Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/LFqXuRXRzGAcPQ6vi2ejZBbQRw0.roa
File: LFqXuRXRzGAcPQ6vi2ejZBbQRw0.roa (raw, json)
Hash identifier: sRcstQkbcb5cBgQiIym1FMRBg5K7jbG2PjratEZLYrc=
Subject key identifier: 2C:5A:97:B9:15:D1:CC:60:1C:3D:0E:AF:8B:67:A3:64:16:D0:47:0D
Certificate issuer: /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial: BBD5
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/LFqXuRXRzGAcPQ6vi2ejZBbQRw0.roa
Signing time: Fri 04 Nov 2022 12:28:54 +0000
ROA not before: Fri 04 Nov 2022 12:28:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15562
IP address blocks: 2001:67c:208c::/48 maxlen: 48
2a0e:b240::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48085 (0xbbd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Validity
Not Before: Nov 4 12:28:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2C5A97B915D1CC601C3D0EAF8B67A36416D0470D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:41:23:f5:c6:5c:e6:76:4e:d0:5d:4a:78:3d:
d6:51:fe:9e:cf:7a:68:1c:37:1b:9a:7c:6f:97:f5:
57:04:68:cd:b2:ad:76:b1:8b:b6:22:01:78:76:86:
56:18:16:27:ac:0b:2a:fe:b5:a7:90:a8:ce:e6:d1:
c3:3e:8b:78:45:ca:44:3c:3e:f8:8e:4f:b3:da:87:
12:56:9c:27:ac:24:21:5c:07:08:2a:76:db:7f:fa:
5d:f6:5d:13:fd:fd:8f:e4:f1:07:59:25:fe:1a:af:
89:1a:d6:93:c4:a6:ee:e9:68:e8:f7:6b:f5:6c:f8:
2b:ee:e2:4b:07:48:d1:6d:34:08:a5:cc:c0:47:9b:
4c:12:32:19:31:9f:93:c1:bb:d5:09:fd:0e:2c:eb:
56:43:90:10:95:0e:5a:57:f5:9a:20:1a:ef:2e:4e:
f2:3f:27:b5:8c:f4:a6:11:3e:3c:84:b5:06:08:9b:
43:e9:30:b2:55:d5:6a:46:e6:0e:e7:1d:a5:0d:9c:
09:f8:80:dc:33:23:39:d6:7b:fb:cc:72:a2:86:b7:
2b:4d:16:55:98:7f:d9:f9:c0:3c:73:bd:b2:7c:3c:
7b:ea:64:81:cb:41:53:5f:2b:09:07:07:a6:cd:7f:
ae:91:ff:af:cc:ae:68:dc:2d:e0:83:63:27:bf:84:
33:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5A:97:B9:15:D1:CC:60:1C:3D:0E:AF:8B:67:A3:64:16:D0:47:0D
X509v3 Authority Key Identifier:
keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/LFqXuRXRzGAcPQ6vi2ejZBbQRw0.roa
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:208c::/48
2a0e:b240::/48
Signature Algorithm: sha256WithRSAEncryption
0b:31:1b:51:ba:cf:32:ae:aa:0b:f2:e9:ae:40:90:73:3f:f8:
ae:25:19:17:6f:26:d4:73:ad:5b:5b:30:67:30:d5:c3:28:88:
0f:5a:42:50:12:b0:ea:d8:0e:46:30:c2:ad:e1:9c:fd:97:4d:
75:40:e1:23:f7:c8:79:a3:b1:1d:23:7f:28:33:16:ca:a7:50:
3f:2a:09:3c:1a:a9:d1:89:2f:6c:ae:cb:36:bc:d1:29:c9:b8:
3a:5b:c3:7c:88:2f:38:20:8b:c3:72:29:bd:88:d8:02:4b:10:
27:ea:c4:ff:a0:7f:51:73:c1:c4:91:75:04:a7:d0:d2:d9:22:
33:96:c5:ef:92:3d:30:d3:4b:7d:02:03:85:48:dd:6a:d6:6d:
c4:ff:a8:68:6a:73:60:0f:a1:6a:9f:5a:6c:70:6f:2a:27:2e:
0b:4e:82:8e:4a:7e:c1:84:47:cd:2e:56:57:4d:26:e6:a7:c2:
de:72:da:56:43:be:f6:80:a3:3d:5c:f4:4f:39:f4:59:1b:37:
3c:78:c3:53:9c:9a:4d:b4:d9:c4:83:63:ad:01:3d:11:70:09:
a9:ee:81:cc:80:9d:6d:14:1a:b1:7c:cc:5d:74:3d:09:b1:18:
fa:39:f7:7c:16:63:35:46:09:a6:57:f0:ad:ee:61:76:1a:c8:
8d:2c:10:c1
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgIDALvVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjIxMTA0
MTIyODU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyQzVBOTdCOTE1RDFD
QzYwMUMzRDBFQUY4QjY3QTM2NDE2RDA0NzBEMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoUEj9cZc5nZO0F1KeD3WUf6ez3poHDcbmnxvl/VXBGjNsq12
sYu2IgF4doZWGBYnrAsq/rWnkKjO5tHDPot4RcpEPD74jk+z2ocSVpwnrCQhXAcI
Knbbf/pd9l0T/f2P5PEHWSX+Gq+JGtaTxKbu6Wjo92v1bPgr7uJLB0jRbTQIpczA
R5tMEjIZMZ+TwbvVCf0OLOtWQ5AQlQ5aV/WaIBrvLk7yPye1jPSmET48hLUGCJtD
6TCyVdVqRuYO5x2lDZwJ+IDcMyM51nv7zHKihrcrTRZVmH/Z+cA8c72yfDx76mSB
y0FTXysJBwemzX+ukf+vzK5o3C3gg2Mnv4QzsQIDAQABo4IB2DCCAdQwHQYDVR0O
BBYEFCxal7kV0cxgHD0Or4tno2QW0EcNMB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L0xGcVh1UlhSekdBY1BRNnZpMmVqWkJiUVJ3MC5yb2EwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwAgAQZ8IIwDBwAqDrJAAAAwDQYJKoZIhvcNAQELBQADggEB
AAsxG1G6zzKuqgvy6a5AkHM/+K4lGRdvJtRzrVtbMGcw1cMoiA9aQlASsOrYDkYw
wq3hnP2XTXVA4SP3yHmjsR0jfygzFsqnUD8qCTwaqdGJL2yuyza80SnJuDpbw3yI
Lzggi8NyKb2I2AJLECfqxP+gf1FzwcSRdQSn0NLZIjOWxe+SPTDTS30CA4VI3WrW
bcT/qGhqc2APoWqfWmxwbyonLgtOgo5KfsGER80uVldNJuanwt5y2lZDvvaAoz1c
9E859FkbNzx4w1Ocmk202cSDY60BPRFwCanugcyAnW0UGrF8zF10PQmxGPo593wW
YzVGCaZX8K3uYXYayI0sEME=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org