Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/tzUqY3JpUnfgsVnxmQX46PQNHy4.roa
File: tzUqY3JpUnfgsVnxmQX46PQNHy4.roa (raw, json)
Hash identifier: /KX375G+skD3JmoMXczPzfeaye55lBS9vVQM/6KR5Q0=
Subject key identifier: B7:35:2A:63:72:69:52:77:E0:B1:59:F1:99:05:F8:E8:F4:0D:1F:2E
Certificate issuer: /CN=8b9f258283517df19859388e13bad1ae0268a5fb
Certificate serial: 0A1B54A3
Authority key identifier: 8B:9F:25:82:83:51:7D:F1:98:59:38:8E:13:BA:D1:AE:02:68:A5:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i58lgoNRffGYWTiOE7rRrgJopfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/tzUqY3JpUnfgsVnxmQX46PQNHy4.roa
Signing time: Sat 01 Jan 2022 14:58:23 +0000
ROA not before: Sat 01 Jan 2022 14:58:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48181
IP address blocks: 2.56.52.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169563299 (0xa1b54a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9f258283517df19859388e13bad1ae0268a5fb
Validity
Not Before: Jan 1 14:58:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7352a6372695277e0b159f19905f8e8f40d1f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:78:50:8f:d8:f2:e5:9a:13:eb:7d:6e:9c:9f:
76:78:ec:3f:61:00:56:59:95:15:f1:3a:cf:1d:0c:
eb:a3:a4:c4:e9:5a:0c:3f:bb:41:84:75:eb:88:40:
65:e7:8f:d5:81:5c:9a:4d:8f:26:5b:10:39:a9:d0:
33:f7:de:02:cf:4f:82:3e:b0:9b:34:8f:fb:10:d4:
2a:18:4a:b3:3e:63:3c:84:33:34:75:27:08:53:93:
90:26:dc:1b:b4:13:47:ae:c9:1a:9e:93:6b:33:0c:
d2:1d:d5:ce:69:3c:2d:f3:3a:da:db:b7:d2:de:5e:
61:95:c8:27:2a:43:84:d7:da:23:e6:21:af:0a:41:
3a:b4:87:be:6b:35:45:53:14:50:9d:82:b2:3a:e9:
8c:24:52:e9:95:14:dc:9c:38:1c:c1:0d:ca:69:73:
ac:ed:c4:b2:38:0a:2a:7b:49:b0:95:a4:46:37:d0:
0e:45:ad:e3:77:15:fe:55:d7:0d:94:0b:09:61:7c:
3b:1b:9d:2f:6e:a4:f3:ba:40:5f:6d:31:b6:cf:3f:
8f:69:36:ea:d7:7d:c0:a8:b2:07:17:28:80:1e:08:
ee:13:f6:0c:aa:f0:9e:c1:7b:44:fa:c9:16:81:c7:
dc:b3:4b:39:11:c0:e2:3f:1c:c5:fb:15:89:ea:ea:
9d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:35:2A:63:72:69:52:77:E0:B1:59:F1:99:05:F8:E8:F4:0D:1F:2E
X509v3 Authority Key Identifier:
keyid:8B:9F:25:82:83:51:7D:F1:98:59:38:8E:13:BA:D1:AE:02:68:A5:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i58lgoNRffGYWTiOE7rRrgJopfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/tzUqY3JpUnfgsVnxmQX46PQNHy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/i58lgoNRffGYWTiOE7rRrgJopfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.52.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:b1:c8:21:fa:9c:78:2f:e4:a5:ad:6c:14:d2:82:2e:cf:ad:
