Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/9e0f5e-8141-43c9-8f44-33ebab24bbb3/1/dyyxPOET1WGI4KBlm7E75vfq9Qo.roa
File: dyyxPOET1WGI4KBlm7E75vfq9Qo.roa (raw, json)
Hash identifier: x/O3flrVBCvWU9MJBw6PY4Okc7cb05dMv64KVL5hWuQ=
Subject key identifier: 77:2C:B1:3C:E1:13:D5:61:88:E0:A0:65:9B:B1:3B:E6:F7:EA:F5:0A
Certificate issuer: /CN=bb7d379c04f8175b35ef673d76c68e44c70e833f
Certificate serial: 018571D7C09ED9CD5A51AED2BEB3F2054C84
Authority key identifier: BB:7D:37:9C:04:F8:17:5B:35:EF:67:3D:76:C6:8E:44:C7:0E:83:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u303nAT4F1s172c9dsaORMcOgz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/9e0f5e-8141-43c9-8f44-33ebab24bbb3/1/dyyxPOET1WGI4KBlm7E75vfq9Qo.roa
Signing time: Mon 02 Jan 2023 09:37:22 +0000
ROA not before: Mon 02 Jan 2023 09:37:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35336
IP address blocks: 2.56.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:c0:9e:d9:cd:5a:51:ae:d2:be:b3:f2:05:4c:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb7d379c04f8175b35ef673d76c68e44c70e833f
Validity
Not Before: Jan 2 09:37:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=772cb13ce113d56188e0a0659bb13be6f7eaf50a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:aa:d1:3e:d9:09:ad:64:f6:12:0a:df:f3:18:
9a:f1:5e:2a:e4:21:94:6e:ad:11:87:64:63:c9:ae:
f5:b0:18:00:65:47:59:47:a7:41:ee:d4:e6:79:32:
9e:3f:0b:31:17:b1:70:b0:88:9b:0c:31:35:3b:05:
f0:0d:25:16:c6:b3:d7:55:99:3f:96:8d:a1:c2:58:
03:d0:e8:e7:8b:4f:85:65:2f:7c:08:b8:19:4f:f4:
df:b9:06:ae:04:20:ff:37:0f:ba:aa:37:a1:c3:7d:
83:7f:ac:2e:26:9f:87:d1:bb:f2:e9:f0:a3:aa:15:
be:8a:9b:b6:65:0e:80:2e:b7:30:90:3e:56:74:3d:
79:d9:79:ac:2c:49:97:d9:59:ec:91:c5:64:f6:f7:
1f:d3:53:8d:8b:75:31:45:2d:f5:2a:7e:b4:8f:45:
30:6f:1c:70:ae:5e:a2:08:56:eb:5c:87:27:96:28:
86:7e:e1:75:8b:53:ba:b9:41:34:da:fd:3d:1b:94:
13:73:bf:9d:ba:fd:d0:6a:60:d4:75:8b:67:c4:4b:
d0:28:1f:80:38:5f:02:dc:87:6c:9a:f8:b7:bc:15:
72:63:2b:4a:e2:00:36:a3:8f:a3:fe:b9:d4:3c:36:
c0:51:92:8a:e3:ba:28:72:41:41:49:4e:11:f4:a8:
cb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:2C:B1:3C:E1:13:D5:61:88:E0:A0:65:9B:B1:3B:E6:F7:EA:F5:0A
X509v3 Authority Key Identifier:
keyid:BB:7D:37:9C:04:F8:17:5B:35:EF:67:3D:76:C6:8E:44:C7:0E:83:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u303nAT4F1s172c9dsaORMcOgz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/9e0f5e-8141-43c9-8f44-33ebab24bbb3/1/dyyxPOET1WGI4KBlm7E75vfq9Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/9e0f5e-8141-43c9-8f44-33ebab24bbb3/1/u303nAT4F1s172c9dsaORMcOgz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.40.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:01:9e:c5:b1:ab:8b:67:b1:39:a4:d1:c3:71:96:5f:e5:b2:
