Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/56vJfcGKVTFnw6fEzVFEwOufJ6o.roa
File: 56vJfcGKVTFnw6fEzVFEwOufJ6o.roa (raw, json)
Hash identifier: Xz7nkaFyhD1nz6BzdldgfZbfYtNFlhvPzlJVUk2yEhI=
Subject key identifier: E7:AB:C9:7D:C1:8A:55:31:67:C3:A7:C4:CD:51:44:C0:EB:9F:27:AA
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 34EE8767
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/56vJfcGKVTFnw6fEzVFEwOufJ6o.roa
Signing time: Fri 01 Apr 2022 08:52:07 +0000
ROA not before: Fri 01 Apr 2022 08:52:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 2a10:eec0:80::/41 maxlen: 41
2a10:eec0:40::/42 maxlen: 42
2a10:eec0:400::/38 maxlen: 38
2a10:eec0:2000::/35 maxlen: 35
2a10:eec0:1000::/36 maxlen: 36
2a10:eec0:8000::/33 maxlen: 33
2a10:eec0:4000::/34 maxlen: 34
2a10:eec0:200::/39 maxlen: 39
2a10:eec0:100::/40 maxlen: 40
2a10:eec0:800::/37 maxlen: 37
2a10:eec0:e::/47 maxlen: 47
2a10:eec0:20::/43 maxlen: 43
2a10:eec0:d::/48 maxlen: 48
2a10:eec0:10::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 888047463 (0x34ee8767)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 1 08:52:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7abc97dc18a553167c3a7c4cd5144c0eb9f27aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f8:4d:38:ff:70:e4:ae:e7:97:74:99:f2:c2:
86:7b:9f:0a:4d:78:86:43:ae:df:d7:8d:50:57:3a:
e4:2e:0f:1f:c5:4b:8b:98:9c:8b:f1:d5:e5:16:c2:
63:63:ac:05:dc:ee:75:a9:bd:7d:c5:f7:33:3b:e8:
e0:e7:ba:9e:83:9c:e5:18:44:98:90:04:9a:99:3e:
0f:4b:8b:08:0e:1f:18:d4:f2:ba:46:11:e4:ca:46:
78:6b:81:21:6a:9b:49:d1:75:b1:a9:8a:bf:fe:da:
0e:87:a7:c1:4f:ef:dd:22:e7:35:0f:23:d1:1a:89:
a1:53:45:9b:a0:0f:a3:0c:8d:da:5c:5b:4e:22:49:
d9:95:5f:e3:19:de:73:05:90:c7:ea:3c:bc:93:6f:
09:8c:2c:24:87:b1:e7:73:06:cd:ef:5b:a6:79:81:
c8:a8:e4:a0:f4:a3:3e:98:15:f8:87:ed:c1:41:b1:
f5:b1:f2:04:41:65:4f:16:87:85:b8:30:57:53:f8:
e6:45:96:0f:9f:a2:6e:be:01:72:cd:22:62:22:3a:
08:92:b3:a6:e2:8e:bd:3a:7b:97:c2:f4:ac:3e:ab:
f0:a4:66:bb:2e:40:57:d4:58:73:86:b4:0a:0c:0e:
75:04:59:43:b8:ef:47:62:77:59:c9:9f:36:80:81:
74:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:AB:C9:7D:C1:8A:55:31:67:C3:A7:C4:CD:51:44:C0:EB:9F:27:AA
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/56vJfcGKVTFnw6fEzVFEwOufJ6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:eec0:d::-2a10:eec0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
37:f6:00:53:a3:df:97:a6:b7:3b:e1:8c:ba:80:64:52:72:4e:
23:fe:b9:b8:fd:ec:f3:09:51:28:f9:80:44:d9:f7:5a:7d:c2:
cb:38:d4:e4:43:0f:9a:bd:ab:33:39:64:dc:c0:7d:be:64:9c:
d3:32:9b:70:01:d5:99:ac:b9:ac:50:9c:70:5f:6d:5c:3a:5d:
6b:1f:98:da:9d:c3:5a:63:ff:45:e4:db:50:34:33:44:5b:2a:
6f:d2:a3:63:f6:6a:78:3a:e2:a7:b1:db:4a:25:ab:5f:37:1a:
f4:4f:60:f1:6b:c1:91:58:ff:64:10:d6:59:49:30:56:6a:60:
16:42:e7:d5:0d:67:fc:67:2d:77:b2:08:a4:83:a1:47:2e:85:
a7:4f:96:02:78:27:fc:dc:de:29:d4:cd:75:0d:c8:23:94:50:
12:51:ba:58:64:20:7a:c3:a6:9d:ef:ad:71:fd:1e:8c:71:cd:
5b:66:28:9d:8f:9d:f7:b5:3d:49:53:13:bb:55:fa:38:7d:d0:
3d:9f:7e:00:ed:de:d7:9f:3d:df:92:9d:6b:03:3f:27:e9:4d:
fa:52:9f:1b:9b:a7:44:f4:ae:1f:53:a9:1d:ee:e3:67:90:3d:
d3:1b:46:d4:cf:31:6b:83:be:a6:1f:bf:d3:cd:9a:f3:98:94:
c1:ad:2d:01
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENO6HZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDM4MGI5YjhjMDcwNDU3ZWQ1NGJjNDVkMTJkZGRkMjQ0ZTA2ZDUyMB4XDTIyMDQw
MTA4NTIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTdhYmM5N2RjMThh
NTUzMTY3YzNhN2M0Y2Q1MTQ0YzBlYjlmMjdhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALj4TTj/cOSu55d0mfLChnufCk14hkOu39eNUFc65C4PH8VL
i5ici/HV5RbCY2OsBdzudam9fcX3Mzvo4Oe6noOc5RhEmJAEmpk+D0uLCA4fGNTy
ukYR5MpGeGuBIWqbSdF1samKv/7aDoenwU/v3SLnNQ8j0RqJoVNFm6APowyN2lxb
TiJJ2ZVf4xnecwWQx+o8vJNvCYwsJIex53MGze9bpnmByKjkoPSjPpgV+IftwUGx
9bHyBEFlTxaHhbgwV1P45kWWD5+ibr4Bcs0iYiI6CJKzpuKOvTp7l8L0rD6r8KRm
uy5AV9RYc4a0CgwOdQRZQ7jvR2J3WcmfNoCBdMUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTnq8l9wYpVMWfDp8TNUUTA658nqjAfBgNVHSMEGDAWgBS0OAubjAcEV+1U
vEXRLd3SROBtUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3REZ0xtNHdIQkZmdFZMeEYwUzNkMGtUZ2JWSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvYmM5MmU2LWM4ZWUtNDhmMC1hZTdmLTM2Y2NiNWEwNjE5NS8x
LzU2dkpmY0dLVlRGbnc2ZkV6VkZFd091Zko2by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
YmM5MmU2LWM4ZWUtNDhmMC1hZTdmLTM2Y2NiNWEwNjE5NS8xL3REZ0xtNHdIQkZm
dFZMeEYwUzNkMGtUZ2JWSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEjAQAwcAKhDuwAANAwUAKhDuwDANBgkq
hkiG9w0BAQsFAAOCAQEAN/YAU6Pfl6a3O+GMuoBkUnJOI/65uP3s8wlRKPmARNn3
Wn3CyzjU5EMPmr2rMzlk3MB9vmSc0zKbcAHVmay5rFCccF9tXDpdax+Y2p3DWmP/
ReTbUDQzRFsqb9KjY/ZqeDrip7HbSiWrXzca9E9g8WvBkVj/ZBDWWUkwVmpgFkLn
1Q1n/Gctd7IIpIOhRy6Fp0+WAngn/NzeKdTNdQ3II5RQElG6WGQgesOmne+tcf0e
jHHNW2YonY+d97U9SVMTu1X6OH3QPZ9+AO3e158935KdawM/J+lN+lKfG5unRPSu
H1OpHe7jZ5A90xtG1M8xa4O+ph+/082a85iUwa0tAQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:35 2025 by rpki-client