
185.4.5.0/24 maxlen: 24
185.4.7.0/24 maxlen: 24
185.4.6.0/24 maxlen: 24
2a02:5e40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 841789365 (0x322cafb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca0c2dacafdfa53997ed3b0a70dfbc270a933bf4
Validity
Not Before: Jan 1 14:56:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b247ef4f8417be7bffda1fdcda5b13d248c5591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:90:b1:39:e2:d5:31:d8:a7:bf:f2:58:a0:5f:
d6:10:15:9a:5c:da:e8:30:66:e2:ff:5a:7c:1a:43:
37:e3:cc:4e:d9:20:36:c3:f9:8d:98:06:28:df:9d:
8e:8c:1f:5f:3f:3f:c7:97:79:52:f8:6a:b8:39:e7:
39:c4:25:37:af:66:7f:4b:b1:65:b2:eb:77:21:5f:
66:de:3c:80:25:77:02:2a:c6:52:87:34:3d:23:79:
e7:7b:15:06:97:c3:8f:4c:8d:e7:b0:cb:89:c0:8b:
a1:3a:86:88:af:32:b0:74:d7:fe:3a:9a:61:7f:d4:
65:cf:53:d5:96:2e:b0:5d:bb:d0:17:a1:ec:7e:ff:
4d:2d:a9:ce:0f:84:2c:44:9d:1e:68:3d:b0:a8:56:
8d:d6:0d:30:9d:0b:30:6c:a7:b3:9a:77:a6:c0:90:
eb:d6:f9:ef:5a:ca:42:6a:34:5b:54:29:de:14:2f:
23:14:e7:a2:cf:a7:bb:dd:c4:06:34:9e:2a:01:d1:
ce:4b:f3:2b:e6:2d:98:db:79:e7:79:d9:95:b9:c1:
c9:c1:d1:1f:61:c3:23:df:65:29:3e:74:25:ce:1c:
9b:00:3c:32:61:68:15:ee:0b:2e:ad:d3:01:cd:ef:
ac:3d:c1:6b:f0:eb:36:95:d8:9a:31:db:9e:6f:fe:
f2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:24:7E:F4:F8:41:7B:E7:BF:FD:A1:FD:CD:A5:B1:3D:24:8C:55:91
X509v3 Authority Key Identifier:
keyid:CA:0C:2D:AC:AF:DF:A5:39:97:ED:3B:0A:70:DF:BC:27:0A:93:3B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/iyR-9PhBe-e__aH9zaWxPSSMVZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.4.0/22
IPv6:
2a02:5e40::/32
Signature Algorithm: sha256WithRSAEncryption
29:9e:4b:06:5e:c0:db:29:58:0b:3c:32:7b:ff:ca:23:e8:e4:
6c:d8:b9:b4:61:f3:cb:85:5a:16:68:cd:24:bb:d2:13:bf:2c:
c7:e4:ca:00:62:ee:f8:4f:49:c1:07:47:99:3f:54:bc:6a:6d:
48:31:af:98:ca:c1:93:38:74:13:11:68:94:f2:8c:34:fa:4d:
f7:a3:fc:78:a3:c1:30:ed:55:38:16:1b:bc:f4:07:04:e2:bc:
44:80:f1:4f:14:83:6e:d2:39:73:9b:36:8c:8b:bf:a5:94:b4:
de:ce:fb:d9:05:7c:7a:84:7e:3c:17:6f:00:a6:28:b8:00:21:
85:0e:74:a5:15:d9:98:16:bf:9c:2f:fc:ca:d8:04:39:20:59:
de:dd:35:4c:ff:b8:7b:48:0f:1f:55:65:34:78:48:e0:5c:12:
fa:b9:52:81:ba:f1:9e:a6:f2:ad:25:2c:96:55:20:9f:01:64:
c6:d6:df:3c:46:2b:b1:82:bb:e2:2c:15:c4:f1:9e:52:9c:98:
d4:db:3c:40:eb:c5:ec:79:80:a4:c7:bb:2d:c7:a8:19:01:ac:
f4:dc:14:22:b8:de:d1:ea:3e:0d:d0:7e:a6:29:79:b9:8c:cd:
e4:3b:2b:85:5a:d6:73:55:e8:b3:97:1f:44:22:c0:79:d5:4e:
1c:98:74:95
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEMiyvtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YTBjMmRhY2FmZGZhNTM5OTdlZDNiMGE3MGRmYmMyNzBhOTMzYmY0MB4XDTIyMDEw
MTE0NTYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGIyNDdlZjRmODQx
N2JlN2JmZmRhMWZkY2RhNWIxM2QyNDhjNTU5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI2QsTni1THYp7/yWKBf1hAVmlza6DBm4v9afBpDN+PMTtkg
NsP5jZgGKN+djowfXz8/x5d5UvhquDnnOcQlN69mf0uxZbLrdyFfZt48gCV3AirG
Uoc0PSN553sVBpfDj0yN57DLicCLoTqGiK8ysHTX/jqaYX/UZc9T1ZYusF270Beh
7H7/TS2pzg+ELESdHmg9sKhWjdYNMJ0LMGyns5p3psCQ69b571rKQmo0W1Qp3hQv
IxTnos+nu93EBjSeKgHRzkvzK+YtmNt553nZlbnBycHRH2HDI99lKT50Jc4cmwA8
MmFoFe4LLq3TAc3vrD3Ba/DrNpXYmjHbnm/+8qECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSLJH70+EF757/9of3NpbE9JIxVkTAfBgNVHSMEGDAWgBTKDC2sr9+lOZft
Owpw37wnCpM79DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lnd3RyS19mcFRtWDdUc0tjTi04SndxVE9fUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvNzMzNTk4LTc0ZTgtNDdhYS04YzhlLTk5ZWM4OGM0Nzc2MC8x
L2l5Ui05UGhCZS1lX19hSDl6YVd4UFNTTVZaRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
NzMzNTk4LTc0ZTgtNDdhYS04YzhlLTk5ZWM4OGM0Nzc2MC8xL3lnd3RyS19mcFRt
WDdUc0tjTi04SndxVE9fUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkEBDANBAIAAjAHAwUAKgJeQDAN
BgkqhkiG9w0BAQsFAAOCAQEAKZ5LBl7A2ylYCzwye//KI+jkbNi5tGHzy4VaFmjN
JLvSE78sx+TKAGLu+E9JwQdHmT9UvGptSDGvmMrBkzh0ExFolPKMNPpN96P8eKPB
MO1VOBYbvPQHBOK8RIDxTxSDbtI5c5s2jIu/pZS03s772QV8eoR+PBdvAKYouAAh
hQ50pRXZmBa/nC/8ytgEOSBZ3t01TP+4e0gPH1VlNHhI4FwS+rlSgbrxnqbyrSUs
llUgnwFkxtbfPEYrsYK74iwVxPGeUpyY1Ns8QOvF7HmApMe7LceoGQGs9NwUIrje
0eo+DdB+pil5uYzN5DsrhVrWc1Xos5cfRCLAedVOHJh0lQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:47 2024 by rpki-client on console-fra.rpki-client.org