Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/xNWt4q6LjR-2di4E_SrH0t6YvCk.roa
File: xNWt4q6LjR-2di4E_SrH0t6YvCk.roa (raw, json)
Hash identifier: Pig2K9yF0xe1DdjHanmGW4n88MXzN9AQMT9qi3U8Dyw=
Subject key identifier: C4:D5:AD:E2:AE:8B:8D:1F:B6:76:2E:04:FD:2A:C7:D2:DE:98:BC:29
Certificate issuer: /CN=05da7571c5eb13b1ae4f4417cefec2bd77902e2d
Certificate serial: 01856C9CAF409F1A1B13E60F386A4199D92F
Authority key identifier: 05:DA:75:71:C5:EB:13:B1:AE:4F:44:17:CE:FE:C2:BD:77:90:2E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/xNWt4q6LjR-2di4E_SrH0t6YvCk.roa
Signing time: Sun 01 Jan 2023 09:14:45 +0000
ROA not before: Sun 01 Jan 2023 09:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13335
IP address blocks: 185.112.245.0/24 maxlen: 24
185.112.244.0/24 maxlen: 24
185.112.246.0/24 maxlen: 24
185.112.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:af:40:9f:1a:1b:13:e6:0f:38:6a:41:99:d9:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05da7571c5eb13b1ae4f4417cefec2bd77902e2d
Validity
Not Before: Jan 1 09:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4d5ade2ae8b8d1fb6762e04fd2ac7d2de98bc29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8a:92:d1:42:b4:81:30:eb:7c:ee:74:2c:87:
b4:99:34:16:1f:94:b0:13:8e:07:89:5b:03:ee:51:
e6:fb:c0:e5:00:66:42:a3:b4:a5:cf:6e:1f:ff:59:
d3:15:d6:9f:cf:92:bc:27:0b:55:ba:c5:4a:c4:02:
88:ff:79:53:c6:f8:4b:82:e1:fa:68:b4:32:ab:75:
e2:ea:35:eb:4d:25:b8:df:52:62:22:cd:4e:4b:74:
e3:86:00:8a:a5:b2:94:60:e8:be:b0:d1:09:95:17:
1d:25:51:1d:1b:08:7c:bd:d9:9f:2b:e6:c2:28:13:
fb:75:6a:96:97:e8:fc:a6:0c:ac:e1:59:8d:ba:dc:
86:db:72:ab:10:86:ba:55:c4:a9:17:cc:bd:d7:68:
37:ff:f3:7d:44:be:e1:9d:59:88:0e:b0:87:7b:e2:
c8:c8:77:b3:b7:31:aa:c0:b4:8e:53:e9:26:7f:a7:
71:e3:82:c6:f7:e5:30:2b:c2:95:be:c2:a2:f0:ec:
6b:17:49:b1:02:16:42:68:38:cb:7e:76:f9:9b:6b:
5a:f4:28:83:7f:ca:73:7c:80:4e:f4:1f:ce:2d:e2:
bb:63:1c:bf:80:b7:f7:19:74:ab:01:cd:8f:94:1a:
67:cc:16:66:e4:92:49:f0:66:73:aa:34:2d:3d:bd:
9e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D5:AD:E2:AE:8B:8D:1F:B6:76:2E:04:FD:2A:C7:D2:DE:98:BC:29
X509v3 Authority Key Identifier:
keyid:05:DA:75:71:C5:EB:13:B1:AE:4F:44:17:CE:FE:C2:BD:77:90:2E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/xNWt4q6LjR-2di4E_SrH0t6YvCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.244.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:ea:8e:f8:af:48:07:ab:d4:cc:c3:c6:bc:b5:03:e5:09:21:
