Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/YbTH4X4GLZ4xjMXd9f-8OAXOHmw.roa
File: YbTH4X4GLZ4xjMXd9f-8OAXOHmw.roa (raw, json)
Hash identifier: rnF4EVEd0poHPILGrGpCk1Ljb3tuxa0WaEfNUo37k+M=
Subject key identifier: 61:B4:C7:E1:7E:06:2D:9E:31:8C:C5:DD:F5:FF:BC:38:05:CE:1E:6C
Certificate issuer: /CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca
Certificate serial: 131AEE
Authority key identifier: 2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/YbTH4X4GLZ4xjMXd9f-8OAXOHmw.roa
Signing time: Sat 01 Jan 2022 02:59:25 +0000
ROA not before: Sat 01 Jan 2022 02:59:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43309
IP address blocks: 2.56.168.0/24 maxlen: 24
2a0f:ca00::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1252078 (0x131aee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca
Validity
Not Before: Jan 1 02:59:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61b4c7e17e062d9e318cc5ddf5ffbc3805ce1e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d7:ac:91:cd:12:09:65:9d:87:6e:c5:d0:bc:
f3:9e:c0:ba:7c:0d:04:44:64:31:a7:85:9f:5d:13:
2a:77:f7:0b:3a:9f:d9:83:ee:0c:19:d7:fc:09:11:
08:2b:36:34:59:67:ba:f3:71:47:fe:6c:c0:7a:a8:
d0:ba:3b:1a:cc:e6:5e:74:87:0a:69:ee:d9:73:4e:
81:36:b9:f2:66:79:ad:93:95:38:d5:6f:ac:a0:29:
12:8e:38:37:d6:ad:f1:0f:06:bc:b9:53:de:8f:3f:
80:f3:99:30:a8:a4:73:02:c3:d1:b9:ef:ef:f8:16:
be:15:05:22:7b:25:ef:21:3b:d0:4a:d0:ea:b5:97:
6d:7f:d3:33:96:87:66:7e:d9:e2:be:0d:f1:0c:38:
bf:d1:4f:8f:15:f8:d8:cf:bb:4f:23:df:66:90:ca:
e7:62:4e:32:3a:dc:bb:3f:57:8f:70:38:52:f3:9a:
89:6e:25:11:2a:fe:7d:f1:20:1d:ba:29:1b:74:75:
d6:36:36:b4:b6:64:30:be:17:ff:8d:e4:d6:69:33:
9e:83:3e:59:97:ab:64:2b:37:87:0c:1b:c5:0f:02:
69:5b:9c:b2:6d:e7:e6:06:16:a5:8f:a3:f0:9e:9a:
a7:56:1c:e1:30:86:61:fd:4b:af:07:b1:35:38:d3:
75:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B4:C7:E1:7E:06:2D:9E:31:8C:C5:DD:F5:FF:BC:38:05:CE:1E:6C
X509v3 Authority Key Identifier:
keyid:2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/YbTH4X4GLZ4xjMXd9f-8OAXOHmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Kt1DinzjyzefKM-gUc9j1a2P48o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.168.0/24
IPv6:
2a0f:ca00::/33
Signature Algorithm: sha256WithRSAEncryption
89:b5:6a:38:9e:22:9e:c6:d2:a3:56:c1:52:a6:96:eb:85:23:
25:fc:ac:a6:4c:33:eb:bf:31:23:fb:ef:f1:ae:68:36:dd:d4:
be:0d:dd:95:c2:a7:88:68:c6:27:fe:97:80:b4:1d:86:52:b2:
af:9e:d4:c2:69:bc:96:d4:0c:34:48:b5:01:92:ba:60:a1:63:
07:20:24:51:75:78:ce:f4:d8:84:b3:e5:0a:db:71:4c:41:2a:
8f:2d:20:88:a6:78:84:0e:ee:00:97:19:1c:19:a1:29:f5:55:
77:46:4d:22:f2:51:ae:09:ea:1c:33:5f:c4:57:f3:9f:93:3b:
27:4d:11:c4:15:4d:d0:71:2f:aa:a0:8f:7a:a1:6b:d0:35:f7:
a5:a1:9e:7d:83:55:d2:f8:fd:da:76:81:2f:5e:16:e9:f7:73:
cd:65:fd:e0:16:aa:54:a3:e5:f3:69:65:b9:ae:86:33:2a:4b:
78:50:68:e3:69:0f:6e:72:bc:98:08:9b:f7:ec:5a:4a:db:69:
b6:c2:47:04:34:51:6a:94:76:44:17:bd:89:c6:bd:7f:62:ce:
a6:e8:b3:57:78:a8:08:e8:59:40:35:f5:6a:5e:85:17:07:53:
ac:25:bc:b3:e2:92:cf:8f:a5:4e:e7:69:dd:52:46:6e:7c:8e:
58:c8:df:d1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIDExruMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJh
ZGQ0MzhhN2NlM2NiMzc5ZjI4Y2ZhMDUxY2Y2M2Q1YWQ4ZmUzY2EwHhcNMjIwMTAx
MDI1OTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MWI0YzdlMTdlMDYy
ZDllMzE4Y2M1ZGRmNWZmYmMzODA1Y2UxZTZjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2Neskc0SCWWdh27F0LzznsC6fA0ERGQxp4WfXRMqd/cLOp/Z
g+4MGdf8CREIKzY0WWe683FH/mzAeqjQujsazOZedIcKae7Zc06BNrnyZnmtk5U4
1W+soCkSjjg31q3xDwa8uVPejz+A85kwqKRzAsPRue/v+Ba+FQUieyXvITvQStDq
tZdtf9Mzlodmftnivg3xDDi/0U+PFfjYz7tPI99mkMrnYk4yOty7P1ePcDhS85qJ
biURKv598SAduikbdHXWNja0tmQwvhf/jeTWaTOegz5Zl6tkKzeHDBvFDwJpW5yy
befmBhalj6PwnpqnVhzhMIZh/UuvB7E1ONN1JwIDAQABo4ICGTCCAhUwHQYDVR0O
BBYEFGG0x+F+Bi2eMYzF3fX/vDgFzh5sMB8GA1UdIwQYMBaAFCrdQ4p848s3nyjP
oFHPY9Wtj+PKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S3QxRGluemp5emVmS00tZ1VjOWoxYTJQNDhvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kZC8wYjYxY2YtODBiYS00ZThlLWEyZTUtMjBhMGQxMzBjNDU2LzEv
WWJUSDRYNEdMWjR4ak1YZDlmLThPQVhPSG13LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8w
YjYxY2YtODBiYS00ZThlLWEyZTUtMjBhMGQxMzBjNDU2LzEvS3QxRGluemp5emVm
S00tZ1VjOWoxYTJQNDhvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC8G
CCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAAjioMA4EAgACMAgDBgcqD8oAADAN
BgkqhkiG9w0BAQsFAAOCAQEAibVqOJ4insbSo1bBUqaW64UjJfyspkwz678xI/vv
8a5oNt3Uvg3dlcKniGjGJ/6XgLQdhlKyr57Uwmm8ltQMNEi1AZK6YKFjByAkUXV4
zvTYhLPlCttxTEEqjy0giKZ4hA7uAJcZHBmhKfVVd0ZNIvJRrgnqHDNfxFfzn5M7
J00RxBVN0HEvqqCPeqFr0DX3paGefYNV0vj92naBL14W6fdzzWX94BaqVKPl82ll
ua6GMypLeFBo42kPbnK8mAib9+xaSttptsJHBDRRapR2RBe9ica9f2LOpuizV3io
COhZQDX1al6FFwdTrCW8s+KSz4+lTudp3VJGbnyOWMjf0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:52 2024 by rpki-client on console-ams.rpki-client.org