Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/F8wKRW6fzPw1qTJfRO--N74Z9MA.roa
File: F8wKRW6fzPw1qTJfRO--N74Z9MA.roa (raw, json)
Hash identifier: 1w4XbCPuGveQnDc54xPKHl39FQ+DX9L6AXp3C9jPOY8=
Subject key identifier: 17:CC:0A:45:6E:9F:CC:FC:35:A9:32:5F:44:EF:BE:37:BE:19:F4:C0
Certificate issuer: /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial: BBD4
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/F8wKRW6fzPw1qTJfRO--N74Z9MA.roa
Signing time: Fri 04 Nov 2022 12:28:54 +0000
ROA not before: Fri 04 Nov 2022 12:28:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 2a0e:b240::/29 maxlen: 29
2a0e:b240::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48084 (0xbbd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Validity
Not Before: Nov 4 12:28:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=17CC0A456E9FCCFC35A9325F44EFBE37BE19F4C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:52:db:92:d0:05:1c:a8:18:fb:01:a8:04:ae:
09:10:db:19:97:e3:ab:97:3a:bf:3e:b8:84:00:1b:
22:cc:7b:89:e9:12:70:bc:99:7f:ba:81:d2:5f:16:
99:45:1e:d1:60:74:aa:93:83:68:bb:48:3a:25:c7:
c4:f0:e7:ec:fc:cf:9f:c8:95:ea:ec:46:7d:14:ed:
70:fc:b2:81:81:ed:7a:ed:d6:4f:62:5a:0b:0a:97:
ae:82:da:0c:7d:19:70:05:c3:20:67:8c:a3:42:b2:
ce:06:bd:78:ea:d2:89:3e:c7:4b:cb:fa:7c:29:0f:
dd:2e:a4:57:13:4f:35:a9:d7:d3:35:a5:d5:01:0a:
3b:02:eb:4a:9c:92:df:ee:c1:99:22:4f:8f:45:1e:
db:78:84:a3:f4:38:6e:4b:30:57:2a:80:ea:d9:64:
89:fc:fb:cb:74:ee:7f:eb:e1:18:76:c1:03:f8:2c:
b4:70:22:71:27:1f:41:b0:e9:21:2b:af:4f:bb:fe:
5f:95:5f:f7:06:6d:63:0c:c3:e6:a1:ea:85:d7:98:
b8:c8:08:f6:9c:f7:30:12:4e:5f:e5:79:1d:b6:2e:
fd:df:98:8d:77:4c:29:31:58:7a:32:86:83:03:24:
16:5e:69:c7:98:83:70:d0:84:70:7e:18:29:50:97:
90:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:CC:0A:45:6E:9F:CC:FC:35:A9:32:5F:44:EF:BE:37:BE:19:F4:C0
X509v3 Authority Key Identifier:
keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/F8wKRW6fzPw1qTJfRO--N74Z9MA.roa
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b240::/29
Signature Algorithm: sha256WithRSAEncryption
0f:69:f7:e2:d1:ff:d9:af:13:b1:c8:94:6f:4a:e7:b3:90:c7:
6a:e9:8c:78:49:2f:0c:c8:df:e8:e0:4e:1c:5e:f9:92:43:0f:
8d:7a:49:8c:1d:f0:00:14:b9:48:a4:99:95:f3:26:c8:65:83:
c4:08:52:91:44:21:bd:40:b8:86:3f:f3:59:ff:3a:6c:1c:21:
cd:59:fa:64:78:cd:bb:17:f7:6f:cf:43:b3:ec:ae:3d:d0:e2:
a6:1e:4b:9e:25:9c:7d:35:5b:96:b0:9d:11:a9:2d:84:fc:d3:
b7:0c:3a:5d:99:0c:2a:de:c7:f5:49:f3:ae:30:09:68:85:41:
70:80:7d:8c:6d:89:74:ca:01:36:c9:08:e0:62:cc:ca:ab:38:
c7:d1:8f:f4:65:3c:ee:b2:3d:b7:5f:0b:8f:c0:52:e8:24:80:
55:4d:53:03:9a:74:7c:3d:63:34:0d:d3:39:2c:79:7c:ec:ce:
84:8d:d9:34:b9:14:e2:09:6d:76:83:c4:2a:46:ac:77:84:2e:
d8:9f:ac:95:ba:54:40:a4:8e:3e:c1:23:f2:22:70:99:25:c4:
83:6a:3d:bf:26:6c:01:64:db:2e:b5:42:14:91:25:9e:2c:e7:
89:5c:8b:94:51:60:8c:cc:71:a4:5e:95:ec:85:33:84:98:21:
e0:e7:58:2c
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIDALvUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjIxMTA0
MTIyODU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxN0NDMEE0NTZFOUZD
Q0ZDMzVBOTMyNUY0NEVGQkUzN0JFMTlGNEMwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApFLbktAFHKgY+wGoBK4JENsZl+Orlzq/PriEABsizHuJ6RJw
vJl/uoHSXxaZRR7RYHSqk4Nou0g6JcfE8Ofs/M+fyJXq7EZ9FO1w/LKBge167dZP
YloLCpeugtoMfRlwBcMgZ4yjQrLOBr146tKJPsdLy/p8KQ/dLqRXE081qdfTNaXV
AQo7AutKnJLf7sGZIk+PRR7beISj9DhuSzBXKoDq2WSJ/PvLdO5/6+EYdsED+Cy0
cCJxJx9BsOkhK69Pu/5flV/3Bm1jDMPmoeqF15i4yAj2nPcwEk5f5Xkdti7935iN
d0wpMVh6MoaDAyQWXmnHmINw0IRwfhgpUJeQ0wIDAQABo4IBzTCCAckwHQYDVR0O
BBYEFBfMCkVun8z8NakyX0Tvvje+GfTAMB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L0Y4d0tSVzZmelB3MXFUSmZSTy0tTjc0WjlNQS5yb2EwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQMqDrJAMA0GCSqGSIb3DQEBCwUAA4IBAQAPaffi0f/ZrxOx
yJRvSuezkMdq6Yx4SS8MyN/o4E4cXvmSQw+NekmMHfAAFLlIpJmV8ybIZYPECFKR
RCG9QLiGP/NZ/zpsHCHNWfpkeM27F/dvz0Oz7K490OKmHkueJZx9NVuWsJ0RqS2E
/NO3DDpdmQwq3sf1SfOuMAlohUFwgH2MbYl0ygE2yQjgYszKqzjH0Y/0ZTzusj23
XwuPwFLoJIBVTVMDmnR8PWM0DdM5LHl87M6Ejdk0uRTiCW12g8QqRqx3hC7Yn6yV
ulRApI4+wSPyInCZJcSDaj2/JmwBZNsutUIUkSWeLOeJXIuUUWCMzHGkXpXshTOE
mCHg51gs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org