26:d7:59:b4:66:0b:ac:4b:c4:c0:38:05:9e:19:cb:e7:81:3f:
92:f9:d4:f7:d0:de:77:a5:d7:b5:0b:cc:87:a5:b5:74:fa:46:
a9:21:6c:9d:d7:ef:2e:b9:42:dc:d6:fd:60:09:ce:e4:70:00:
52:94:d0:fc:e5:28:9d:32:9e:39:e2:5c:5c:fc:0d:91:41:6b:
26:97:7d:67:81:a1:9a:73:4d:b9:ad:92:e2:70:ca:20:69:11:
a3:de:76:53:8d:a8:f9:0a:9f:c4:8f:a5:a9:82:7f:17:a0:6d:
46:e0:d3:69:83:3f:da:44:09:be:30:05:f6:2a:74:7f:09:8b:
d6:c1:22:8d:80:de:8a:c9:1e:9e:00:54:24:3b:eb:6d:39:39:
a3:b8:be:4f:35:e3:31:43:dc:dd:32:bd:f9:e7:d2:2f:fe:12:
77:51:3c:87:68:04:df:7a:81:7c:52:27:06:9d:c0:1c:86:7f:
43:8c:72:e9:72:72:60:af:70:f5:cf:f2:5b:ad:03:de:14:7d:
fb:f1:15:d6:c0:e7:02:1e:34:79:5c:1b:14:d9:56:b4:b2:10:
03:cb:ae:5d:38:24:02:9d:11:b1:4f:c8:2f:fc:f6:89:1d:0c:
f2:d3:ad:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx18Ce2c1aUa7SvrPyBUyEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiN2QzNzljMDRmODE3NWIzNWVmNjczZDc2YzY4ZTQ0Yzcw
ZTgzM2YwHhcNMjMwMTAyMDkzNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzJjYjEzY2UxMTNkNTYxODhlMGEwNjU5YmIxM2JlNmY3ZWFmNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6rRPtkJrWT2Egrf8xia8V4q5CGU
bq0Rh2Rjya71sBgAZUdZR6dB7tTmeTKePwsxF7FwsIibDDE1OwXwDSUWxrPXVZk/
lo2hwlgD0Ojni0+FZS98CLgZT/TfuQauBCD/Nw+6qjehw32Df6wuJp+H0bvy6fCj
qhW+ipu2ZQ6ALrcwkD5WdD152XmsLEmX2VnskcVk9vcf01ONi3UxRS31Kn60j0Uw
bxxwrl6iCFbrXIcnliiGfuF1i1O6uUE02v09G5QTc7+duv3QamDUdYtnxEvQKB+A
OF8C3Idsmvi3vBVyYytK4gA2o4+j/rnUPDbAUZKK47oockFBSU4R9KjLdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcssTzhE9VhiOCgZZuxO+b36vUKMB8GA1UdIwQY
MBaAFLt9N5wE+BdbNe9nPXbGjkTHDoM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTMwM25BVDRGMXMxNzJjOWRzYU9STWNPZ3o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85ZTBmNWUtODE0MS00M2M5LThmNDQt
MzNlYmFiMjRiYmIzLzEvZHl5eFBPRVQxV0dJNEtCbG03RTc1dmZxOVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy85ZTBmNWUtODE0MS00M2M5LThmNDQtMzNlYmFiMjRiYmIz
LzEvdTMwM25BVDRGMXMxNzJjOWRzYU9STWNPZ3o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjgoMA0G
CSqGSIb3DQEBCwUAA4IBAQBuAZ7FsauLZ7E5pNHDcZZf5bIm11m0ZgusS8TAOAWe
GcvngT+S+dT30N53pde1C8yHpbV0+kapIWyd1+8uuULc1v1gCc7kcABSlND85Sid
Mp454lxc/A2RQWsml31ngaGac025rZLicMogaRGj3nZTjaj5Cp/Ej6Wpgn8XoG1G
4NNpgz/aRAm+MAX2KnR/CYvWwSKNgN6KyR6eAFQkO+ttOTmjuL5PNeMxQ9zdMr35
59Iv/hJ3UTyHaATfeoF8UicGncAchn9DjHLpcnJgr3D1z/JbrQPeFH378RXWwOcC
HjR5XBsU2Va0shADy65dOCQCnRGxT8gv/PaJHQzy060f
-----END CERTIFICATE-----
Generated at Sun Mar 9 20:19:50 2025 by rpki-client