Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a6d77c-a10a-47ab-b552-1fc6646d1e77/1/ci1WeA1cn7Trn82X2ZRYZGofrdc.roa
File: ci1WeA1cn7Trn82X2ZRYZGofrdc.roa (raw, json)
Hash identifier: KkErwgXboTZ6xTYD1K5CQfwBYCrx7KXEHWb6a9kEUgQ=
Subject key identifier: 72:2D:56:78:0D:5C:9F:B4:EB:9F:CD:97:D9:94:58:64:6A:1F:AD:D7
Certificate issuer: /CN=2fa765753cefe816d38b250379c95766a96f06d7
Certificate serial: 0185729ED0AA56B771AE976933D924B09B12
Authority key identifier: 2F:A7:65:75:3C:EF:E8:16:D3:8B:25:03:79:C9:57:66:A9:6F:06:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6dldTzv6BbTiyUDeclXZqlvBtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a6d77c-a10a-47ab-b552-1fc6646d1e77/1/ci1WeA1cn7Trn82X2ZRYZGofrdc.roa
Signing time: Mon 02 Jan 2023 13:14:48 +0000
ROA not before: Mon 02 Jan 2023 13:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209062
IP address blocks: 2.57.208.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:d0:aa:56:b7:71:ae:97:69:33:d9:24:b0:9b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa765753cefe816d38b250379c95766a96f06d7
Validity
Not Before: Jan 2 13:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=722d56780d5c9fb4eb9fcd97d99458646a1fadd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f8:cd:57:d1:22:0b:b0:a0:6f:38:d5:b5:ac:
44:8d:f3:eb:0e:0f:4f:d2:15:e9:02:53:28:6e:e8:
43:6d:8f:08:bc:b6:60:54:ea:64:68:ab:3f:46:51:
71:eb:88:42:b5:6d:4f:ef:dd:da:33:0e:c4:c4:02:
bf:70:c6:fb:94:37:91:8a:68:a6:e6:61:96:2a:b0:
dd:53:a4:71:e8:44:c2:c4:70:02:0c:66:4a:4e:0c:
85:5a:a4:54:d9:02:52:75:83:59:1e:93:ae:cc:49:
0d:88:61:df:36:9b:cc:5f:86:7b:2e:b6:fb:cc:a6:
89:fb:00:a8:d4:13:dd:3d:92:1f:14:74:e6:30:79:
56:ba:ca:2c:7f:42:01:cd:4a:b2:e9:d9:12:b4:46:
08:38:e0:9b:2e:e5:22:83:e9:92:42:98:b9:ca:e8:
65:c1:f7:ba:a9:2f:24:bc:b6:02:1a:0b:d9:ab:52:
96:5a:04:c5:fe:45:c4:4b:f5:a7:04:f8:a5:9a:75:
60:fb:6b:22:78:0d:0b:dc:5f:39:54:5b:2d:b4:70:
ff:04:d3:37:aa:82:fe:45:4d:73:0a:77:51:fb:91:
4d:04:ea:c1:35:d4:dc:0c:ce:59:3a:ab:9d:4d:ef:
a8:85:d9:b0:50:b4:a0:14:89:4b:7d:1c:51:02:7f:
eb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:2D:56:78:0D:5C:9F:B4:EB:9F:CD:97:D9:94:58:64:6A:1F:AD:D7
X509v3 Authority Key Identifier:
keyid:2F:A7:65:75:3C:EF:E8:16:D3:8B:25:03:79:C9:57:66:A9:6F:06:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6dldTzv6BbTiyUDeclXZqlvBtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a6d77c-a10a-47ab-b552-1fc6646d1e77/1/ci1WeA1cn7Trn82X2ZRYZGofrdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a6d77c-a10a-47ab-b552-1fc6646d1e77/1/L6dldTzv6BbTiyUDeclXZqlvBtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.208.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:4f:c0:24:fc:2b:14:6f:a1:40:b5:58:72:d6:56:b7:a8:b7:
86:52:5b:7a:6f:5c:c2:64:9d:cb:26:2e:5d:e5:db:2d:cc:cf:
ba:0e:6f:04:bb:97:cc:3b:c2:73:14:e8:25:a1:37:bb:f4:96:
ff:c5:3b:5c:6f:90:80:38:73:df:be:4e:9a:48:48:cc:3a:c2:
11:db:43:8e:9f:2a:77:31:5c:ac:72:5d:15:74:96:02:a9:4c:
10:3a:9d:27:ac:54:f8:73:69:60:ba:5f:1c:73:24:34:6c:5a:
0c:90:57:fa:6f:e8:9c:85:61:fd:9d:dc:1b:b2:9f:f3:aa:1e:
c9:0e:d4:40:b9:3a:9f:0b:ed:38:f2:01:76:d4:15:fc:d5:e8:
6d:11:94:fe:32:79:3c:41:16:86:5f:c1:07:4a:d6:0d:81:b7:
19:4c:a3:83:5b:5f:dd:15:63:5f:7c:63:d5:bf:44:23:6a:5e:
df:09:e5:dd:67:33:f9:bb:1f:94:77:52:82:ce:81:75:00:32:
f0:bd:d9:bc:4d:0c:66:d6:9b:46:d9:09:b5:e0:64:8a:c0:09:
a3:18:1b:40:46:86:2f:16:a9:7f:5e:e4:76:62:f8:43:42:91:
aa:1e:9c:90:4b:a0:48:ae:70:d0:59:80:48:b6:53:25:be:96:
6b:39:fb:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyntCqVrdxrpdpM9kksJsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTc2NTc1M2NlZmU4MTZkMzhiMjUwMzc5Yzk1NzY2YTk2
ZjA2ZDcwHhcNMjMwMTAyMTMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjJkNTY3ODBkNWM5ZmI0ZWI5ZmNkOTdkOTk0NTg2NDZhMWZhZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/jNV9EiC7CgbzjVtaxEjfPrDg9P
0hXpAlMobuhDbY8IvLZgVOpkaKs/RlFx64hCtW1P793aMw7ExAK/cMb7lDeRimim
5mGWKrDdU6Rx6ETCxHACDGZKTgyFWqRU2QJSdYNZHpOuzEkNiGHfNpvMX4Z7Lrb7
zKaJ+wCo1BPdPZIfFHTmMHlWusosf0IBzUqy6dkStEYIOOCbLuUig+mSQpi5yuhl
wfe6qS8kvLYCGgvZq1KWWgTF/kXES/WnBPilmnVg+2sieA0L3F85VFsttHD/BNM3
qoL+RU1zCndR+5FNBOrBNdTcDM5ZOqudTe+ohdmwULSgFIlLfRxRAn/rbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHItVngNXJ+065/Nl9mUWGRqH63XMB8GA1UdIwQY
MBaAFC+nZXU87+gW04slA3nJV2apbwbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZkbGRUenY2QmJUaXlVRGVjbFhacWx2QnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNmQ3N2MtYTEwYS00N2FiLWI1NTIt
MWZjNjY0NmQxZTc3LzEvY2kxV2VBMWNuN1RybjgyWDJaUllaR29mcmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hNmQ3N2MtYTEwYS00N2FiLWI1NTItMWZjNjY0NmQxZTc3
LzEvTDZkbGRUenY2QmJUaXlVRGVjbFhacWx2QnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjnQMA0G
CSqGSIb3DQEBCwUAA4IBAQAcT8Ak/CsUb6FAtVhy1la3qLeGUlt6b1zCZJ3LJi5d
5dstzM+6Dm8Eu5fMO8JzFOgloTe79Jb/xTtcb5CAOHPfvk6aSEjMOsIR20OOnyp3
MVyscl0VdJYCqUwQOp0nrFT4c2lgul8ccyQ0bFoMkFf6b+ichWH9ndwbsp/zqh7J
DtRAuTqfC+048gF21BX81ehtEZT+Mnk8QRaGX8EHStYNgbcZTKODW1/dFWNffGPV
v0Qjal7fCeXdZzP5ux+Ud1KCzoF1ADLwvdm8TQxm1ptG2Qm14GSKwAmjGBtARoYv
Fql/XuR2YvhDQpGqHpyQS6BIrnDQWYBItlMlvpZrOfsk
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:35 2025 by rpki-client