Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/n5Ro8PZnMF_eQqlOB5hqhE9NAGY.roa
File: n5Ro8PZnMF_eQqlOB5hqhE9NAGY.roa (raw, json)
Hash identifier: e7HMc0mcM0AxidOXy76WCAtbAXs+IM39EwQTMdWg1/4=
Subject key identifier: 9F:94:68:F0:F6:67:30:5F:DE:42:A9:4E:07:98:6A:84:4F:4D:00:66
Certificate issuer: /CN=d9ee5a4c9f30498680e4d7b59ddb08f82bc6f4c7
Certificate serial: 0183C5EAB3019F477E1B70DD115B4CEEBEC9
Authority key identifier: D9:EE:5A:4C:9F:30:49:86:80:E4:D7:B5:9D:DB:08:F8:2B:C6:F4:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/n5Ro8PZnMF_eQqlOB5hqhE9NAGY.roa
Signing time: Tue 11 Oct 2022 07:20:36 +0000
ROA not before: Tue 11 Oct 2022 07:20:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209216
IP address blocks: 2.56.76.0/22 maxlen: 22
2a09:d0c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c5:ea:b3:01:9f:47:7e:1b:70:dd:11:5b:4c:ee:be:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ee5a4c9f30498680e4d7b59ddb08f82bc6f4c7
Validity
Not Before: Oct 11 07:20:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f9468f0f667305fde42a94e07986a844f4d0066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3c:37:87:5f:7f:47:02:26:2b:f2:16:7b:5f:
a5:98:ec:af:62:33:f1:b9:d1:70:96:c9:76:5f:31:
fa:51:81:c7:b1:4b:f2:25:63:b8:11:bb:26:3b:7c:
1f:e2:27:c2:fd:43:c7:08:82:b6:ec:b5:6e:a1:d7:
86:24:61:bc:7b:f1:28:0a:44:b4:6b:32:90:65:14:
ba:fb:cf:39:56:3f:76:2e:9f:c3:4f:c0:1e:16:79:
69:ea:4a:4b:b3:f2:b3:f1:91:87:10:15:84:b2:65:
52:98:98:03:96:d5:05:16:ef:ca:57:e6:3f:fc:50:
58:9f:af:f8:3b:b5:50:c7:21:db:48:af:93:ea:5c:
19:ba:d6:5a:83:7d:6c:63:60:ef:55:4c:0d:87:5e:
76:74:d4:ac:ac:4a:ec:03:25:b7:d4:bc:09:c2:da:
5f:ac:10:35:6d:19:27:12:8b:9a:05:4b:02:d0:d0:
f9:7f:a8:8d:04:01:67:fb:52:92:44:a5:7f:95:e9:
d9:0c:6d:f0:be:36:6e:c1:3e:2d:59:af:eb:e0:b2:
ba:ae:ee:16:ab:bf:48:0f:54:fa:74:01:35:5f:c6:
b4:3f:4f:e3:34:d8:50:99:14:78:4c:46:77:cd:aa:
7d:32:39:5f:1d:dd:28:0e:36:1d:2b:69:d2:30:84:
6f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:94:68:F0:F6:67:30:5F:DE:42:A9:4E:07:98:6A:84:4F:4D:00:66
X509v3 Authority Key Identifier:
keyid:D9:EE:5A:4C:9F:30:49:86:80:E4:D7:B5:9D:DB:08:F8:2B:C6:F4:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/n5Ro8PZnMF_eQqlOB5hqhE9NAGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.76.0/22
IPv6:
2a09:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
45:b2:d1:1d:01:74:e4:57:11:5e:bb:52:45:38:ca:80:ac:ec:
19:aa:90:da:95:dc:2c:fb:98:2d:30:26:b4:ac:8f:c2:3f:cf:
