Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/cHz-zKnSxYHFa4V9gGOo2TD92IU.roa
File: cHz-zKnSxYHFa4V9gGOo2TD92IU.roa (raw, json)
Hash identifier: 7wLb8hhYiSq7/QWSKGWMkksW+PFo5TsIfzjRpFomMMI=
Subject key identifier: 70:7C:FE:CC:A9:D2:C5:81:C5:6B:85:7D:80:63:A8:D9:30:FD:D8:85
Certificate issuer: /CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Certificate serial: 01843C5A8294C60D582013BD7F2151B3BB2C
Authority key identifier: 62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/cHz-zKnSxYHFa4V9gGOo2TD92IU.roa
Signing time: Thu 03 Nov 2022 07:17:55 +0000
ROA not before: Thu 03 Nov 2022 07:17:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25577
IP address blocks: 81.27.64.0/19 maxlen: 19
31.3.208.0/20 maxlen: 20
2001:9d8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:5a:82:94:c6:0d:58:20:13:bd:7f:21:51:b3:bb:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Validity
Not Before: Nov 3 07:17:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=707cfecca9d2c581c56b857d8063a8d930fdd885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8e:e1:22:4d:5a:91:e5:4e:97:31:05:7c:b3:
e5:72:41:ff:7a:b4:63:b0:c2:6a:5a:52:4e:3d:dc:
26:e7:8c:93:08:39:fa:f7:79:59:1b:31:0e:5f:b3:
9a:44:ac:a9:55:e3:3d:47:c6:de:36:ee:e2:bf:80:
30:03:fb:84:33:a0:28:db:75:08:4a:f0:d0:5b:6f:
a2:d6:7c:dd:0c:f2:3b:18:05:14:3b:88:5a:94:27:
21:f9:b9:b8:77:ce:97:a5:45:c0:f4:32:09:50:94:
28:a6:a1:30:98:dd:be:89:18:24:eb:a1:55:e3:39:
91:6e:6f:b2:72:0f:34:b4:bd:f5:a0:10:8d:cb:5f:
e8:90:d6:fa:db:78:41:64:34:59:52:a2:81:ec:e6:
41:09:a1:ed:45:0e:b1:24:c5:8b:6f:7c:6f:69:a1:
ba:bd:41:1d:87:ef:51:fc:53:2f:9f:02:a5:36:59:
ca:e5:61:63:82:f5:90:db:77:72:de:66:bf:7a:01:
ed:85:43:ae:46:eb:db:3f:df:d5:73:b4:04:f4:7c:
5d:47:19:e0:e9:18:92:e5:b8:5d:66:88:bb:ad:cb:
98:1d:61:cd:92:b1:1d:64:6d:8f:69:f1:2f:54:4c:
ed:35:b4:43:13:6e:ad:46:89:52:28:87:e3:23:ca:
ba:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7C:FE:CC:A9:D2:C5:81:C5:6B:85:7D:80:63:A8:D9:30:FD:D8:85
X509v3 Authority Key Identifier:
keyid:62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/cHz-zKnSxYHFa4V9gGOo2TD92IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/YtGQsjjZeveQC9y9AjBLeC_8ryo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.208.0/20
81.27.64.0/19
IPv6:
2001:9d8::/32
Signature Algorithm: sha256WithRSAEncryption
6f:ef:5d:36:9f:99:54:f2:12:48:39:66:7b:20:87:f3:c8:4e:
ec:41:05:01:7a:37:52:2e:9b:3a:8f:9d:13:8e:5a:af:bf:cf:
6c:7b:7d:ec:dd:83:bc:f2:4e:c4:36:3e:40:d9:d8:f8:fb:25:
66:18:8d:bc:6d:7f:c1:34:20:e5:8c:90:e3:dc:46:e0:8a:be:
8d:95:c6:a5:32:43:b0:a6:59:68:a3:9a:f6:56:f6:40:6e:ba:
73:3b:7d:89:1e:f9:16:b2:21:c4:e6:10:bd:28:ea:9a:d0:be:
15:08:d1:b9:af:70:d9:ec:04:ac:47:5f:98:2f:66:a4:df:52:
01:17:b8:8c:2f:a3:29:5b:51:b9:ea:0a:f5:b3:2b:c2:7c:5b:
34:3e:9c:ee:c8:96:a3:f2:14:0f:c9:04:c7:f3:62:77:88:03:
e7:d2:39:e3:21:cc:27:e4:e4:13:00:4e:7c:38:65:05:06:11:
24:2c:ea:cd:1f:7e:61:53:ba:52:bf:4d:43:a3:67:11:d8:54:
82:28:13:e7:f4:68:6c:e7:13:92:4d:9e:0e:19:59:ff:e7:53:
67:e2:81:98:36:02:b8:2a:9f:d7:a9:7f:bd:b2:8d:14:29:2a:
8a:1c:a1:d7:68:4c:d6:b5:99:a3:65:52:21:16:17:c4:d9:3a:
ff:d3:9c:3a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYQ8WoKUxg1YIBO9fyFRs7ssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDE5MGIyMzhkOTdhZjc5MDBiZGNiZDAyMzA0Yjc4MmZm
Y2FmMmEwHhcNMjIxMTAzMDcxNzU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDdjZmVjY2E5ZDJjNTgxYzU2Yjg1N2Q4MDYzYThkOTMwZmRkODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI7hIk1akeVOlzEFfLPlckH/erRj
sMJqWlJOPdwm54yTCDn693lZGzEOX7OaRKypVeM9R8beNu7iv4AwA/uEM6Ao23UI
SvDQW2+i1nzdDPI7GAUUO4halCch+bm4d86XpUXA9DIJUJQopqEwmN2+iRgk66FV
4zmRbm+ycg80tL31oBCNy1/okNb623hBZDRZUqKB7OZBCaHtRQ6xJMWLb3xvaaG6
vUEdh+9R/FMvnwKlNlnK5WFjgvWQ23dy3ma/egHthUOuRuvbP9/Vc7QE9HxdRxng
6RiS5bhdZoi7rcuYHWHNkrEdZG2PafEvVEztNbRDE26tRolSKIfjI8q6LwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHB8/syp0sWBxWuFfYBjqNkw/diFMB8GA1UdIwQY
MBaAFGLRkLI42Xr3kAvcvQIwS3gv/K8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTkt
MTYzZmI3MDAzZTVkLzEvY0h6LXpLblN4WUhGYTRWOWdHT28yVEQ5MklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTktMTYzZmI3MDAzZTVk
LzEvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEHwPQAwQF
URtAMA0EAgACMAcDBQAgAQnYMA0GCSqGSIb3DQEBCwUAA4IBAQBv7102n5lU8hJI
OWZ7IIfzyE7sQQUBejdSLps6j50Tjlqvv89se33s3YO88k7ENj5A2dj4+yVmGI28
bX/BNCDljJDj3Ebgir6NlcalMkOwplloo5r2VvZAbrpzO32JHvkWsiHE5hC9KOqa
0L4VCNG5r3DZ7ASsR1+YL2ak31IBF7iML6MpW1G56gr1syvCfFs0PpzuyJaj8hQP
yQTH82J3iAPn0jnjIcwn5OQTAE58OGUFBhEkLOrNH35hU7pSv01Do2cR2FSCKBPn
9Ghs5xOSTZ4OGVn/51Nn4oGYNgK4Kp/XqX+9so0UKSqKHKHXaEzWtZmjZVIhFhfE
2Tr/05w6
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:31 2025 by rpki-client