Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/xFNNAReoHsZ65tPGmHfPhk-Y-I4.roa
File: xFNNAReoHsZ65tPGmHfPhk-Y-I4.roa (raw, json)
Hash identifier: ByrgGQv21pWDuYNLGEq0Q8GWcRymeX6dMRxBbwh1TtQ=
Subject key identifier: C4:53:4D:01:17:A8:1E:C6:7A:E6:D3:C6:98:77:CF:86:4F:98:F8:8E
Certificate issuer: /CN=ca0c2dacafdfa53997ed3b0a70dfbc270a933bf4
Certificate serial: 0185715543F710C8E0F83EEDF883FDCA808D
Authority key identifier: CA:0C:2D:AC:AF:DF:A5:39:97:ED:3B:0A:70:DF:BC:27:0A:93:3B:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/xFNNAReoHsZ65tPGmHfPhk-Y-I4.roa
Signing time: Mon 02 Jan 2023 07:14:51 +0000
ROA not before: Mon 02 Jan 2023 07:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15533
IP address blocks: 185.4.4.0/24 maxlen: 24
185.4.4.0/22 maxlen: 24
185.4.5.0/24 maxlen: 24
185.4.7.0/24 maxlen: 24
185.4.6.0/24 maxlen: 24
2a02:5e40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:43:f7:10:c8:e0:f8:3e:ed:f8:83:fd:ca:80:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca0c2dacafdfa53997ed3b0a70dfbc270a933bf4
Validity
Not Before: Jan 2 07:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4534d0117a81ec67ae6d3c69877cf864f98f88e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c3:7f:44:39:85:9c:15:b2:3b:ea:16:4b:fd:
47:e2:a9:f2:e5:51:ff:96:9c:8a:3f:2e:ef:43:99:
76:c6:74:ba:68:cb:a3:ea:c8:b0:d6:4f:33:13:8e:
d8:b1:ca:7a:6b:40:c3:71:7e:2f:88:8f:d7:ad:2c:
55:73:65:e7:4e:75:c6:c0:f8:1e:90:e9:fd:8b:10:
a0:6e:87:0a:ff:a4:39:9a:c7:46:dd:ad:51:c0:aa:
78:92:5d:50:ae:5a:0e:ac:7d:d0:81:93:6f:3f:e2:
76:89:02:de:41:48:58:47:c6:7f:0b:97:26:50:47:
a0:35:b8:fe:16:71:2d:fe:47:63:9d:0c:fb:54:88:
24:e0:d0:13:06:a4:bd:c3:61:75:d3:45:1d:2e:93:
a5:8a:3e:ab:a9:09:c5:ef:36:d0:a4:c8:66:75:b9:
79:ab:ad:d6:f5:0c:52:46:ac:2c:aa:43:3b:c1:67:
3a:1f:0a:c2:6b:c8:69:95:d7:64:4c:1d:ee:8b:4c:
06:ed:ff:13:36:1f:9f:14:aa:87:4e:c8:79:7b:2b:
c2:06:f3:2d:b1:d0:d4:58:74:12:df:3b:cf:7b:e2:
39:1b:f7:a6:f6:2a:21:55:c8:74:56:b5:b6:4e:bc:
97:bf:c8:51:6c:34:74:bd:d2:be:a9:92:5c:38:b6:
3a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:53:4D:01:17:A8:1E:C6:7A:E6:D3:C6:98:77:CF:86:4F:98:F8:8E
X509v3 Authority Key Identifier:
keyid:CA:0C:2D:AC:AF:DF:A5:39:97:ED:3B:0A:70:DF:BC:27:0A:93:3B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/xFNNAReoHsZ65tPGmHfPhk-Y-I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.4.0/22
IPv6:
2a02:5e40::/32
Signature Algorithm: sha256WithRSAEncryption
20:cc:2b:42:58:36:e4:6e:d3:56:c4:50:78:be:0e:4e:87:a9:
