Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/HW9SdQoXMxg3ZWFT4de7ve-sFCM.roa
File: HW9SdQoXMxg3ZWFT4de7ve-sFCM.roa (raw, json)
Hash identifier: NVNcO72zWXIITwtvdG3rD+cYvMBAb7GOyPCsIWQ6b6g=
Subject key identifier: 1D:6F:52:75:0A:17:33:18:37:65:61:53:E1:D7:BB:BD:EF:AC:14:23
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 0182F9D5EBE33432E9903F19217DF7AF6BD0
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/HW9SdQoXMxg3ZWFT4de7ve-sFCM.roa
Signing time: Thu 01 Sep 2022 16:15:22 +0000
ROA not before: Thu 01 Sep 2022 16:15:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35744
IP address blocks: 2.57.56.0/24 maxlen: 24
2a03:3060:5353::/48 maxlen: 48
2a02:40c0:5353::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f9:d5:eb:e3:34:32:e9:90:3f:19:21:7d:f7:af:6b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Sep 1 16:15:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d6f52750a17331837656153e1d7bbbdefac1423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b7:5d:9d:b7:d2:4b:30:97:22:8a:96:aa:a8:
28:6b:e9:dd:32:07:53:dd:b3:7c:40:ad:81:f0:b0:
d0:06:a6:cc:d8:0c:08:4b:59:1d:3d:1f:ef:8c:94:
6a:c8:63:a3:54:d2:9e:bb:f4:eb:a4:01:33:3e:eb:
53:65:01:58:f3:b9:41:dd:16:1f:f1:a9:4a:12:8d:
13:98:e9:7c:0a:bb:a8:2c:0d:33:c2:03:e0:33:fb:
cd:3d:ee:f1:26:f5:04:8b:00:32:0c:06:4a:4a:b7:
01:6f:44:e7:18:22:93:bb:3b:40:e7:14:db:8f:55:
ab:20:a7:81:4c:32:70:9b:36:7c:a4:97:80:bd:2c:
3b:0e:59:8b:37:85:30:57:f4:7e:b3:60:b7:c8:ce:
60:01:27:d1:58:c6:29:9b:4c:6b:fd:06:1f:3a:a4:
cd:ad:42:0d:f8:ba:1b:7b:cf:c9:3a:42:93:b1:8f:
02:9a:a7:67:b7:79:60:1c:43:49:83:a3:15:99:60:
82:d2:f8:14:44:2e:75:c5:ee:e3:6d:18:3a:73:71:
d1:ab:91:36:b1:18:e1:17:1c:9a:ec:c8:dd:9f:55:
98:84:a1:7e:1a:17:3d:1d:29:d1:c8:ed:f6:f6:30:
e6:e7:d7:4d:ee:ea:0e:52:fc:55:b7:2d:f8:ce:c7:
65:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6F:52:75:0A:17:33:18:37:65:61:53:E1:D7:BB:BD:EF:AC:14:23
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/HW9SdQoXMxg3ZWFT4de7ve-sFCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.56.0/24
IPv6:
2a02:40c0:5353::/48
2a03:3060:5353::/48
Signature Algorithm: sha256WithRSAEncryption
9d:27:24:d3:23:2c:c8:7b:af:2f:7e:3f:4b:a7:ff:c2:8e:8c:
4b:80:ba:76:53:55:65:2f:4f:2a:29:8a:ad:8d:15:52:9e:ca:
a2:0d:6f:bf:dc:dc:47:69:d4:53:78:2d:95:b0:76:26:13:66:
8d:63:69:17:50:c9:bb:d9:a3:27:41:18:0b:ee:e5:2a:39:49:
84:5e:48:32:65:21:88:1a:71:31:19:c0:13:1c:3e:a4:8c:0c:
84:3e:59:b0:ec:29:95:19:5a:92:de:f0:43:e7:0c:78:e2:2d:
83:54:ba:38:0b:46:fd:c8:1f:9c:89:bc:d7:90:d7:ed:62:3a:
61:e2:a1:75:55:f3:9b:61:80:62:4b:8d:af:2f:5b:4f:a7:1b:
ed:83:cb:56:2d:13:c4:53:ab:2c:64:74:72:83:38:f3:94:d9:
8f:9d:64:06:85:49:c4:b3:83:e3:3a:16:2e:d8:dc:d6:c3:b2:
1d:f3:36:04:7a:5d:16:02:d6:12:9d:05:3e:3f:98:af:6a:69:
f0:28:f8:bd:59:1b:68:4c:56:43:7c:90:13:79:c4:46:c5:31:
eb:f2:cc:12:77:f3:b6:6c:dc:cf:f5:9c:ad:72:90:03:1c:02:
b5:bd:c5:89:5f:2c:44:da:b4:c5:c0:33:96:4c:ff:30:87:55:
5a:ec:59:b7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYL51evjNDLpkD8ZIX33r2vQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjIwOTAxMTYxNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDZmNTI3NTBhMTczMzE4Mzc2NTYxNTNlMWQ3YmJiZGVmYWMxNDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLddnbfSSzCXIoqWqqgoa+ndMgdT
3bN8QK2B8LDQBqbM2AwIS1kdPR/vjJRqyGOjVNKeu/TrpAEzPutTZQFY87lB3RYf
8alKEo0TmOl8CruoLA0zwgPgM/vNPe7xJvUEiwAyDAZKSrcBb0TnGCKTuztA5xTb
j1WrIKeBTDJwmzZ8pJeAvSw7DlmLN4UwV/R+s2C3yM5gASfRWMYpm0xr/QYfOqTN
rUIN+Lobe8/JOkKTsY8Cmqdnt3lgHENJg6MVmWCC0vgURC51xe7jbRg6c3HRq5E2
sRjhFxya7Mjdn1WYhKF+Ghc9HSnRyO329jDm59dN7uoOUvxVty34zsdlPwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFB1vUnUKFzMYN2VhU+HXu73vrBQjMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvSFc5U2RRb1hNeGczWldGVDRkZTd2ZS1zRkNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAAjk4MBgE
AgACMBIDBwAqAkDAU1MDBwAqAzBgU1MwDQYJKoZIhvcNAQELBQADggEBAJ0nJNMj
LMh7ry9+P0un/8KOjEuAunZTVWUvTyopiq2NFVKeyqINb7/c3Edp1FN4LZWwdiYT
Zo1jaRdQybvZoydBGAvu5So5SYReSDJlIYgacTEZwBMcPqSMDIQ+WbDsKZUZWpLe
8EPnDHjiLYNUujgLRv3IH5yJvNeQ1+1iOmHioXVV85thgGJLja8vW0+nG+2Dy1Yt
E8RTqyxkdHKDOPOU2Y+dZAaFScSzg+M6Fi7Y3NbDsh3zNgR6XRYC1hKdBT4/mK9q
afAo+L1ZG2hMVkN8kBN5xEbFMevyzBJ387Zs3M/1nK1ykAMcArW9xYlfLETatMXA
M5ZM/zCHVVrsWbc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org