Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/2qdp3CvPMvFc6yRQM82bYYthEQM.roa
File: 2qdp3CvPMvFc6yRQM82bYYthEQM.roa (raw, json)
Hash identifier: b/v59jb0fOLRvkx8DVDaa/HWR3UUYv51rC13/J4vKOY=
Subject key identifier: DA:A7:69:DC:2B:CF:32:F1:5C:EB:24:50:33:CD:9B:61:8B:61:11:03
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 012D45D7
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/2qdp3CvPMvFc6yRQM82bYYthEQM.roa
Signing time: Sat 01 Jan 2022 11:59:11 +0000
ROA not before: Sat 01 Jan 2022 11:59:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397373
IP address blocks: 2.56.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19744215 (0x12d45d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jan 1 11:59:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daa769dc2bcf32f15ceb245033cd9b618b611103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:72:c6:11:78:9a:c3:b7:b2:cc:82:f8:43:b0:
45:04:be:d2:04:7d:7c:1f:58:58:2a:81:99:5d:69:
94:9e:f4:d1:e9:5b:04:28:bd:3c:f9:e4:91:ba:b2:
e3:b1:21:59:b2:d4:51:24:f0:84:e2:92:0f:4f:04:
2e:2a:e1:ba:a1:70:df:bc:e0:3f:73:05:97:e3:6b:
68:ef:7e:5f:2b:52:47:95:ab:71:22:cf:45:8a:59:
d6:a5:e7:28:e7:0f:ef:e4:60:ac:4f:bc:8e:c7:22:
13:2a:78:ef:98:f2:21:95:ed:f4:c0:a8:ae:cc:36:
5a:0a:cd:de:5a:60:fa:1c:db:54:5c:60:51:12:d0:
f2:8d:6c:12:15:9b:40:14:8a:f6:c9:10:fe:19:d3:
75:62:21:db:2d:3b:b9:40:b8:a2:4d:63:19:7c:4e:
31:c8:02:99:21:1d:94:24:f5:99:08:7c:f7:11:dd:
b6:72:b4:64:35:d1:d2:c5:e7:72:b7:82:f9:6a:0b:
f1:4e:af:3c:39:f7:9b:da:fd:9b:45:54:25:00:0e:
23:a2:47:f6:32:79:af:f6:dd:1b:f9:68:09:40:9b:
a0:76:09:b5:15:49:fc:97:17:d8:95:c3:9d:85:fb:
4f:9b:78:cc:45:9e:0c:fa:ef:c2:69:fe:b7:41:0c:
cd:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A7:69:DC:2B:CF:32:F1:5C:EB:24:50:33:CD:9B:61:8B:61:11:03
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/2qdp3CvPMvFc6yRQM82bYYthEQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.32.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:8b:5e:b3:92:fd:df:73:28:98:d4:ca:2d:c3:4a:1d:de:03:
20:d2:07:f6:a8:c0:de:58:68:00:e6:09:ce:eb:76:a3:83:a8:
7b:8e:ef:a9:49:34:14:b6:e3:b3:5c:d1:e5:bc:74:7b:2f:8a:
94:38:39:c7:bf:87:b8:fd:11:0a:ab:4d:e9:42:08:bc:9f:4e:
85:71:ff:60:d4:02:23:b0:7b:96:1d:99:85:b6:cb:36:8a:20:
1a:0d:86:89:da:f5:0c:1e:99:84:53:c6:d3:6c:da:68:e0:f2:
94:3e:d7:b8:8b:d0:81:56:1b:bd:e9:f5:dd:4c:2c:c6:18:ac:
f8:e1:d6:af:e3:52:5c:f6:7c:5b:8b:f7:92:c3:70:b7:8f:b2:
d0:0d:b6:1a:d0:36:b7:bb:17:e1:fd:25:76:63:ce:b4:85:e7:
a7:4a:0d:7d:bf:76:08:f6:01:e6:21:70:fa:e8:27:58:a9:d5:
fa:e8:3e:3b:cc:58:6f:2c:60:de:8e:55:14:25:36:8a:cc:18:
18:c9:d6:8b:0c:fb:db:e0:bf:38:3a:06:16:db:ce:0f:0f:97:
a0:45:bf:26:73:41:21:03:e0:a6:80:d7:78:58:76:b9:84:0b:
ec:db:26:42:8c:f6:d1:bd:be:66:da:a5:bc:f4:80:22:80:69:
13:26:d0:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAS1F1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Y2IyNWNlNTUwZTRkOWJkYTA1YmQ1ZDQ1YzhiNmJhMzc0MzBiYmJhMB4XDTIyMDEw
MTExNTkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFhNzY5ZGMyYmNm
MzJmMTVjZWIyNDUwMzNjZDliNjE4YjYxMTEwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZyxhF4msO3ssyC+EOwRQS+0gR9fB9YWCqBmV1plJ700elb
BCi9PPnkkbqy47EhWbLUUSTwhOKSD08ELirhuqFw37zgP3MFl+NraO9+XytSR5Wr
cSLPRYpZ1qXnKOcP7+RgrE+8jsciEyp475jyIZXt9MCorsw2WgrN3lpg+hzbVFxg
URLQ8o1sEhWbQBSK9skQ/hnTdWIh2y07uUC4ok1jGXxOMcgCmSEdlCT1mQh89xHd
tnK0ZDXR0sXncreC+WoL8U6vPDn3m9r9m0VUJQAOI6JH9jJ5r/bdG/loCUCboHYJ
tRVJ/JcX2JXDnYX7T5t4zEWeDPrvwmn+t0EMzYMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTap2ncK88y8VzrJFAzzZthi2ERAzAfBgNVHSMEGDAWgBScslzlUOTZvaBb
1dRci2ujdDC7ujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25MSmM1VkRrMmIyZ1c5WFVYSXRybzNRd3U3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvNGYzMzZiLTRhNzktNDQyNS05NTU2LWJlNDVmMGQyYWJiYi8x
LzJxZHAzQ3ZQTXZGYzZ5UlFNODJiWVl0aEVRTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
NGYzMzZiLTRhNzktNDQyNS05NTU2LWJlNDVmMGQyYWJiYi8xL25MSmM1VkRrMmIy
Z1c5WFVYSXRybzNRd3U3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgI4IDANBgkqhkiG9w0BAQsFAAOC
AQEATYtes5L933MomNTKLcNKHd4DINIH9qjA3lhoAOYJzut2o4Ooe47vqUk0FLbj
s1zR5bx0ey+KlDg5x7+HuP0RCqtN6UIIvJ9OhXH/YNQCI7B7lh2ZhbbLNoogGg2G
idr1DB6ZhFPG02zaaODylD7XuIvQgVYbven13Uwsxhis+OHWr+NSXPZ8W4v3ksNw
t4+y0A22GtA2t7sX4f0ldmPOtIXnp0oNfb92CPYB5iFw+ugnWKnV+ug+O8xYbyxg
3o5VFCU2iswYGMnWiwz72+C/ODoGFtvODw+XoEW/JnNBIQPgpoDXeFh2uYQL7Nsm
Qoz20b2+ZtqlvPSAIoBpEybQPA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:39 2023 by rpki-client on console-ams.rpki-client.org