1e:d2:73:b4:77:a8:50:29:9f:2c:c7:02:49:47:20:ef:8b:fe:
2e:55:cc:14:75:71:25:de:bb:44:8a:6e:09:94:18:00:5f:9f:
dc:8c:ad:b7:80:fa:c2:4c:6c:17:50:9c:ed:e3:c6:f7:e9:47:
c8:67:10:61:12:cd:f0:18:3e:de:bb:bf:72:5a:e8:02:80:31:
9c:79:a7:fc:bf:14:b6:ce:21:b6:8f:cc:01:45:ab:73:5e:e6:
e3:ad:ab:a8:f4:05:a1:ef:36:62:32:6f:ee:5c:dd:ff:96:be:
29:8c:39:f3:59:0a:ac:5c:14:0e:1f:97:d8:62:e0:c2:5f:03:
64:ce:fc:15:c5:7b:17:4b:cd:9a:a2:c4:a5:0d:64:70:20:e2:
06:72:32:ce:d9:a3:56:fa:f0:ae:e9:71:c4:57:6b:2c:59:0f:
21:40:6f:22:4f:e9:5f:04:af:08:f0:62:fa:a2:c7:96:cc:85:
5a:b1:6a:df:8c:01:74:57:d5:d3:a3:aa:00:74:b0:26:18:2e:
be:44:14:a7:57:96:e0:52:8b:96:e4:d4:eb:09:63:ef:1c:c7:
07:e4:8b:30:cd:9e:f1:5c:4d:94:57:a5:15:e2:80:0e:09:c4:
4f:fa:34:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxVUP3EMjg+D7t+IP9yoCNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMGMyZGFjYWZkZmE1Mzk5N2VkM2IwYTcwZGZiYzI3MGE5
MzNiZjQwHhcNMjMwMTAyMDcxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDUzNGQwMTE3YTgxZWM2N2FlNmQzYzY5ODc3Y2Y4NjRmOThmODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMN/RDmFnBWyO+oWS/1H4qny5VH/
lpyKPy7vQ5l2xnS6aMuj6siw1k8zE47Yscp6a0DDcX4viI/XrSxVc2XnTnXGwPge
kOn9ixCgbocK/6Q5msdG3a1RwKp4kl1QrloOrH3QgZNvP+J2iQLeQUhYR8Z/C5cm
UEegNbj+FnEt/kdjnQz7VIgk4NATBqS9w2F100UdLpOlij6rqQnF7zbQpMhmdbl5
q63W9QxSRqwsqkM7wWc6HwrCa8hplddkTB3ui0wG7f8TNh+fFKqHTsh5eyvCBvMt
sdDUWHQS3zvPe+I5G/em9iohVch0VrW2TryXv8hRbDR0vdK+qZJcOLY6uwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMRTTQEXqB7GeubTxph3z4ZPmPiOMB8GA1UdIwQY
MBaAFMoMLayv36U5l+07CnDfvCcKkzv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWd3dHJLX2ZwVG1YN1RzS2NOLThKd3FUT19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83MzM1OTgtNzRlOC00N2FhLThjOGUt
OTllYzg4YzQ3NzYwLzEveEZOTkFSZW9Ic1o2NXRQR21IZlBoay1ZLUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83MzM1OTgtNzRlOC00N2FhLThjOGUtOTllYzg4YzQ3NzYw
LzEveWd3dHJLX2ZwVG1YN1RzS2NOLThKd3FUT19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQQEMA0E
AgACMAcDBQAqAl5AMA0GCSqGSIb3DQEBCwUAA4IBAQAgzCtCWDbkbtNWxFB4vg5O
h6ke0nO0d6hQKZ8sxwJJRyDvi/4uVcwUdXEl3rtEim4JlBgAX5/cjK23gPrCTGwX
UJzt48b36UfIZxBhEs3wGD7eu79yWugCgDGceaf8vxS2ziG2j8wBRatzXubjrauo
9AWh7zZiMm/uXN3/lr4pjDnzWQqsXBQOH5fYYuDCXwNkzvwVxXsXS82aosSlDWRw
IOIGcjLO2aNW+vCu6XHEV2ssWQ8hQG8iT+lfBK8I8GL6oseWzIVasWrfjAF0V9XT
o6oAdLAmGC6+RBSnV5bgUouW5NTrCWPvHMcH5IswzZ7xXE2UV6UV4oAOCcRP+jS6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:56 2025 by rpki-client