Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/53p5IKdHkqpFwi381fMPUtvhSoo.roa
File: 53p5IKdHkqpFwi381fMPUtvhSoo.roa (raw, json)
Hash identifier: 1lb+2TcCv+rKpiio7is+ejq9oDRceNlkJGkLhnGjFkI=
Subject key identifier: E7:7A:79:20:A7:47:92:AA:45:C2:2D:FC:D5:F3:0F:52:DB:E1:4A:8A
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 212800A5
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/53p5IKdHkqpFwi381fMPUtvhSoo.roa
Signing time: Sat 01 Jan 2022 13:00:35 +0000
ROA not before: Sat 01 Jan 2022 13:00:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62003
IP address blocks: 185.52.4.0/22 maxlen: 24
2a04:9a00:1010::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 556269733 (0x212800a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 1 13:00:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e77a7920a74792aa45c22dfcd5f30f52dbe14a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1d:42:e9:4a:f0:ec:1e:e7:54:51:d2:d9:c0:
6f:7f:e0:aa:ba:0a:b1:53:f9:26:1e:21:61:f2:4a:
fb:71:b1:01:69:9e:9a:f6:f3:f6:d3:5d:a2:c3:0a:
a1:c0:cb:30:09:2a:8c:59:a8:33:74:44:09:ec:2e:
aa:86:a8:4c:b6:58:bf:ec:de:66:98:af:e2:7b:95:
21:16:ab:7f:5e:a7:65:5d:28:83:c2:01:cc:e9:b2:
63:3b:67:67:b8:c7:7a:c0:89:42:61:ee:d8:e3:fc:
aa:da:9e:c1:46:8d:a0:2f:91:6d:91:01:3f:f4:7d:
ae:76:42:da:d7:6c:57:85:06:48:e3:fe:67:03:d6:
87:c5:cf:ab:90:be:68:b3:96:04:14:1f:dc:b9:16:
85:ac:75:9a:00:4a:38:7d:f2:42:17:19:9c:73:4f:
47:95:cf:d1:8d:6d:5f:d5:22:69:71:1b:98:1f:ed:
a9:f9:e0:35:7d:57:e3:aa:91:5a:b6:ec:2d:5d:e6:
f7:e0:b9:e9:e4:1d:03:a5:9e:de:32:49:00:eb:13:
24:1d:a5:11:5f:52:df:c6:68:88:99:f7:88:4e:5f:
d7:ab:2d:fd:0e:d5:11:39:7d:08:5a:5c:4a:d2:a6:
07:d9:7b:0e:47:88:c6:0a:8d:c4:10:3c:9c:b8:09:
15:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:7A:79:20:A7:47:92:AA:45:C2:2D:FC:D5:F3:0F:52:DB:E1:4A:8A
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/53p5IKdHkqpFwi381fMPUtvhSoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.4.0/22
IPv6:
2a04:9a00:1010::/44
Signature Algorithm: sha256WithRSAEncryption
3f:a4:0f:13:f3:09:f1:5d:ad:0b:0b:cd:71:8f:52:4b:1a:33:
a2:7a:fd:23:08:0d:23:b5:22:c7:e2:37:00:5f:18:a6:37:1c:
7e:fb:27:f3:5f:bb:41:eb:46:0d:1b:49:96:b7:d3:64:32:db:
fc:2b:f6:8e:11:a6:ba:56:8a:65:16:a1:3d:fe:3e:54:c3:0a:
ef:b9:02:6a:59:60:20:7b:1b:c2:d3:5e:1f:83:9f:4a:73:93:
ce:23:6b:62:84:3d:d9:61:88:29:be:6e:06:b2:6c:f2:c1:49:
9f:33:a2:a8:33:7b:d3:5f:50:2d:a8:9e:ae:34:c1:3f:a4:db:
fc:4a:63:bc:e0:dc:df:68:2c:0b:9e:69:d4:d5:70:e2:d3:36:
60:12:8a:cb:79:00:65:82:0d:06:4e:1e:9a:e6:42:90:ca:30:
6b:3a:9c:0a:5e:39:e0:8f:85:8a:d9:8f:9c:26:7b:f3:b8:60:
68:55:50:ed:4c:95:83:dd:e2:c5:0c:22:b8:8a:c4:e9:22:4e:
55:7a:d2:52:3c:b3:37:58:6a:26:c2:37:11:cd:03:f8:9e:d0:
af:3b:62:b5:25:e6:97:d0:35:1c:b9:70:b3:fe:88:42:21:ff:
67:37:3a:bf:ea:97:0c:28:60:43:0e:a6:5f:70:7f:37:0a:2b:
94:f0:68:84
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEISgApTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDVkMjhkMTY2MjZiYzVkY2FiZjJlOTE1NDM1NzgyYjk2ZTE0MDcxMB4XDTIyMDEw
MTEzMDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTc3YTc5MjBhNzQ3
OTJhYTQ1YzIyZGZjZDVmMzBmNTJkYmUxNGE4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQdQulK8Owe51RR0tnAb3/gqroKsVP5Jh4hYfJK+3GxAWme
mvbz9tNdosMKocDLMAkqjFmoM3RECewuqoaoTLZYv+zeZpiv4nuVIRarf16nZV0o
g8IBzOmyYztnZ7jHesCJQmHu2OP8qtqewUaNoC+RbZEBP/R9rnZC2tdsV4UGSOP+
ZwPWh8XPq5C+aLOWBBQf3LkWhax1mgBKOH3yQhcZnHNPR5XP0Y1tX9UiaXEbmB/t
qfngNX1X46qRWrbsLV3m9+C56eQdA6We3jJJAOsTJB2lEV9S38ZoiJn3iE5f16st
/Q7VETl9CFpcStKmB9l7DkeIxgqNxBA8nLgJFQ8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTnenkgp0eSqkXCLfzV8w9S2+FKijAfBgNVHSMEGDAWgBSwXSjRZia8Xcq/
LpFUNXgrluFAcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NGMG8wV1ltdkYzS3Z5NlJWRFY0SzViaFFIRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvYmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8x
LzUzcDVJS2RIa3FwRndpMzgxZk1QVXR2aFNvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
YmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8xL3NGMG8wV1ltdkYz
S3Z5NlJWRFY0SzViaFFIRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArk0BDAPBAIAAjAJAwcEKgSaABAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA/pA8T8wnxXa0LC81xj1JLGjOiev0jCA0jtSLH
4jcAXximNxx++yfzX7tB60YNG0mWt9NkMtv8K/aOEaa6VoplFqE9/j5UwwrvuQJq
WWAgexvC014fg59Kc5POI2tihD3ZYYgpvm4GsmzywUmfM6KoM3vTX1AtqJ6uNME/
pNv8SmO84NzfaCwLnmnU1XDi0zZgEorLeQBlgg0GTh6a5kKQyjBrOpwKXjngj4WK
2Y+cJnvzuGBoVVDtTJWD3eLFDCK4isTpIk5VetJSPLM3WGomwjcRzQP4ntCvO2K1
JeaX0DUcuXCz/ohCIf9nNzq/6pcMKGBDDqZfcH83CiuU8GiE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:55 2025 by rpki-client