Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/2qCEVBc7yye-XHVcew8HcY_3OGM.roa
File: 2qCEVBc7yye-XHVcew8HcY_3OGM.roa (raw, json)
Hash identifier: dOvBp7fz034Y7m+1045Yh7XV7wt/K0I8MVUG+4FnOEE=
Subject key identifier: DA:A0:84:54:17:3B:CB:27:BE:5C:75:5C:7B:0F:07:71:8F:F7:38:63
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 02B12522
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/2qCEVBc7yye-XHVcew8HcY_3OGM.roa
Signing time: Thu 23 Jun 2022 05:18:16 +0000
ROA not before: Thu 23 Jun 2022 05:18:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2.56.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45163810 (0x2b12522)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jun 23 05:18:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daa08454173bcb27be5c755c7b0f07718ff73863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e7:b8:73:92:7b:eb:24:75:bd:b5:ba:ce:70:
f6:2f:85:57:a7:6e:8f:1d:cb:94:eb:32:5c:0c:28:
97:13:3a:98:e7:bd:2a:3c:a7:1e:63:53:5e:c8:99:
cb:ac:cd:e6:de:73:3c:e3:5b:f8:7b:08:09:85:a2:
c2:31:39:bd:4f:3d:91:95:8f:30:8a:48:65:d7:fe:
63:be:ac:51:2e:9e:fb:de:e9:91:24:f1:f5:f4:c5:
57:52:a4:ed:cf:91:f7:1e:26:69:f9:71:04:62:a7:
6f:84:29:f7:70:e5:b6:82:cb:8a:54:b0:b3:87:3c:
1e:44:d0:ce:c9:39:cf:d1:30:d9:6b:14:81:97:5d:
66:b5:da:13:71:5f:0c:03:67:97:c6:a9:2e:07:a3:
d6:44:d5:76:64:ae:67:10:98:8f:f4:b7:30:d5:0b:
7a:f1:e3:b9:40:e7:e2:b6:cb:75:0a:2a:37:e2:45:
18:88:5b:ab:64:eb:8a:dc:d8:e4:90:2a:e5:3a:fd:
1d:71:c3:2f:02:5a:7b:42:c5:99:c2:ff:9f:f4:19:
8b:09:03:ec:3c:93:f9:98:91:41:48:f5:f4:d9:6f:
c5:d3:67:00:0d:00:bc:3a:57:07:7e:47:c2:cb:96:
21:f9:18:6f:55:98:24:a8:25:7a:93:1d:da:7d:19:
09:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A0:84:54:17:3B:CB:27:BE:5C:75:5C:7B:0F:07:71:8F:F7:38:63
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/2qCEVBc7yye-XHVcew8HcY_3OGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.32.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:05:af:5f:cf:05:64:96:b7:46:9a:3b:bf:e4:5b:d3:f4:80:
84:b0:fe:48:58:9b:28:be:4f:a0:1b:68:29:01:64:fb:4a:28:
82:a1:57:e8:a3:0e:15:98:2f:72:8f:d0:51:fd:89:35:12:e7:
4b:1d:fe:71:15:2f:9f:47:d1:1a:a1:08:dd:97:5b:91:a6:bd:
87:48:f6:fa:94:89:03:29:41:e0:93:dc:d4:24:3f:87:80:83:
4a:f5:ea:66:6d:4a:1f:c5:81:ec:1f:47:b0:bc:ec:21:cb:d5:
22:d5:09:32:52:9f:58:68:a6:f4:7c:46:fb:25:70:6d:94:c2:
cb:f0:62:e6:5a:8c:55:5a:45:8d:3d:53:8c:43:a9:f6:1f:17:
99:6c:33:96:53:a0:78:a4:ae:32:f7:e4:81:69:a9:76:b7:8f:
3e:4b:73:69:37:8a:6e:3e:57:2e:d0:9a:1d:ad:34:aa:51:0e:
46:57:16:7c:fa:1e:72:bb:3c:1f:1a:05:ac:c9:f2:3b:d9:5c:
25:87:ba:6d:63:55:cd:7b:19:d8:fa:3b:ba:e0:55:a4:43:56:
fc:2d:46:96:79:d9:22:82:4b:fb:c3:49:7e:99:9b:55:ed:5d:
b5:14:9d:e3:f8:8b:75:c5:2c:fc:42:aa:53:51:b0:57:ed:f7:
4b:9b:31:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEArElIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Y2IyNWNlNTUwZTRkOWJkYTA1YmQ1ZDQ1YzhiNmJhMzc0MzBiYmJhMB4XDTIyMDYy
MzA1MTgxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFhMDg0NTQxNzNi
Y2IyN2JlNWM3NTVjN2IwZjA3NzE4ZmY3Mzg2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXnuHOSe+skdb21us5w9i+FV6dujx3LlOsyXAwolxM6mOe9
KjynHmNTXsiZy6zN5t5zPONb+HsICYWiwjE5vU89kZWPMIpIZdf+Y76sUS6e+97p
kSTx9fTFV1Kk7c+R9x4maflxBGKnb4Qp93DltoLLilSws4c8HkTQzsk5z9Ew2WsU
gZddZrXaE3FfDANnl8apLgej1kTVdmSuZxCYj/S3MNULevHjuUDn4rbLdQoqN+JF
GIhbq2TritzY5JAq5Tr9HXHDLwJae0LFmcL/n/QZiwkD7DyT+ZiRQUj19NlvxdNn
AA0AvDpXB35HwsuWIfkYb1WYJKglepMd2n0ZCesCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTaoIRUFzvLJ75cdVx7Dwdxj/c4YzAfBgNVHSMEGDAWgBScslzlUOTZvaBb
1dRci2ujdDC7ujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25MSmM1VkRrMmIyZ1c5WFVYSXRybzNRd3U3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvNGYzMzZiLTRhNzktNDQyNS05NTU2LWJlNDVmMGQyYWJiYi8x
LzJxQ0VWQmM3eXllLVhIVmNldzhIY1lfM09HTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
NGYzMzZiLTRhNzktNDQyNS05NTU2LWJlNDVmMGQyYWJiYi8xL25MSmM1VkRrMmIy
Z1c5WFVYSXRybzNRd3U3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgI4IDANBgkqhkiG9w0BAQsFAAOC
AQEACwWvX88FZJa3Rpo7v+Rb0/SAhLD+SFibKL5PoBtoKQFk+0oogqFX6KMOFZgv
co/QUf2JNRLnSx3+cRUvn0fRGqEI3Zdbkaa9h0j2+pSJAylB4JPc1CQ/h4CDSvXq
Zm1KH8WB7B9HsLzsIcvVItUJMlKfWGim9HxG+yVwbZTCy/Bi5lqMVVpFjT1TjEOp
9h8XmWwzllOgeKSuMvfkgWmpdrePPktzaTeKbj5XLtCaHa00qlEORlcWfPoecrs8
HxoFrMnyO9lcJYe6bWNVzXsZ2Po7uuBVpENW/C1GlnnZIoJL+8NJfpmbVe1dtRSd
4/iLdcUs/EKqU1GwV+33S5sxBg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:49 2023 by rpki-client on console-fra.rpki-client.org