Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/3f110b-dedb-490f-9e66-6fad08aa20ee/1/ecn4NhAzlKNJEb9mOiT7HX8hMyw.roa
File: ecn4NhAzlKNJEb9mOiT7HX8hMyw.roa (raw, json)
Hash identifier: 1rskXEADiv0ylGmSFd+FYIPKsL+nEiqu3CD1WSk1vCw=
Subject key identifier: 79:C9:F8:36:10:33:94:A3:49:11:BF:66:3A:24:FB:1D:7F:21:33:2C
Certificate issuer: /CN=f1bbf9bee531f3dee2d03bbf4e69ef82eedb99af
Certificate serial: 02AB7006
Authority key identifier: F1:BB:F9:BE:E5:31:F3:DE:E2:D0:3B:BF:4E:69:EF:82:EE:DB:99:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bv5vuUx897i0Du_Tmnvgu7bma8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/3f110b-dedb-490f-9e66-6fad08aa20ee/1/ecn4NhAzlKNJEb9mOiT7HX8hMyw.roa
Signing time: Sat 01 Jan 2022 13:01:36 +0000
ROA not before: Sat 01 Jan 2022 13:01:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199248
IP address blocks: 5.56.44.0/24 maxlen: 24
5.56.40.0/24 maxlen: 24
5.56.43.0/24 maxlen: 24
5.56.41.0/24 maxlen: 24
5.56.47.0/24 maxlen: 24
5.56.46.0/24 maxlen: 24
5.56.45.0/24 maxlen: 24
2a01:46c0::/33 maxlen: 33
2a01:46c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44789766 (0x2ab7006)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1bbf9bee531f3dee2d03bbf4e69ef82eedb99af
Validity
Not Before: Jan 1 13:01:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79c9f836103394a34911bf663a24fb1d7f21332c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:17:0d:1f:8c:73:64:f9:3a:fa:8c:cf:4c:6e:
6d:db:90:83:39:5d:e3:35:a9:a2:be:06:31:10:39:
ea:ed:34:0b:2c:8c:24:1d:f2:bc:38:76:75:de:7d:
dc:a6:25:71:0c:ac:6a:0c:c7:48:49:ae:a0:ef:80:
ff:ad:19:74:fc:6c:3d:4a:fe:c3:e4:5c:56:25:cb:
d1:b6:f1:2c:0e:fa:78:7e:e1:a4:1e:ff:29:d8:9e:
db:84:0f:a8:97:63:ef:98:13:0a:32:9c:e5:d3:fe:
a5:0b:9b:6c:ce:47:95:04:9b:7f:2e:53:63:a4:72:
2d:0a:87:0f:57:8e:7c:3f:7c:f2:41:2c:28:62:2c:
3e:c0:4e:e8:ec:8a:66:50:74:b0:40:4d:12:49:30:
b8:43:3d:1b:4d:b3:0f:56:b8:03:63:a4:a3:0a:3f:
fe:17:e5:64:b4:7f:2f:24:d7:38:7d:e0:78:d0:8a:
88:65:f7:03:f4:08:43:f5:fe:d2:8b:f7:6d:c7:fb:
28:68:ff:f5:67:b0:88:24:a6:55:40:af:06:8d:8e:
84:e6:6a:c0:91:22:c5:6c:e0:8c:0a:37:19:5f:57:
8e:3b:e7:a8:f2:f4:04:39:96:ab:f5:f6:f7:dc:62:
b0:3c:ad:b7:01:c6:07:9d:f9:28:2c:13:cd:7d:ea:
2d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C9:F8:36:10:33:94:A3:49:11:BF:66:3A:24:FB:1D:7F:21:33:2C
X509v3 Authority Key Identifier:
keyid:F1:BB:F9:BE:E5:31:F3:DE:E2:D0:3B:BF:4E:69:EF:82:EE:DB:99:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bv5vuUx897i0Du_Tmnvgu7bma8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3f110b-dedb-490f-9e66-6fad08aa20ee/1/ecn4NhAzlKNJEb9mOiT7HX8hMyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3f110b-dedb-490f-9e66-6fad08aa20ee/1/8bv5vuUx897i0Du_Tmnvgu7bma8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.40.0/23
