Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/zHbUsX7tOgFGcJKFUWWaHHj637k.roa
File: zHbUsX7tOgFGcJKFUWWaHHj637k.roa (raw, json)
Hash identifier: 6C7YAfikSsFTUBG4N6FMdwXisK8Fld5Oac/YXpoBVkQ=
Subject key identifier: CC:76:D4:B1:7E:ED:3A:01:46:70:92:85:51:65:9A:1C:78:FA:DF:B9
Certificate issuer: /CN=a3787d2be6eac36c1d2780f786b87c9e153e81f1
Certificate serial: 018B001F971BEE8B22DE944D9C9671C6ECDC
Authority key identifier: A3:78:7D:2B:E6:EA:C3:6C:1D:27:80:F7:86:B8:7C:9E:15:3E:81:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3h9K-bqw2wdJ4D3hrh8nhU-gfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/zHbUsX7tOgFGcJKFUWWaHHj637k.roa
Signing time: Thu 05 Oct 2023 13:55:52 +0000
ROA not before: Thu 05 Oct 2023 13:55:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44539
IP address blocks: 212.66.32.0/20 maxlen: 24
212.66.56.0/21 maxlen: 24
5.57.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:1f:97:1b:ee:8b:22:de:94:4d:9c:96:71:c6:ec:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3787d2be6eac36c1d2780f786b87c9e153e81f1
Validity
Not Before: Oct 5 13:55:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc76d4b17eed3a014670928551659a1c78fadfb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f2:81:0d:80:e2:16:d1:8a:18:6d:51:15:53:
62:ea:11:5e:22:46:01:dd:95:81:2b:94:96:34:60:
96:04:16:7c:5c:ae:a7:3c:2e:cb:c4:aa:f6:17:58:
ae:de:71:67:ee:ec:40:a9:95:01:c6:bc:aa:51:ec:
7a:0b:b6:c3:23:01:a8:55:eb:31:9d:87:2f:c8:5d:
9f:cb:2c:1b:ba:46:63:d3:25:a4:4a:a9:68:f7:9b:
f2:82:34:02:20:1b:1d:42:e4:75:19:97:31:1a:d9:
a3:66:a4:60:cd:e5:43:b6:44:0b:19:5d:74:b4:35:
7e:d6:c8:e3:d3:56:35:73:d5:66:18:81:26:f1:d9:
f8:75:3d:2d:a3:49:8c:d3:88:4e:68:e8:d2:5a:59:
9f:9c:88:58:12:0f:c2:d0:6b:61:7f:66:db:25:18:
85:9a:d1:94:d6:86:a6:59:a6:61:54:0b:70:3a:ee:
29:45:d1:fe:15:86:41:54:a2:a0:4d:76:20:e3:03:
37:29:8d:06:b9:cd:66:ed:fb:f2:82:1e:13:e6:5c:
1f:97:aa:8d:97:28:f1:ee:0c:2b:0e:7d:b9:44:93:
a4:f8:57:1b:fb:9a:10:ef:eb:78:94:06:15:c5:24:
cd:16:5c:c4:59:31:50:c3:1e:16:9f:21:4e:e2:1d:
17:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:76:D4:B1:7E:ED:3A:01:46:70:92:85:51:65:9A:1C:78:FA:DF:B9
X509v3 Authority Key Identifier:
keyid:A3:78:7D:2B:E6:EA:C3:6C:1D:27:80:F7:86:B8:7C:9E:15:3E:81:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3h9K-bqw2wdJ4D3hrh8nhU-gfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/zHbUsX7tOgFGcJKFUWWaHHj637k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/o3h9K-bqw2wdJ4D3hrh8nhU-gfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.212.0/24
212.66.32.0/20
