Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/CnhBZW3JpuWlAu0F5I5BcrCO86Q.roa
File: CnhBZW3JpuWlAu0F5I5BcrCO86Q.roa (raw, json)
Hash identifier: dw/xDo9rYc8aVSf5LrbVqJyqUg3ZabN72kl3ZzW9NUQ=
Subject key identifier: 0A:78:41:65:6D:C9:A6:E5:A5:02:ED:05:E4:8E:41:72:B0:8E:F3:A4
Certificate issuer: /CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Certificate serial: 0189F3A2EC88E18D584739232EE019832A00
Authority key identifier: 14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/CnhBZW3JpuWlAu0F5I5BcrCO86Q.roa
Signing time: Mon 14 Aug 2023 10:41:28 +0000
ROA not before: Mon 14 Aug 2023 10:41:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207728
IP address blocks: 46.28.234.0/24 maxlen: 24
93.88.74.0/24 maxlen: 24
185.162.11.0/24 maxlen: 24
185.162.9.0/24 maxlen: 24
31.10.5.0/24 maxlen: 24
194.146.127.0/24 maxlen: 24
185.204.52.0/24 maxlen: 24
87.236.177.0/24 maxlen: 24
31.210.170.0/23 maxlen: 24
104.192.42.0/24 maxlen: 24
31.210.173.0/24 maxlen: 24
2a12:9cc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:a2:ec:88:e1:8d:58:47:39:23:2e:e0:19:83:2a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Validity
Not Before: Aug 14 10:41:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a7841656dc9a6e5a502ed05e48e4172b08ef3a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5b:9e:12:a6:cd:f0:7e:e7:76:d9:22:2a:10:
17:1f:2d:a9:c1:3c:00:42:9b:c0:d4:5e:d1:98:56:
a2:98:75:5b:50:b4:50:a1:92:79:2f:c3:1a:01:53:
9b:b8:25:1e:42:e1:fd:5a:f1:8b:a2:85:7c:a3:b1:
45:94:98:2f:7b:10:d7:c3:7f:ac:d5:5a:eb:21:70:
90:26:72:f7:be:a5:34:b0:78:5f:17:f6:55:c4:10:
e7:5f:21:39:5b:af:3e:74:bc:cb:4a:90:bb:b8:85:
ba:37:56:4e:cd:fc:f3:45:ce:48:d0:d1:a3:3d:11:
0a:69:66:ab:b1:58:21:f9:e6:31:3c:ef:b3:8d:56:
19:7e:68:d8:f8:6c:ac:1c:62:04:17:7b:68:1c:44:
1a:df:db:60:fb:74:e4:2f:a1:de:7c:2c:b7:e8:16:
f6:b4:a1:51:48:16:ab:d1:aa:ca:f3:48:e8:c5:7b:
8f:5f:fe:23:24:15:7f:fd:4f:bb:7e:54:3b:d7:15:
82:f3:74:a7:86:6c:a9:33:59:c8:07:63:2e:b8:55:
de:e7:f3:fa:8f:30:57:ec:2f:1e:02:05:0d:a4:11:
89:d5:d9:7a:41:1f:98:77:21:c9:9c:f3:e5:ef:58:
27:f6:43:9b:cf:e4:e9:da:dd:cd:7a:86:0b:45:d7:
2d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:78:41:65:6D:C9:A6:E5:A5:02:ED:05:E4:8E:41:72:B0:8E:F3:A4
X509v3 Authority Key Identifier:
keyid:14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/CnhBZW3JpuWlAu0F5I5BcrCO86Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.5.0/24
31.210.170.0/23
31.210.173.0/24
46.28.234.0/24
87.236.177.0/24
93.88.74.0/24
104.192.42.0/24
185.162.9.0/24
185.162.11.0/24
