Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/cZpEgM-aO2E0BTHk41dXjLhvoj8.roa
File: cZpEgM-aO2E0BTHk41dXjLhvoj8.roa (raw, json)
Hash identifier: ihfsEr6DvglzFtQHxq1zRm9kVVwJyXVS2Z1HxqemCZ4=
Subject key identifier: 71:9A:44:80:CF:9A:3B:61:34:05:31:E4:E3:57:57:8C:B8:6F:A2:3F
Certificate issuer: /CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Certificate serial: 0189C0AB4B8A3A1F5C0D1F6F960FFB1B1C13
Authority key identifier: CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/cZpEgM-aO2E0BTHk41dXjLhvoj8.roa
Signing time: Fri 04 Aug 2023 13:09:58 +0000
ROA not before: Fri 04 Aug 2023 13:09:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202012
IP address blocks: 62.40.101.0/24 maxlen: 24
62.40.105.0/24 maxlen: 24
62.40.111.0/24 maxlen: 24
62.40.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:ab:4b:8a:3a:1f:5c:0d:1f:6f:96:0f:fb:1b:1c:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Validity
Not Before: Aug 4 13:09:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=719a4480cf9a3b61340531e4e357578cb86fa23f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3e:5a:f7:bc:ed:32:4c:46:e2:ca:c3:ec:7b:
8d:4e:2d:2c:52:ba:c0:a4:a2:51:04:46:b9:69:b7:
e2:7a:34:2b:a0:d6:9b:61:47:59:ae:ce:09:8b:5e:
d7:17:21:b1:38:8b:a1:d2:af:35:aa:74:18:61:b4:
a9:ec:49:39:b7:a2:a4:2f:41:6a:e7:01:26:40:26:
22:f0:b8:96:51:3d:0d:c5:70:72:07:88:f5:30:84:
d9:fa:20:a7:ae:5e:3e:b0:b1:7f:e7:9c:c9:51:a9:
9c:ed:07:9a:9c:1b:b1:1a:a3:fb:b3:70:2c:74:47:
00:91:b4:1a:c5:be:5f:68:cf:b1:5c:2a:6d:db:b7:
12:df:cd:dc:29:b6:ba:75:00:72:80:62:32:f2:3c:
09:2a:21:49:21:e3:3b:66:c7:56:a9:64:2a:2a:d0:
08:69:d6:68:94:45:ef:6e:0a:df:75:63:1d:80:26:
2a:46:61:24:66:7c:bb:b4:8f:fb:36:f9:39:71:63:
2f:d8:82:c6:c7:d3:ea:d4:fd:32:90:41:76:1d:25:
74:56:9e:33:22:bb:b7:d6:db:f8:ae:8c:7d:83:2a:
30:f8:5f:a5:f9:10:1f:06:92:c9:54:62:cf:4b:13:
d3:01:4d:2c:f4:29:02:96:34:f3:43:5e:f2:c5:f9:
8c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9A:44:80:CF:9A:3B:61:34:05:31:E4:E3:57:57:8C:B8:6F:A2:3F
X509v3 Authority Key Identifier:
keyid:CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/cZpEgM-aO2E0BTHk41dXjLhvoj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.40.101.0/24
62.40.105.0/24
62.40.111.0-62.40.112.255
Signature Algorithm: sha256WithRSAEncryption
a0:ba:88:90:59:c3:da:0c:ff:89:e1:93:02:be:18:34:3f:0c:
ce:37:b7:e2:90:5b:71:a7:e1:ed:db:aa:c6:ad:e1:0a:7f:74:
fa:55:aa:e2:4f:20:45:e5:04:3f:30:ba:55:7c:55:c9:3e:3d:
fc:9a:39:5c:46:ab:8d:24:ca:8f:34:a3:a8:13:b5:3f:58:b6:
ee:eb:83:81:eb:2a:82:ef:22:3a:ce:13:57:8a:be:2a:d1:6c:
89:d8:fc:a1:6c:21:a0:fe:cb:2f:84:a3:c1:39:14:26:ba:25:
4c:a6:33:a1:e9:6f:64:c6:45:20:ed:bd:b1:73:23:7a:1a:ed:
0b:0e:19:40:0c:15:2c:74:90:d1:6f:1c:e2:82:71:62:27:81:
df:9f:1c:84:d7:7d:c2:07:dc:70:7d:de:d8:c1:10:d6:d4:88:
26:44:a3:d0:b8:5c:7d:76:67:5f:4f:50:b8:51:57:6c:61:3d:
e0:d3:df:d5:2e:6a:84:a8:5b:93:33:30:fd:04:99:33:31:60:
a7:6c:dd:ff:df:a9:a6:49:94:b3:bd:c8:5b:9c:72:ad:1b:e0:
d0:80:3f:21:f3:23:d4:b4:0a:d1:42:91:d0:2d:91:51:3a:ad:
0c:03:4f:9b:84:52:2f:0f:38:ae:84:e1:1e:37:c3:1f:76:fa:
de:da:26:3c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYnAq0uKOh9cDR9vlg/7GxwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDc1NTczM2U5MTIwM2ExN2MzMDkzY2E1ZDljYjAzOTJk
OTRmNjEwHhcNMjMwODA0MTMwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTlhNDQ4MGNmOWEzYjYxMzQwNTMxZTRlMzU3NTc4Y2I4NmZhMjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz5a97ztMkxG4srD7HuNTi0sUrrA
pKJRBEa5abfiejQroNabYUdZrs4Ji17XFyGxOIuh0q81qnQYYbSp7Ek5t6KkL0Fq
5wEmQCYi8LiWUT0NxXByB4j1MITZ+iCnrl4+sLF/55zJUamc7QeanBuxGqP7s3As
dEcAkbQaxb5faM+xXCpt27cS383cKba6dQBygGIy8jwJKiFJIeM7ZsdWqWQqKtAI
adZolEXvbgrfdWMdgCYqRmEkZny7tI/7Nvk5cWMv2ILGx9Pq1P0ykEF2HSV0Vp4z
Iru31tv4rox9gyow+F+l+RAfBpLJVGLPSxPTAU0s9CkCljTzQ17yxfmMCQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHGaRIDPmjthNAUx5ONXV4y4b6I/MB8GA1UdIwQY
MBaAFM7XVXM+kSA6F8MJPKXZywOS2U9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUt
ZWY0YjY1OWVmZjhkLzEvY1pwRWdNLWFPMkUwQlRIazQxZFhqTGh2b2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUtZWY0YjY1OWVmZjhk
LzEvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAPihlAwQA
PihpMAwDBAA+KG8DBAA+KHAwDQYJKoZIhvcNAQELBQADggEBAKC6iJBZw9oM/4nh
kwK+GDQ/DM43t+KQW3Gn4e3bqsat4Qp/dPpVquJPIEXlBD8wulV8Vck+PfyaOVxG
q40kyo80o6gTtT9Ytu7rg4HrKoLvIjrOE1eKvirRbInY/KFsIaD+yy+Eo8E5FCa6
JUymM6Hpb2TGRSDtvbFzI3oa7QsOGUAMFSx0kNFvHOKCcWIngd+fHITXfcIH3HB9
3tjBENbUiCZEo9C4XH12Z19PULhRV2xhPeDT39UuaoSoW5MzMP0EmTMxYKds3f/f
qaZJlLO9yFuccq0b4NCAPyHzI9S0CtFCkdAtkVE6rQwDT5uEUi8POK6E4R43wx92
+t7aJjw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:14 2025 by rpki-client