Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/dc430d-3779-4989-b872-33644059e866/1/bi2A_L2RC7hDKk4cGmB4N30xsM0.roa
File: bi2A_L2RC7hDKk4cGmB4N30xsM0.roa (raw, json)
Hash identifier: wiFVt/bSZ8MJwSXKk/NYOpR0nSySx57eh8nEOSAN55o=
Subject key identifier: 6E:2D:80:FC:BD:91:0B:B8:43:2A:4E:1C:1A:60:78:37:7D:31:B0:CD
Certificate issuer: /CN=5aaf774ec9c273026eb117e48e73fef4288ddec8
Certificate serial: 09064427
Authority key identifier: 5A:AF:77:4E:C9:C2:73:02:6E:B1:17:E4:8E:73:FE:F4:28:8D:DE:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wq93TsnCcwJusRfkjnP-9CiN3sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/dc430d-3779-4989-b872-33644059e866/1/bi2A_L2RC7hDKk4cGmB4N30xsM0.roa
Signing time: Sat 01 Jan 2022 02:51:11 +0000
ROA not before: Sat 01 Jan 2022 02:51:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198682
IP address blocks: 78.40.112.0/22 maxlen: 24
2a05:a9c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151405607 (0x9064427)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aaf774ec9c273026eb117e48e73fef4288ddec8
Validity
Not Before: Jan 1 02:51:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e2d80fcbd910bb8432a4e1c1a6078377d31b0cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:90:a9:21:e8:b0:a2:11:b1:9e:e0:fe:e2:aa:
5d:ae:63:10:df:19:72:9e:b8:96:32:ee:c1:29:70:
34:1c:22:43:eb:dc:8d:ce:8b:c8:4c:83:63:97:ab:
ea:ca:95:34:3b:d3:8b:d8:a8:2b:54:03:65:93:5b:
f1:26:63:03:81:2d:1f:ce:4f:a9:ec:59:cd:17:e4:
8c:1c:6d:16:46:a1:87:26:2b:f2:f5:ec:e1:ab:aa:
9b:6b:cb:9c:dc:0d:1a:dc:c5:14:0b:5a:fc:35:c1:
10:28:03:57:4b:68:ed:cd:6f:4f:9b:a0:64:67:83:
4d:48:89:e5:bf:43:ea:1a:a5:78:dc:9d:e7:02:bc:
65:1f:9a:4d:75:6d:57:fb:cc:80:60:7e:9b:ca:1d:
a6:ff:c5:ba:83:32:0d:45:ba:27:0a:62:89:2f:d0:
73:c1:92:1a:47:32:bb:cf:8c:0e:d3:06:46:e1:55:
c5:7c:f7:00:47:be:8e:c7:82:6a:fe:8f:d8:28:9c:
0f:c4:ba:b8:7d:db:26:25:fe:e8:27:40:12:09:f1:
eb:ae:63:28:63:a1:02:e2:6f:b8:a6:68:e1:b0:9b:
52:0e:5c:ea:8d:af:33:80:14:ca:0b:aa:19:28:99:
aa:f5:2f:a2:c3:b2:24:f9:67:49:26:78:b5:f4:75:
91:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:2D:80:FC:BD:91:0B:B8:43:2A:4E:1C:1A:60:78:37:7D:31:B0:CD
X509v3 Authority Key Identifier:
keyid:5A:AF:77:4E:C9:C2:73:02:6E:B1:17:E4:8E:73:FE:F4:28:8D:DE:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wq93TsnCcwJusRfkjnP-9CiN3sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/dc430d-3779-4989-b872-33644059e866/1/bi2A_L2RC7hDKk4cGmB4N30xsM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/dc430d-3779-4989-b872-33644059e866/1/Wq93TsnCcwJusRfkjnP-9CiN3sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.112.0/22