fe:5f:3f:41:d2:8b:91:0b:2c:0e:fd:30:a5:71:20:ae:16:c2:
f3:0a:d1:bb:37:ff:2e:59:f6:fa:5a:e1:5b:6b:29:e1:5d:cd:
aa:fe:00:95:5f:aa:52:6e:ae:02:c4:d9:44:6e:44:9a:0b:d0:
d6:18:5c:8a:14:f6:8f:b5:83:17:64:4e:21:23:12:0f:36:e5:
06:ff:ab:af:9c:20:a2:96:aa:e3:ed:97:46:af:8c:ff:17:05:
a5:d9:2c:e7:57:00:1b:db:ec:c2:ab:cd:52:33:18:4c:79:8a:
f7:79:e7:3d:df:6d:b4:b5:af:4f:08:76:a1:b1:83:75:d1:65:
6b:23:88:a8:fe:9d:9f:ac:ad:15:05:d6:31:67:77:92:b2:3f:
70:ae:e6:39:3d:1e:58:44:56:d7:5b:5a:6b:5d:64:e0:e8:56:
fc:eb:02:36:a1:da:ea:0f:8a:95:5c:36:54:b6:10:71:69:be:
2a:c0:d8:8f:e4:28:11:41:2f:8e:76:dc:07:30:c9:05:ec:bd:
7a:3a:56:fa:2c:c7:b7:79:ca:76:9d:18:ed:b3:3d:72:55:e7:
c5:18:7d:c7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYPF6rMBn0d+G3DdEVtM7r7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWU1YTRjOWYzMDQ5ODY4MGU0ZDdiNTlkZGIwOGY4MmJj
NmY0YzcwHhcNMjIxMDExMDcyMDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjk0NjhmMGY2NjczMDVmZGU0MmE5NGUwNzk4NmE4NDRmNGQwMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDw3h19/RwImK/IWe1+lmOyvYjPx
udFwlsl2XzH6UYHHsUvyJWO4EbsmO3wf4ifC/UPHCIK27LVuodeGJGG8e/EoCkS0
azKQZRS6+885Vj92Lp/DT8AeFnlp6kpLs/Kz8ZGHEBWEsmVSmJgDltUFFu/KV+Y/
/FBYn6/4O7VQxyHbSK+T6lwZutZag31sY2DvVUwNh152dNSsrErsAyW31LwJwtpf
rBA1bRknEouaBUsC0ND5f6iNBAFn+1KSRKV/lenZDG3wvjZuwT4tWa/r4LK6ru4W
q79ID1T6dAE1X8a0P0/jNNhQmRR4TEZ3zap9MjlfHd0oDjYdK2nSMIRvrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ+UaPD2ZzBf3kKpTgeYaoRPTQBmMB8GA1UdIwQY
MBaAFNnuWkyfMEmGgOTXtZ3bCPgrxvTHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmU1YVRKOHdTWWFBNU5lMW5kc0ktQ3ZHOU1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80N2E1NGEtNjM3Yy00NDg2LWIxMmMt
N2RiOWRmYmM0YWU5LzEvbjVSbzhQWm5NRl9lUXFsT0I1aHFoRTlOQUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80N2E1NGEtNjM3Yy00NDg2LWIxMmMtN2RiOWRmYmM0YWU5
LzEvMmU1YVRKOHdTWWFBNU5lMW5kc0ktQ3ZHOU1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjhMMA0E
AgACMAcDBQMqCdDAMA0GCSqGSIb3DQEBCwUAA4IBAQBFstEdAXTkVxFeu1JFOMqA
rOwZqpDaldws+5gtMCa0rI/CP8/+Xz9B0ouRCywO/TClcSCuFsLzCtG7N/8uWfb6
WuFbaynhXc2q/gCVX6pSbq4CxNlEbkSaC9DWGFyKFPaPtYMXZE4hIxIPNuUG/6uv
nCCilqrj7ZdGr4z/FwWl2SznVwAb2+zCq81SMxhMeYr3eec93220ta9PCHahsYN1
0WVrI4io/p2frK0VBdYxZ3eSsj9wruY5PR5YRFbXW1prXWTg6Fb86wI2odrqD4qV
XDZUthBxab4qwNiP5CgRQS+OdtwHMMkF7L16Olb6LMe3ecp2nRjtsz1yVefFGH3H
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:14 2023 by rpki-client on console-fra.rpki-client.org