Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/3d013e-9e58-465e-87bb-072fca5ffebe/1/yLbTxUGYirtTqMzOytvS2lyEg5o.roa
File: yLbTxUGYirtTqMzOytvS2lyEg5o.roa (raw, json)
Hash identifier: 5b/X8zgjG5D0RFqz9VPqqRdZ1JW9XfjAy+qTS+LExok=
Subject key identifier: C8:B6:D3:C5:41:98:8A:BB:53:A8:CC:CE:CA:DB:D2:DA:5C:84:83:9A
Certificate issuer: /CN=ebb016f46de2db5cc3116599ee871c76c2c834c6
Certificate serial: 085D771B
Authority key identifier: EB:B0:16:F4:6D:E2:DB:5C:C3:11:65:99:EE:87:1C:76:C2:C8:34:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/67AW9G3i21zDEWWZ7occdsLINMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/3d013e-9e58-465e-87bb-072fca5ffebe/1/yLbTxUGYirtTqMzOytvS2lyEg5o.roa
Signing time: Sat 01 Jan 2022 04:59:00 +0000
ROA not before: Sat 01 Jan 2022 04:59:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209102
IP address blocks: 2.56.130.0/24 maxlen: 24
2.56.128.0/22 maxlen: 22
2.56.129.0/24 maxlen: 24
2.56.131.0/24 maxlen: 24
2.56.128.0/24 maxlen: 24
2a09:c3c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140343067 (0x85d771b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebb016f46de2db5cc3116599ee871c76c2c834c6
Validity
Not Before: Jan 1 04:59:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8b6d3c541988abb53a8cccecadbd2da5c84839a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:03:88:e3:fa:56:eb:3e:90:aa:7d:27:03:ef:
08:98:d0:b9:af:ce:91:f1:49:5c:00:1d:3b:46:0b:
10:ac:fb:67:52:3a:36:c5:20:75:c1:03:42:ca:90:
b9:ff:80:b6:bc:30:1f:14:ef:f4:ce:08:c1:df:9b:
f0:a5:99:bf:35:2e:a2:45:48:47:c1:b5:b3:c7:f9:
50:97:c1:33:5b:1c:0a:26:84:a0:bc:dd:17:5b:30:
74:fc:bf:33:75:91:e8:96:8b:4d:2e:d5:28:1b:85:
d3:d2:22:14:65:c0:a6:ce:51:df:3b:83:ac:d2:ba:
e6:97:08:b4:b8:1f:c8:b2:41:84:72:61:aa:79:8f:
54:a2:9a:09:04:e8:ae:20:c8:ed:c3:1a:ca:2a:e5:
a7:56:cf:11:e9:47:92:d0:ce:6b:94:58:e1:00:17:
c7:3c:6f:50:f1:5f:4a:e0:a7:91:05:bf:61:16:a6:
84:bf:99:58:a6:e9:0c:8f:44:94:6d:06:3b:55:59:
e8:3b:d5:2a:5f:ed:79:7b:cf:d7:bc:1b:26:09:22:
aa:f9:be:34:49:cc:a2:cf:69:50:ef:7b:cf:98:14:
b3:3c:8a:66:1a:a6:4f:e9:8d:92:3a:c3:3e:4b:61:
25:49:19:46:97:5e:37:dd:5a:df:4d:c7:11:d1:a2:
44:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B6:D3:C5:41:98:8A:BB:53:A8:CC:CE:CA:DB:D2:DA:5C:84:83:9A
X509v3 Authority Key Identifier:
keyid:EB:B0:16:F4:6D:E2:DB:5C:C3:11:65:99:EE:87:1C:76:C2:C8:34:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67AW9G3i21zDEWWZ7occdsLINMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/3d013e-9e58-465e-87bb-072fca5ffebe/1/yLbTxUGYirtTqMzOytvS2lyEg5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/3d013e-9e58-465e-87bb-072fca5ffebe/1/67AW9G3i21zDEWWZ7occdsLINMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.128.0/22