IPv6:
2a05:a9c0::/32
Signature Algorithm: sha256WithRSAEncryption
26:f0:b2:e4:6c:cf:72:f6:42:48:5f:0d:38:63:80:7c:b6:92:
75:6a:19:00:fe:eb:b5:9b:ad:b8:d3:be:63:f6:c6:64:8c:8a:
b2:c5:12:0a:cb:65:3e:b0:24:32:44:06:e6:61:58:b6:be:bf:
00:dd:05:56:d0:62:84:35:dd:0d:be:c6:3d:41:f2:74:3e:d6:
64:94:f4:0a:70:29:09:cb:91:6b:44:60:2b:fe:25:47:e1:8e:
bf:55:dc:68:e7:41:7f:4b:5d:80:c0:f6:8d:d8:f3:bc:4e:75:
ef:9c:09:2d:56:57:c8:dd:92:8c:db:2d:c2:7a:07:30:f3:b5:
52:64:78:e0:7c:2c:8e:cd:12:cb:5f:da:2d:29:7f:ec:91:ab:
37:f5:8c:6e:8a:e6:3c:48:4b:db:27:31:f6:a9:b2:70:dd:43:
ea:7e:21:d8:b6:88:b2:56:7d:f4:ff:93:ba:d9:0b:49:3d:78:
b4:2c:1f:d3:e4:a9:e7:62:f8:37:1a:bb:02:1b:fd:cc:2d:33:
95:f2:b7:c5:9a:34:69:4c:fd:7b:3c:cc:08:39:cc:56:a6:24:
47:14:6a:84:ae:03:f8:c3:51:a0:36:bf:8f:0b:33:11:a0:7f:
59:37:fb:88:22:a1:60:c6:8b:65:f9:68:22:65:8d:c8:74:83:
e7:dd:db:6c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECQZEJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YWFmNzc0ZWM5YzI3MzAyNmViMTE3ZTQ4ZTczZmVmNDI4OGRkZWM4MB4XDTIyMDEw
MTAyNTExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmUyZDgwZmNiZDkx
MGJiODQzMmE0ZTFjMWE2MDc4Mzc3ZDMxYjBjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyQqSHosKIRsZ7g/uKqXa5jEN8Zcp64ljLuwSlwNBwiQ+vc
jc6LyEyDY5er6sqVNDvTi9ioK1QDZZNb8SZjA4EtH85PqexZzRfkjBxtFkahhyYr
8vXs4auqm2vLnNwNGtzFFAta/DXBECgDV0to7c1vT5ugZGeDTUiJ5b9D6hqleNyd
5wK8ZR+aTXVtV/vMgGB+m8odpv/FuoMyDUW6JwpiiS/Qc8GSGkcyu8+MDtMGRuFV
xXz3AEe+jseCav6P2CicD8S6uH3bJiX+6CdAEgnx665jKGOhAuJvuKZo4bCbUg5c
6o2vM4AUyguqGSiZqvUvosOyJPlnSSZ4tfR1ka8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRuLYD8vZELuEMqThwaYHg3fTGwzTAfBgNVHSMEGDAWgBRar3dOycJzAm6x
F+SOc/70KI3eyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dxOTNUc25DY3dKdXNSZmtqblAtOUNpTjNzZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvZGM0MzBkLTM3NzktNDk4OS1iODcyLTMzNjQ0MDU5ZTg2Ni8x
L2JpMkFfTDJSQzdoREtrNGNHbUI0TjMweHNNMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
ZGM0MzBkLTM3NzktNDk4OS1iODcyLTMzNjQ0MDU5ZTg2Ni8xL1dxOTNUc25DY3dK
dXNSZmtqblAtOUNpTjNzZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAk4ocDANBAIAAjAHAwUAKgWpwDAN
BgkqhkiG9w0BAQsFAAOCAQEAJvCy5GzPcvZCSF8NOGOAfLaSdWoZAP7rtZutuNO+
Y/bGZIyKssUSCstlPrAkMkQG5mFYtr6/AN0FVtBihDXdDb7GPUHydD7WZJT0CnAp
CcuRa0RgK/4lR+GOv1XcaOdBf0tdgMD2jdjzvE5175wJLVZXyN2SjNstwnoHMPO1
UmR44Hwsjs0Sy1/aLSl/7JGrN/WMbormPEhL2ycx9qmycN1D6n4h2LaIslZ99P+T
utkLST14tCwf0+Sp52L4Nxq7Ahv9zC0zlfK3xZo0aUz9ezzMCDnMVqYkRxRqhK4D
+MNRoDa/jwszEaB/WTf7iCKhYMaLZfloImWNyHSD593bbA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:04 2025 by rpki-client