Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/CHOZGsHAHsxNNP9y0VyvUYDn5p4.roa
File: CHOZGsHAHsxNNP9y0VyvUYDn5p4.roa (raw, json)
Hash identifier: o5JaGIy3uw5qTj+8MslJlWeznexGk5WAH/LET+khdFc=
Subject key identifier: 08:73:99:1A:C1:C0:1E:CC:4D:34:FF:72:D1:5C:AF:51:80:E7:E6:9E
Certificate issuer: /CN=5dd23c7ac6e682fbc53be1a0e9318f6ccae7193d
Certificate serial: 0B2FA80C
Authority key identifier: 5D:D2:3C:7A:C6:E6:82:FB:C5:3B:E1:A0:E9:31:8F:6C:CA:E7:19:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XdI8esbmgvvFO-Gg6TGPbMrnGT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/CHOZGsHAHsxNNP9y0VyvUYDn5p4.roa
Signing time: Sat 01 Jan 2022 12:54:36 +0000
ROA not before: Sat 01 Jan 2022 12:54:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210731
IP address blocks: 185.129.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 187672588 (0xb2fa80c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd23c7ac6e682fbc53be1a0e9318f6ccae7193d
Validity
Not Before: Jan 1 12:54:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0873991ac1c01ecc4d34ff72d15caf5180e7e69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:11:a7:28:87:3d:7d:47:28:c9:03:a3:bd:b5:
9f:b9:cd:a4:69:30:71:5a:2c:ce:b7:c9:7f:50:0b:
d1:14:55:7e:64:a0:30:09:cd:35:ed:47:29:ab:06:
e0:4d:c4:a5:96:50:f0:f8:0e:90:ad:97:e0:b7:e4:
13:90:53:01:45:95:43:3c:d3:ce:57:15:40:bf:46:
94:19:45:6c:b9:74:0d:22:4e:00:2c:a2:92:c7:39:
f7:18:99:5b:8f:2e:1c:3a:8b:84:00:9c:f5:52:f1:
70:44:dd:dc:72:f5:5f:e6:25:0a:1d:64:61:a4:c1:
1a:c0:87:36:d2:13:e2:26:17:30:fa:94:6f:2d:82:
23:d5:0e:18:c7:2d:79:53:d9:9f:c0:66:e3:c6:f4:
0f:b3:97:a4:ef:fb:60:07:a1:04:ab:9d:07:57:45:
93:6e:b4:a7:e2:32:30:ba:a5:a6:eb:7b:16:b9:96:
a2:3a:1d:0c:f5:92:cc:1a:13:5c:68:2a:d9:b1:e8:
d7:02:8d:e6:f6:fc:84:33:ed:3a:52:ff:7e:94:42:
0e:88:c3:09:61:f2:ef:5a:1e:6d:4a:00:f9:89:8f:
ca:ce:16:6a:d2:26:69:19:22:10:fb:f8:bd:67:b2:
73:50:b4:f0:24:e1:16:24:be:f4:96:4a:34:32:87:
e8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:73:99:1A:C1:C0:1E:CC:4D:34:FF:72:D1:5C:AF:51:80:E7:E6:9E
X509v3 Authority Key Identifier:
keyid:5D:D2:3C:7A:C6:E6:82:FB:C5:3B:E1:A0:E9:31:8F:6C:CA:E7:19:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdI8esbmgvvFO-Gg6TGPbMrnGT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/CHOZGsHAHsxNNP9y0VyvUYDn5p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/XdI8esbmgvvFO-Gg6TGPbMrnGT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.61.0/24
Signature Algorithm: sha256WithRSAEncryption
