Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/6z4UqtAAiqdtFEU7dwDasUQcT5o.roa
File: 6z4UqtAAiqdtFEU7dwDasUQcT5o.roa (raw, json)
Hash identifier: 4oK/sL5eJv/s0LHxbDjLviEgHSYaEQS1AKggk3tV6kc=
Subject key identifier: EB:3E:14:AA:D0:00:8A:A7:6D:14:45:3B:77:00:DA:B1:44:1C:4F:9A
Certificate issuer: /CN=d9ee5a4c9f30498680e4d7b59ddb08f82bc6f4c7
Certificate serial: 0183C106F2BB58BA81D5FE18E872681B9D17
Authority key identifier: D9:EE:5A:4C:9F:30:49:86:80:E4:D7:B5:9D:DB:08:F8:2B:C6:F4:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/6z4UqtAAiqdtFEU7dwDasUQcT5o.roa
Signing time: Mon 10 Oct 2022 08:33:21 +0000
ROA not before: Mon 10 Oct 2022 08:33:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209216
IP address blocks: 2.56.76.0/22 maxlen: 22
2a09:d0c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c1:06:f2:bb:58:ba:81:d5:fe:18:e8:72:68:1b:9d:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ee5a4c9f30498680e4d7b59ddb08f82bc6f4c7
Validity
Not Before: Oct 10 08:33:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb3e14aad0008aa76d14453b7700dab1441c4f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:00:70:0b:2c:cd:4d:3e:77:06:8c:d2:a9:76:
6a:8c:85:6b:1d:8b:85:cc:b6:cd:52:c1:52:a6:c5:
68:23:0a:d3:b7:5c:e6:82:df:ee:8d:dd:fb:62:e4:
52:9f:f7:94:b6:df:4f:58:d4:9f:37:0f:ad:d1:b4:
42:5a:ce:e3:36:8a:b4:dc:a7:f5:1d:5b:fd:a8:01:
33:62:3d:f1:a8:0b:f3:a4:55:60:0c:c5:63:be:d8:
09:1b:df:6e:74:95:5a:61:ad:f3:83:cc:0d:7f:2a:
73:e9:01:79:09:2a:10:9a:92:fa:b4:04:fd:48:03:
68:7b:9b:26:3a:09:db:ac:af:69:5f:31:dd:76:b5:
5f:5b:ab:d3:4f:8f:18:e9:77:b5:27:ac:74:13:89:
2b:1e:c2:b3:57:63:10:9b:31:3d:bd:4f:0d:83:ef:
e8:73:cf:45:e6:61:e3:84:6c:db:7d:59:e3:44:2e:
09:8a:35:a7:44:13:63:fe:3b:50:00:2e:ed:00:1f:
f7:c9:a7:9e:e1:ce:a5:a0:7e:3c:06:93:47:49:af:
be:3b:92:92:5d:c7:8e:f3:31:93:b1:6c:d8:62:f7:
a8:b1:b3:c3:c5:16:6d:c6:f6:55:22:c8:16:3b:e3:
e5:ca:6f:84:cf:39:00:ba:6a:b5:6a:ad:18:29:14:
5d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:3E:14:AA:D0:00:8A:A7:6D:14:45:3B:77:00:DA:B1:44:1C:4F:9A
X509v3 Authority Key Identifier:
keyid:D9:EE:5A:4C:9F:30:49:86:80:E4:D7:B5:9D:DB:08:F8:2B:C6:F4:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/6z4UqtAAiqdtFEU7dwDasUQcT5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.76.0/22
IPv6:
2a09:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:e4:75:6e:e1:8d:19:42:ab:00:b1:ac:15:03:2b:d0:64:80:
b3:e7:dc:91:7d:d3:0a:0a:47:d2:99:0d:d5:7e:ac:ff:2b:41:
7c:f5:9c:fe:66:64:12:0a:41:75:f0:49:69:89:f4:f3:15:23:
b2:b7:ec:9a:c9:0e:bd:e7:0d:45:54:f5:63:05:3d:06:a7:0d:
ad:20:23:22:58:70:49:b2:d2:02:44:a7:2c:c8:11:29:2c:72:
2f:af:e9:9a:bf:b1:1e:dd:de:3b:bb:34:49:7b:cd:02:c6:a6:
d4:62:cd:4b:5a:51:08:4f:85:f8:ba:48:b6:89:8b:32:65:a2:
86:44:57:ab:5f:53:59:2a:e2:c6:32:53:9c:77:55:74:79:2f:
fc:fc:72:74:f0:98:a8:ce:91:f3:09:d0:f2:25:d3:ec:64:cc:
7f:a5:f7:17:e7:b7:60:83:df:84:04:eb:50:fa:bd:b7:ab:b1:
2c:30:5d:0c:3e:39:fb:ce:e6:72:86:b0:49:82:77:9e:90:0c:
0a:af:1e:c7:72:39:a0:49:72:97:d9:2c:95:49:37:68:13:eb:
50:d5:6e:8c:50:3b:98:8d:5f:c6:ce:24:e5:22:69:c1:2b:e3:
91:f9:51:1e:95:3b:eb:e3:9d:36:2a:60:f4:a0:c5:d6:8f:94:
e9:03:13:b0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYPBBvK7WLqB1f4Y6HJoG50XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWU1YTRjOWYzMDQ5ODY4MGU0ZDdiNTlkZGIwOGY4MmJj
NmY0YzcwHhcNMjIxMDEwMDgzMzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjNlMTRhYWQwMDA4YWE3NmQxNDQ1M2I3NzAwZGFiMTQ0MWM0ZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwBwCyzNTT53BozSqXZqjIVrHYuF
zLbNUsFSpsVoIwrTt1zmgt/ujd37YuRSn/eUtt9PWNSfNw+t0bRCWs7jNoq03Kf1
HVv9qAEzYj3xqAvzpFVgDMVjvtgJG99udJVaYa3zg8wNfypz6QF5CSoQmpL6tAT9
SANoe5smOgnbrK9pXzHddrVfW6vTT48Y6Xe1J6x0E4krHsKzV2MQmzE9vU8Ng+/o
c89F5mHjhGzbfVnjRC4JijWnRBNj/jtQAC7tAB/3yaee4c6loH48BpNHSa++O5KS
XceO8zGTsWzYYveosbPDxRZtxvZVIsgWO+Plym+EzzkAumq1aq0YKRRdhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOs+FKrQAIqnbRRFO3cA2rFEHE+aMB8GA1UdIwQY
MBaAFNnuWkyfMEmGgOTXtZ3bCPgrxvTHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmU1YVRKOHdTWWFBNU5lMW5kc0ktQ3ZHOU1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80N2E1NGEtNjM3Yy00NDg2LWIxMmMt
N2RiOWRmYmM0YWU5LzEvNno0VXF0QUFpcWR0RkVVN2R3RGFzVVFjVDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80N2E1NGEtNjM3Yy00NDg2LWIxMmMtN2RiOWRmYmM0YWU5
LzEvMmU1YVRKOHdTWWFBNU5lMW5kc0ktQ3ZHOU1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjhMMA0E
AgACMAcDBQMqCdDAMA0GCSqGSIb3DQEBCwUAA4IBAQBL5HVu4Y0ZQqsAsawVAyvQ
ZICz59yRfdMKCkfSmQ3Vfqz/K0F89Zz+ZmQSCkF18ElpifTzFSOyt+yayQ695w1F
VPVjBT0Gpw2tICMiWHBJstICRKcsyBEpLHIvr+mav7Ee3d47uzRJe80CxqbUYs1L
WlEIT4X4uki2iYsyZaKGRFerX1NZKuLGMlOcd1V0eS/8/HJ08JiozpHzCdDyJdPs
ZMx/pfcX57dgg9+EBOtQ+r23q7EsMF0MPjn7zuZyhrBJgneekAwKrx7HcjmgSXKX
2SyVSTdoE+tQ1W6MUDuYjV/GziTlImnBK+OR+VEelTvr4502KmD0oMXWj5TpAxOw
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:14 2023 by rpki-client on console-fra.rpki-client.org