f0:2c:3c:7a:d8:b5:c9:1b:c0:53:0c:76:a3:af:1d:e7:2b:6c:
ee:6f:05:75:6a:9d:ba:83:a2:60:24:c2:fe:84:fb:f5:92:23:
6c:2a:a5:9c:d2:19:9b:90:1e:18:77:2b:27:a3:63:86:a1:39:
96:0d:f2:1f:15:5e:50:dd:28:47:1b:ef:2b:97:78:95:0e:f9:
b9:3b:57:ff:9c:7f:6c:20:50:e1:16:2a:37:06:01:83:20:c2:
8d:b0:34:77:e5:8f:4a:f3:54:fe:e7:cb:d2:4b:59:bb:f1:ce:
7a:de:1f:05:09:d1:b6:7b:5e:bf:49:cb:d5:23:a7:09:34:fb:
dd:b9:f8:15:43:16:6d:3b:f9:e1:bf:6f:1f:7f:63:8e:47:90:
8e:ee:6b:01:85:b2:3f:88:b5:0d:e9:54:4a:6a:07:3a:c8:19:
01:cc:e8:89:1a:6a:8b:9e:b3:c5:80:f2:39:d5:e5:65:8d:81:
9e:f3:29:c9:e1:64:41:a7:c4:dc:54:8b:23:46:ab:4e:e8:f4:
23:4a:2b:65:f1:03:fb:4f:cb:36:7f:92:59:d9:db:b5:cf:a7:
3d:b4:df:0f:1f:af:0f:5c:7e:88:62:dd:47:07:17:96:a8:6a:
41:f5:43:97
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEChtUozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YjlmMjU4MjgzNTE3ZGYxOTg1OTM4OGUxM2JhZDFhZTAyNjhhNWZiMB4XDTIyMDEw
MTE0NTgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjczNTJhNjM3MjY5
NTI3N2UwYjE1OWYxOTkwNWY4ZThmNDBkMWYyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJt4UI/Y8uWaE+t9bpyfdnjsP2EAVlmVFfE6zx0M66OkxOla
DD+7QYR164hAZeeP1YFcmk2PJlsQOanQM/feAs9Pgj6wmzSP+xDUKhhKsz5jPIQz
NHUnCFOTkCbcG7QTR67JGp6TazMM0h3Vzmk8LfM62tu30t5eYZXIJypDhNfaI+Yh
rwpBOrSHvms1RVMUUJ2CsjrpjCRS6ZUU3Jw4HMENymlzrO3EsjgKKntJsJWkRjfQ
DkWt43cV/lXXDZQLCWF8OxudL26k87pAX20xts8/j2k26td9wKiyBxcogB4I7hP2
DKrwnsF7RPrJFoHH3LNLORHA4j8cxfsVierqnSMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS3NSpjcmlSd+CxWfGZBfjo9A0fLjAfBgNVHSMEGDAWgBSLnyWCg1F98ZhZ
OI4TutGuAmil+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k1OGxnb05SZmZHWVdUaU9FN3JScmdKb3Bmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvNTI4ZTIxLTIzYjItNDQzNi1iYzhiLThmNWU5OTdhYjFiNS8x
L3R6VXFZM0pwVW5mZ3NWbnhtUVg0NlBRTkh5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
NTI4ZTIxLTIzYjItNDQzNi1iYzhiLThmNWU5OTdhYjFiNS8xL2k1OGxnb05SZmZH
WVdUaU9FN3JScmdKb3Bmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgI4NDANBgkqhkiG9w0BAQsFAAOC
AQEAqrHIIfqceC/kpa1sFNKCLs+t8Cw8eti1yRvAUwx2o68d5yts7m8FdWqduoOi
YCTC/oT79ZIjbCqlnNIZm5AeGHcrJ6NjhqE5lg3yHxVeUN0oRxvvK5d4lQ75uTtX
/5x/bCBQ4RYqNwYBgyDCjbA0d+WPSvNU/ufL0ktZu/HOet4fBQnRtntev0nL1SOn
CTT73bn4FUMWbTv54b9vH39jjkeQju5rAYWyP4i1DelUSmoHOsgZAczoiRpqi56z
xYDyOdXlZY2BnvMpyeFkQafE3FSLI0arTuj0I0orZfED+0/LNn+SWdnbtc+nPbTf
Dx+vD1x+iGLdRwcXlqhqQfVDlw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:00:27 2025 by rpki-client