185.204.52.0/24
194.146.127.0/24
IPv6:
2a12:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:11:87:32:da:c0:99:a2:6a:f0:3c:e2:3d:75:7f:c9:ec:90:
e3:32:48:63:00:20:f1:cf:c6:7d:b9:5c:26:e8:1e:bf:0a:6c:
fd:a7:90:75:a6:f3:a3:20:6e:e9:43:b9:f2:72:bb:cd:59:6a:
af:0f:6b:d6:0c:b6:13:42:0f:92:57:9f:c4:70:3d:ac:25:e2:
25:db:69:68:8b:39:e0:f7:47:2f:b1:e4:72:81:2b:06:fd:ba:
bd:d9:83:1e:17:45:bf:67:43:59:50:cf:34:d2:fd:2f:94:21:
9c:62:d6:d0:a4:01:55:30:59:ae:a8:0e:40:b7:ed:d5:87:45:
d4:54:16:d9:13:9b:e3:0d:bb:00:37:db:e3:6b:a5:25:12:7f:
42:a5:f4:b5:bc:d1:14:38:e8:5f:28:f4:6e:9d:ae:c9:41:86:
90:cc:e7:9e:16:29:64:c0:9b:b2:41:40:68:f2:d7:c9:94:94:
02:bb:5c:a2:71:d2:8f:58:dc:1e:b2:2c:0c:a1:7f:31:59:e4:
36:ed:a4:8f:8d:77:5e:de:69:02:36:0e:78:5b:bb:c4:79:6b:
0a:74:43:59:dc:d5:d2:0c:8b:8f:12:24:0a:01:2d:f7:3c:ed:
84:51:23:0e:73:53:10:11:53:9b:3e:f9:8f:97:1a:07:ff:2c:
bc:89:18:ce
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYnzouyI4Y1YRzkjLuAZgyoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OWQxZjY3YTQxY2EyZTQwNTAxN2NiZTQ4YmFmZmYxNzMz
ZTM4NjkwHhcNMjMwODE0MTA0MTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTc4NDE2NTZkYzlhNmU1YTUwMmVkMDVlNDhlNDE3MmIwOGVmM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFueEqbN8H7ndtkiKhAXHy2pwTwA
QpvA1F7RmFaimHVbULRQoZJ5L8MaAVObuCUeQuH9WvGLooV8o7FFlJgvexDXw3+s
1VrrIXCQJnL3vqU0sHhfF/ZVxBDnXyE5W68+dLzLSpC7uIW6N1ZOzfzzRc5I0NGj
PREKaWarsVgh+eYxPO+zjVYZfmjY+GysHGIEF3toHEQa39tg+3TkL6HefCy36Bb2
tKFRSBar0arK80joxXuPX/4jJBV//U+7flQ71xWC83SnhmypM1nIB2MuuFXe5/P6
jzBX7C8eAgUNpBGJ1dl6QR+YdyHJnPPl71gn9kObz+Tp2t3NeoYLRdctwwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFAp4QWVtyablpQLtBeSOQXKwjvOkMB8GA1UdIwQY
MBaAFBSdH2ekHKLkBQF8vki6//FzPjhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDkt
NTQ4NTY4MmEwNWY1LzEvQ25oQlpXM0pwdVdsQXUwRjVJNUJjckNPODZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDktNTQ4NTY4MmEwNWY1
LzEvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQAHwoFAwQB
H9KqAwQAH9KtAwQALhzqAwQAV+yxAwQAXVhKAwQAaMAqAwQAuaIJAwQAuaILAwQA
ucw0AwQAwpJ/MA0EAgACMAcDBQMqEpzAMA0GCSqGSIb3DQEBCwUAA4IBAQA9EYcy
2sCZomrwPOI9dX/J7JDjMkhjACDxz8Z9uVwm6B6/Cmz9p5B1pvOjIG7pQ7nycrvN
WWqvD2vWDLYTQg+SV5/EcD2sJeIl22loizng90cvseRygSsG/bq92YMeF0W/Z0NZ
UM800v0vlCGcYtbQpAFVMFmuqA5At+3Vh0XUVBbZE5vjDbsAN9vja6UlEn9CpfS1
vNEUOOhfKPRuna7JQYaQzOeeFilkwJuyQUBo8tfJlJQCu1yicdKPWNwesiwMoX8x
WeQ27aSPjXde3mkCNg54W7vEeWsKdENZ3NXSDIuPEiQKAS33PO2EUSMOc1MQEVOb
PvmPlxoH/yy8iRjO
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:04:15 2025 by rpki-client