212.66.56.0/21
Signature Algorithm: sha256WithRSAEncryption
36:59:32:70:68:ba:e9:d4:de:a0:d8:6f:f1:ec:80:53:32:e8:
18:ed:67:b4:39:dc:45:72:93:6e:32:1a:92:d7:da:49:72:20:
44:a3:8f:6a:0c:e2:56:8b:4b:3b:a0:95:e7:53:c8:5b:45:f5:
eb:b9:88:60:5a:ef:5b:4f:b0:d7:40:7f:4d:f5:36:60:a4:e1:
75:03:35:2e:49:60:d2:5e:ad:31:e1:ff:ff:46:ca:33:09:35:
0d:a0:e2:44:9d:33:0b:51:6f:ae:2d:66:99:1c:b3:4f:f7:4d:
d7:97:38:a1:69:a5:3e:5c:ad:1b:1f:d1:f1:58:74:1f:74:d7:
75:4c:65:5a:62:59:6f:1f:0d:1e:c4:3f:94:a8:df:40:33:43:
6e:86:d3:eb:00:07:0c:78:92:31:76:d8:cd:ca:b6:54:b3:10:
16:08:42:0c:f9:8a:5b:3c:c3:69:40:af:0a:9e:4d:76:a4:19:
a2:c8:be:e8:c5:4a:1e:bd:a5:d7:8e:9c:74:7d:cd:cc:f9:34:
11:8c:41:e8:ec:11:55:d9:6b:e5:27:75:6f:09:f7:3a:97:d9:
b6:46:bc:ea:61:f0:9d:20:8d:16:79:f8:6c:4f:5d:bb:ac:36:
50:b3:ec:30:b1:03:f0:36:a3:a1:d1:d5:95:d4:c4:be:f5:08:
13:75:29:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsAH5cb7osi3pRNnJZxxuzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzg3ZDJiZTZlYWMzNmMxZDI3ODBmNzg2Yjg3YzllMTUz
ZTgxZjEwHhcNMjMxMDA1MTM1NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzc2ZDRiMTdlZWQzYTAxNDY3MDkyODU1MTY1OWExYzc4ZmFkZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9PKBDYDiFtGKGG1RFVNi6hFeIkYB
3ZWBK5SWNGCWBBZ8XK6nPC7LxKr2F1iu3nFn7uxAqZUBxryqUex6C7bDIwGoVesx
nYcvyF2fyywbukZj0yWkSqlo95vygjQCIBsdQuR1GZcxGtmjZqRgzeVDtkQLGV10
tDV+1sjj01Y1c9VmGIEm8dn4dT0to0mM04hOaOjSWlmfnIhYEg/C0Gthf2bbJRiF
mtGU1oamWaZhVAtwOu4pRdH+FYZBVKKgTXYg4wM3KY0Guc1m7fvygh4T5lwfl6qN
lyjx7gwrDn25RJOk+Fcb+5oQ7+t4lAYVxSTNFlzEWTFQwx4WnyFO4h0XyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMx21LF+7ToBRnCShVFlmhx4+t+5MB8GA1UdIwQY
MBaAFKN4fSvm6sNsHSeA94a4fJ4VPoHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNoOUstYnF3MndkSjREM2hyaDhuaFUtZ2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9mNTY1ZDctMzJhZi00YmUxLTgyYWMt
YjYwMmNlZGFjMzZjLzEvekhiVXNYN3RPZ0ZHY0pLRlVXV2FISGo2MzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9mNTY1ZDctMzJhZi00YmUxLTgyYWMtYjYwMmNlZGFjMzZj
LzEvbzNoOUstYnF3MndkSjREM2hyaDhuaFUtZ2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABTnUAwQE
1EIgAwQD1EI4MA0GCSqGSIb3DQEBCwUAA4IBAQA2WTJwaLrp1N6g2G/x7IBTMugY
7We0OdxFcpNuMhqS19pJciBEo49qDOJWi0s7oJXnU8hbRfXruYhgWu9bT7DXQH9N
9TZgpOF1AzUuSWDSXq0x4f//RsozCTUNoOJEnTMLUW+uLWaZHLNP903XlzihaaU+
XK0bH9HxWHQfdNd1TGVaYllvHw0exD+UqN9AM0NuhtPrAAcMeJIxdtjNyrZUsxAW
CEIM+YpbPMNpQK8Knk12pBmiyL7oxUoevaXXjpx0fc3M+TQRjEHo7BFV2WvlJ3Vv
Cfc6l9m2RrzqYfCdII0WefhsT127rDZQs+wwsQPwNqOh0dWV1MS+9QgTdSkL
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:56:23 2025 by rpki-client