e5:5b:2c:86:0c:2c:3c:8e:46:1a:be:13:0c:af:a7:32:79:1e:
34:5f:e2:ae:db:8a:5c:3a:79:df:24:1f:31:99:7f:6a:22:39:
3e:53:59:78:ce:ad:6e:74:07:2f:10:73:3b:fb:da:16:cf:97:
c2:94:c8:b5:a6:b3:79:d0:37:5b:1e:57:15:5d:4f:d6:ea:41:
eb:d5:e8:07:ea:76:9c:09:b5:86:bf:69:df:16:57:e8:4b:12:
be:cb:82:35:21:45:ac:8e:ee:9a:10:dc:23:c8:03:9c:60:06:
c5:df:e1:d7:e6:ae:11:8c:6b:51:7c:7e:3a:f2:35:ea:d0:68:
0c:ee:41:a6:bd:e9:bd:6b:76:74:29:5d:4e:10:d0:8e:b5:64:
dd:68:f0:aa:ee:f4:95:69:a3:b0:f7:49:32:62:50:e5:47:b2:
8a:49:d4:19:0b:8f:25:21:9f:1e:42:b4:fd:bd:c2:b3:29:94:
22:79:84:c1:78:0d:b4:84:1f:35:5a:a9:c4:8d:83:c6:fa:c4:
10:40:f2:e0:d4:ae:49:62:7a:bc:0b:eb:dd:95:a4:9d:20:fa:
bd:71:f2:d6:cc:bd:a5:60:c7:b5:f1:19:df:c4:41:6b:06:83:
17:27:2d:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnK9AnxobE+YPOGpBmdkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZGE3NTcxYzVlYjEzYjFhZTRmNDQxN2NlZmVjMmJkNzc5
MDJlMmQwHhcNMjMwMTAxMDkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQ1YWRlMmFlOGI4ZDFmYjY3NjJlMDRmZDJhYzdkMmRlOThiYzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIqS0UK0gTDrfO50LIe0mTQWH5Sw
E44HiVsD7lHm+8DlAGZCo7Slz24f/1nTFdafz5K8JwtVusVKxAKI/3lTxvhLguH6
aLQyq3Xi6jXrTSW431JiIs1OS3TjhgCKpbKUYOi+sNEJlRcdJVEdGwh8vdmfK+bC
KBP7dWqWl+j8pgys4VmNutyG23KrEIa6VcSpF8y912g3//N9RL7hnVmIDrCHe+LI
yHeztzGqwLSOU+kmf6dx44LG9+UwK8KVvsKi8OxrF0mxAhZCaDjLfnb5m2ta9CiD
f8pzfIBO9B/OLeK7Yxy/gLf3GXSrAc2PlBpnzBZm5JJJ8GZzqjQtPb2eDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTVreKui40ftnYuBP0qx9LemLwpMB8GA1UdIwQY
MBaAFAXadXHF6xOxrk9EF87+wr13kC4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmRwMWNjWHJFN0d1VDBRWHp2N0N2WGVRTGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjRmODMtMzcwYS00OTAxLThiZmEt
MzY1NTMwMmJmMDA1LzEveE5XdDRxNkxqUi0yZGk0RV9TckgwdDZZdkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjRmODMtMzcwYS00OTAxLThiZmEtMzY1NTMwMmJmMDA1
LzEvQmRwMWNjWHJFN0d1VDBRWHp2N0N2WGVRTGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXD0MA0G
CSqGSIb3DQEBCwUAA4IBAQBs6o74r0gHq9TMw8a8tQPlCSHlWyyGDCw8jkYavhMM
r6cyeR40X+Ku24pcOnnfJB8xmX9qIjk+U1l4zq1udAcvEHM7+9oWz5fClMi1prN5
0DdbHlcVXU/W6kHr1egH6nacCbWGv2nfFlfoSxK+y4I1IUWsju6aENwjyAOcYAbF
3+HX5q4RjGtRfH468jXq0GgM7kGmvem9a3Z0KV1OENCOtWTdaPCq7vSVaaOw90ky
YlDlR7KKSdQZC48lIZ8eQrT9vcKzKZQieYTBeA20hB81WqnEjYPG+sQQQPLg1K5J
Ynq8C+vdlaSdIPq9cfLWzL2lYMe18RnfxEFrBoMXJy37
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:39:39 2025 by rpki-client