Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/5wTHA-GHkwStQPEWLVE613ZjB2M.roa
File: 5wTHA-GHkwStQPEWLVE613ZjB2M.roa (raw, json)
Hash identifier: lsv6v4G0yQ1uLnH4C8vcPYFaEFpwJogRLVbOVDvxROI=
Subject key identifier: E7:04:C7:03:E1:87:93:04:AD:40:F1:16:2D:51:3A:D7:76:63:07:63
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 012CB7AD
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/5wTHA-GHkwStQPEWLVE613ZjB2M.roa
Signing time: Sat 01 Jan 2022 11:59:10 +0000
ROA not before: Sat 01 Jan 2022 11:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 11426
IP address blocks: 2.56.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19707821 (0x12cb7ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jan 1 11:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e704c703e1879304ad40f1162d513ad776630763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f3:ad:e0:ec:54:ab:c0:7c:ab:cc:d6:8f:f7:
1e:08:32:c7:57:e6:3a:e8:71:b2:73:87:f1:30:fa:
4e:81:d1:56:cf:d6:07:39:e4:1a:7f:c3:7d:82:60:
48:eb:4f:96:9d:f1:1c:ab:e4:18:62:24:c5:be:6b:
b2:1a:cf:53:bd:a0:89:58:63:4c:73:d8:6b:09:e7:
f1:a9:ab:e2:2d:3a:ed:7a:8b:36:7d:73:5d:77:c7:
bd:c6:7a:4c:fb:aa:9c:19:06:91:d2:0c:2d:36:4a:
1b:fb:0a:a2:64:92:c5:b2:60:4b:db:49:ca:24:c3:
2c:84:f9:3c:d2:37:53:a0:e3:79:21:7c:f4:20:7e:
07:38:84:20:55:fb:fe:98:5a:34:89:fb:7f:1b:b2:
86:89:87:bb:ab:4f:fd:65:d8:ad:43:99:3b:7d:f0:
5b:80:51:78:fd:a9:bb:eb:23:65:cf:69:bd:fc:61:
0e:c3:a4:06:8e:fa:d9:09:ea:6d:d4:e6:81:28:37:
11:4c:69:42:64:a0:01:5f:a7:44:97:e5:7c:ef:88:
e1:e2:7c:f7:dc:9d:92:9c:b4:d3:a7:33:95:48:84:
cf:88:81:5d:e1:c1:b2:a5:5e:d1:3d:2b:cb:25:26:
54:a4:d2:3f:69:8f:5a:85:aa:1a:78:1a:d7:bf:9b:
7a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:04:C7:03:E1:87:93:04:AD:40:F1:16:2D:51:3A:D7:76:63:07:63
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/5wTHA-GHkwStQPEWLVE613ZjB2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.32.0/22
Signature Algorithm: sha256WithRSAEncryption
76:2f:94:d8:b3:54:54:f8:a0:b2:f8:65:88:be:ff:3c:e5:a3:
f7:6b:41:a3:0e:13:64:4c:80:34:fa:2d:3e:3a:e2:07:b4:ba:
18:7f:2e:58:b1:7c:a0:7a:ca:fd:06:8b:9f:b5:93:8a:1d:5c:
d0:3e:7c:b3:12:3c:f1:04:4d:b7:0d:8d:c2:e0:6f:29:e0:0e:
61:e3:3a:c1:0c:75:b6:40:b7:57:cd:19:91:a2:41:1e:b2:0b:
ee:3f:9e:b5:38:af:49:6a:67:65:82:26:54:a0:3e:86:55:3b:
db:54:1e:2a:bc:fe:8c:17:19:b7:54:e0:05:a2:1b:5c:00:54:
e9:1f:4f:47:6e:54:b3:1c:87:30:00:6f:b9:33:28:fc:7f:40:
bb:77:a4:99:05:a7:44:6d:8e:8e:0a:5d:60:fe:d0:64:14:a1:
8b:22:e7:5e:aa:fc:70:78:6e:08:cd:41:a8:e5:16:8a:cb:46:
d9:b1:b8:f0:95:c4:52:f6:ec:01:3d:dd:93:02:0e:df:2d:ec:
fc:21:c3:ef:4a:af:d2:78:8a:9c:15:3f:5d:49:d9:74:f2:01:
01:c8:5c:fe:92:d9:c7:a8:6f:4f:f8:2d:c0:16:a6:08:82:a1:
b2:61:99:d6:17:53:0c:a8:5e:5d:07:b3:e8:07:9a:6d:f1:21:
07:fa:be:c6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASy3rTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Y2IyNWNlNTUwZTRkOWJkYTA1YmQ1ZDQ1YzhiNmJhMzc0MzBiYmJhMB4XDTIyMDEw
MTExNTkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTcwNGM3MDNlMTg3
OTMwNGFkNDBmMTE2MmQ1MTNhZDc3NjYzMDc2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbzreDsVKvAfKvM1o/3Hggyx1fmOuhxsnOH8TD6ToHRVs/W
BznkGn/DfYJgSOtPlp3xHKvkGGIkxb5rshrPU72giVhjTHPYawnn8amr4i067XqL
Nn1zXXfHvcZ6TPuqnBkGkdIMLTZKG/sKomSSxbJgS9tJyiTDLIT5PNI3U6DjeSF8
9CB+BziEIFX7/phaNIn7fxuyhomHu6tP/WXYrUOZO33wW4BReP2pu+sjZc9pvfxh
DsOkBo762QnqbdTmgSg3EUxpQmSgAV+nRJflfO+I4eJ899ydkpy006czlUiEz4iB
XeHBsqVe0T0ryyUmVKTSP2mPWoWqGnga17+bepECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTnBMcD4YeTBK1A8RYtUTrXdmMHYzAfBgNVHSMEGDAWgBScslzlUOTZvaBb
1dRci2ujdDC7ujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25MSmM1VkRrMmIyZ1c5WFVYSXRybzNRd3U3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvNGYzMzZiLTRhNzktNDQyNS05NTU2LWJlNDVmMGQyYWJiYi8x
LzV3VEhBLUdIa3dTdFFQRVdMVkU2MTNaakIyTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
NGYzMzZiLTRhNzktNDQyNS05NTU2LWJlNDVmMGQyYWJiYi8xL25MSmM1VkRrMmIy
Z1c5WFVYSXRybzNRd3U3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgI4IDANBgkqhkiG9w0BAQsFAAOC
AQEAdi+U2LNUVPigsvhliL7/POWj92tBow4TZEyANPotPjriB7S6GH8uWLF8oHrK
/QaLn7WTih1c0D58sxI88QRNtw2NwuBvKeAOYeM6wQx1tkC3V80ZkaJBHrIL7j+e
tTivSWpnZYImVKA+hlU721QeKrz+jBcZt1TgBaIbXABU6R9PR25UsxyHMABvuTMo
/H9Au3ekmQWnRG2OjgpdYP7QZBShiyLnXqr8cHhuCM1BqOUWistG2bG48JXEUvbs
AT3dkwIO3y3s/CHD70qv0niKnBU/XUnZdPIBAchc/pLZx6hvT/gtwBamCIKhsmGZ
1hdTDKheXQez6AeabfEhB/q+xg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:39 2023 by rpki-client on console-ams.rpki-client.org