5.56.43.0-5.56.47.255
IPv6:
2a01:46c0::/33
Signature Algorithm: sha256WithRSAEncryption
95:ed:72:7a:5c:e3:e6:4a:85:50:9e:29:94:a4:77:a3:92:72:
29:d7:dd:bd:d8:e7:b7:76:c4:3f:dc:d1:55:e7:de:d3:85:ed:
13:8d:92:c6:08:5b:c3:a5:87:71:06:2f:45:54:05:f8:e0:a0:
32:80:1e:d1:c0:ca:a0:01:08:9b:da:5a:5c:46:5e:88:c7:8c:
5e:57:c1:1b:fc:15:d9:cc:6f:d1:9e:96:2a:8d:eb:eb:18:91:
fc:99:98:07:60:20:0c:56:98:78:60:0e:ba:90:e1:77:5d:6f:
05:44:1c:aa:22:9b:6f:7d:82:67:eb:ce:20:92:22:a7:58:59:
69:9a:79:ca:6d:b1:67:8c:c3:9c:19:ed:62:9b:c7:31:d3:90:
c9:4d:4d:c7:7d:19:90:6f:1c:93:6f:a4:30:a3:42:9f:8a:b9:
5b:8f:e1:7d:3d:23:24:b4:76:4e:ad:c2:bc:9a:d6:36:80:77:
1f:70:b8:8c:9f:b2:ba:98:42:20:ab:e5:52:fd:23:d7:2c:48:
1f:f5:90:91:6c:81:b0:99:1a:fa:62:b7:0c:c0:b4:54:d9:91:
3a:dd:79:07:2b:3e:bc:5a:63:e2:b5:fe:03:84:b2:c2:81:d2:
78:ea:1a:45:c9:82:d9:1b:b6:af:ab:a3:d8:77:78:5c:58:3f:
b9:44:e2:96
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEAqtwBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWJiZjliZWU1MzFmM2RlZTJkMDNiYmY0ZTY5ZWY4MmVlZGI5OWFmMB4XDTIyMDEw
MTEzMDEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzljOWY4MzYxMDMz
OTRhMzQ5MTFiZjY2M2EyNGZiMWQ3ZjIxMzMyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4XDR+Mc2T5OvqMz0xubduQgzld4zWpor4GMRA56u00CyyM
JB3yvDh2dd593KYlcQysagzHSEmuoO+A/60ZdPxsPUr+w+RcViXL0bbxLA76eH7h
pB7/Kdie24QPqJdj75gTCjKc5dP+pQubbM5HlQSbfy5TY6RyLQqHD1eOfD988kEs
KGIsPsBO6OyKZlB0sEBNEkkwuEM9G02zD1a4A2Okowo//hflZLR/LyTXOH3geNCK
iGX3A/QIQ/X+0ov3bcf7KGj/9WewiCSmVUCvBo2OhOZqwJEixWzgjAo3GV9Xjjvn
qPL0BDmWq/X299xisDyttwHGB535KCwTzX3qLTcCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBR5yfg2EDOUo0kRv2Y6JPsdfyEzLDAfBgNVHSMEGDAWgBTxu/m+5THz3uLQ
O79Oae+C7tuZrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhidjV2dVV4ODk3aTBEdV9UbW52Z3U3Ym1hOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvM2YxMTBiLWRlZGItNDkwZi05ZTY2LTZmYWQwOGFhMjBlZS8x
L2VjbjROaEF6bEtOSkViOW1PaVQ3SFg4aE15dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
M2YxMTBiLWRlZGItNDkwZi05ZTY2LTZmYWQwOGFhMjBlZS8xLzhidjV2dVV4ODk3
aTBEdV9UbW52Z3U3Ym1hOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwGgQCAAEwFAMEAQU4KDAMAwQABTgrAwQEBTggMA4E
AgACMAgDBgcqAUbAADANBgkqhkiG9w0BAQsFAAOCAQEAle1yelzj5kqFUJ4plKR3
o5JyKdfdvdjnt3bEP9zRVefe04XtE42Sxghbw6WHcQYvRVQF+OCgMoAe0cDKoAEI
m9paXEZeiMeMXlfBG/wV2cxv0Z6WKo3r6xiR/JmYB2AgDFaYeGAOupDhd11vBUQc
qiKbb32CZ+vOIJIip1hZaZp5ym2xZ4zDnBntYpvHMdOQyU1Nx30ZkG8ck2+kMKNC
n4q5W4/hfT0jJLR2Tq3CvJrWNoB3H3C4jJ+yuphCIKvlUv0j1yxIH/WQkWyBsJka
+mK3DMC0VNmROt15Bys+vFpj4rX+A4SywoHSeOoaRcmC2Ru2r6uj2Hd4XFg/uUTi
lg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:16 2023 by rpki-client on console-ams.rpki-client.org