IPv6:
2a09:c3c0::/29
Signature Algorithm: sha256WithRSAEncryption
d1:58:b7:70:9b:a5:16:08:43:bc:82:f8:bd:0d:a5:cd:7a:94:
6e:b1:6d:ae:f8:83:09:bf:52:b6:f2:a0:72:6d:55:c0:10:df:
69:e8:e8:70:0d:99:cf:63:a9:f1:8e:9a:34:20:c3:9b:24:1b:
46:60:0c:37:20:3e:bd:df:f4:74:f9:92:db:68:a5:b1:a5:87:
be:4c:cb:85:dd:8b:87:c6:82:8a:58:73:81:46:e1:a8:d1:fd:
de:f6:c8:93:ba:9f:94:3e:2a:99:95:72:6e:30:03:13:cf:3e:
19:3e:3c:3b:6f:13:96:27:69:db:0c:52:d5:28:77:a6:41:ee:
f8:a8:4e:30:48:27:62:7b:c7:bc:c5:1f:fb:e2:68:2e:0b:83:
91:41:64:c8:bf:41:48:6f:c3:55:58:76:de:3c:f3:36:50:8a:
44:d1:70:6c:b5:52:28:0b:ae:7a:a1:14:c8:4f:66:7b:8d:1b:
04:31:7d:41:04:2b:5b:b1:9e:cd:c3:18:74:7d:97:35:6b:65:
d8:ad:b5:f5:10:1d:6b:ca:ac:10:29:71:32:01:af:23:97:98:
49:b2:8a:21:b2:04:37:19:99:ee:48:f3:b1:9f:c3:92:5f:11:
b1:c2:2e:04:2e:fe:42:cf:4c:19:05:3c:0c:50:6c:bf:76:31:
dd:27:56:fb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECF13GzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmIwMTZmNDZkZTJkYjVjYzMxMTY1OTllZTg3MWM3NmMyYzgzNGM2MB4XDTIyMDEw
MTA0NTkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhiNmQzYzU0MTk4
OGFiYjUzYThjY2NlY2FkYmQyZGE1Yzg0ODM5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEDiOP6Vus+kKp9JwPvCJjQua/OkfFJXAAdO0YLEKz7Z1I6
NsUgdcEDQsqQuf+AtrwwHxTv9M4Iwd+b8KWZvzUuokVIR8G1s8f5UJfBM1scCiaE
oLzdF1swdPy/M3WR6JaLTS7VKBuF09IiFGXAps5R3zuDrNK65pcItLgfyLJBhHJh
qnmPVKKaCQToriDI7cMayirlp1bPEelHktDOa5RY4QAXxzxvUPFfSuCnkQW/YRam
hL+ZWKbpDI9ElG0GO1VZ6DvVKl/teXvP17wbJgkiqvm+NEnMos9pUO97z5gUszyK
ZhqmT+mNkjrDPkthJUkZRpdeN91a303HEdGiREkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTIttPFQZiKu1OozM7K29LaXISDmjAfBgNVHSMEGDAWgBTrsBb0beLbXMMR
ZZnuhxx2wsg0xjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzY3QVc5RzNpMjF6REVXV1o3b2NjZHNMSU5NWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvM2QwMTNlLTllNTgtNDY1ZS04N2JiLTA3MmZjYTVmZmViZS8x
L3lMYlR4VUdZaXJ0VHFNek95dHZTMmx5RWc1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
M2QwMTNlLTllNTgtNDY1ZS04N2JiLTA3MmZjYTVmZmViZS8xLzY3QVc5RzNpMjF6
REVXV1o3b2NjZHNMSU5NWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAgI4gDANBAIAAjAHAwUDKgnDwDAN
BgkqhkiG9w0BAQsFAAOCAQEA0Vi3cJulFghDvIL4vQ2lzXqUbrFtrviDCb9StvKg
cm1VwBDfaejocA2Zz2Op8Y6aNCDDmyQbRmAMNyA+vd/0dPmS22ilsaWHvkzLhd2L
h8aCilhzgUbhqNH93vbIk7qflD4qmZVybjADE88+GT48O28Tlidp2wxS1Sh3pkHu
+KhOMEgnYnvHvMUf++JoLguDkUFkyL9BSG/DVVh23jzzNlCKRNFwbLVSKAuueqEU
yE9me40bBDF9QQQrW7GezcMYdH2XNWtl2K219RAda8qsEClxMgGvI5eYSbKKIbIE
NxmZ7kjzsZ/Dkl8RscIuBC7+Qs9MGQU8DFBsv3Yx3SdW+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:21 2024 by rpki-client on console-fra.rpki-client.org