57:5e:7a:e4:1c:35:be:ae:b4:be:74:8f:f0:dc:dc:84:32:50:
7f:74:5d:39:9c:fa:68:03:da:c7:5e:c7:9a:02:ce:dc:29:cc:
ad:17:fe:75:51:43:a2:a1:73:07:55:d3:1b:2d:a5:bd:a0:ac:
5c:5d:2e:ef:ce:1f:d8:99:53:b1:d8:23:a7:ac:f9:ef:c2:3c:
05:58:f3:ce:15:b6:c8:2d:87:37:37:ed:b0:ab:f7:92:fb:99:
15:3c:f1:6d:92:a4:37:99:5c:73:29:ad:9b:ee:c5:04:b7:cd:
30:eb:38:4e:e6:c4:7c:b4:5f:ed:05:52:ca:bd:87:60:f4:1e:
3c:e0:09:61:ac:82:c4:d0:ed:05:f4:b3:a6:86:54:53:7e:0a:
9f:ff:16:ad:a0:23:5e:c1:3d:e5:ef:e1:5e:51:98:d3:0a:ed:
03:24:32:73:22:08:f2:9d:e5:ca:3f:ee:54:8a:c5:32:a9:4f:
ee:88:6b:dd:76:cd:04:f9:78:d3:6c:fd:11:1e:8b:74:35:18:
36:db:10:d4:f4:7f:32:1d:e6:59:3a:f7:80:c5:0b:e9:e4:c3:
4b:50:b0:27:45:f9:80:68:3c:f6:92:c5:fe:d3:f8:d7:4e:fb:
46:47:07:61:83:2b:67:47:45:41:ee:b9:8c:fe:32:c7:3e:f8:
3d:5b:77:b1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECy+oDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGQyM2M3YWM2ZTY4MmZiYzUzYmUxYTBlOTMxOGY2Y2NhZTcxOTNkMB4XDTIyMDEw
MTEyNTQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg3Mzk5MWFjMWMw
MWVjYzRkMzRmZjcyZDE1Y2FmNTE4MGU3ZTY5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI0RpyiHPX1HKMkDo721n7nNpGkwcVoszrfJf1AL0RRVfmSg
MAnNNe1HKasG4E3EpZZQ8PgOkK2X4LfkE5BTAUWVQzzTzlcVQL9GlBlFbLl0DSJO
ACyiksc59xiZW48uHDqLhACc9VLxcETd3HL1X+YlCh1kYaTBGsCHNtIT4iYXMPqU
by2CI9UOGMcteVPZn8Bm48b0D7OXpO/7YAehBKudB1dFk260p+IyMLqlput7FrmW
ojodDPWSzBoTXGgq2bHo1wKN5vb8hDPtOlL/fpRCDojDCWHy71oebUoA+YmPys4W
atImaRkiEPv4vWeyc1C08CThFiS+9JZKNDKH6PUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQIc5kawcAezE00/3LRXK9RgOfmnjAfBgNVHSMEGDAWgBRd0jx6xuaC+8U7
4aDpMY9syucZPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hkSThlc2JtZ3Z2Rk8tR2c2VEdQYk1ybkdUMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvYTQyZTljLWQ5MmQtNGIyMC1hNWViLWViZTIzMzJjYWYxYy8x
L0NIT1pHc0hBSHN4Tk5QOXkwVnl2VVlEbjVwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
YTQyZTljLWQ5MmQtNGIyMC1hNWViLWViZTIzMzJjYWYxYy8xL1hkSThlc2JtZ3Z2
Rk8tR2c2VEdQYk1ybkdUMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmBPTANBgkqhkiG9w0BAQsFAAOC
AQEAV1565Bw1vq60vnSP8NzchDJQf3RdOZz6aAPax17HmgLO3CnMrRf+dVFDoqFz
B1XTGy2lvaCsXF0u784f2JlTsdgjp6z578I8BVjzzhW2yC2HNzftsKv3kvuZFTzx
bZKkN5lccymtm+7FBLfNMOs4TubEfLRf7QVSyr2HYPQePOAJYayCxNDtBfSzpoZU
U34Kn/8WraAjXsE95e/hXlGY0wrtAyQycyII8p3lyj/uVIrFMqlP7ohr3XbNBPl4
02z9ER6LdDUYNtsQ1PR/Mh3mWTr3gMUL6eTDS1CwJ0X5gGg89pLF/tP41077RkcH
YYMrZ0dFQe65jP4yxz74PVt3sQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:28 2023 by rpki-client on console-ams.rpki-client.org