Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/q2Jx9yqxVvIxTbSIwcKbWic37TY.roa
File: q2Jx9yqxVvIxTbSIwcKbWic37TY.roa (raw, json)
Hash identifier: qwC8ldC+MXocrp5tvesyUS540wbsaCn1zv9xE8e6xvE=
Subject key identifier: AB:62:71:F7:2A:B1:56:F2:31:4D:B4:88:C1:C2:9B:5A:27:37:ED:36
Certificate issuer: /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial: C669
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/q2Jx9yqxVvIxTbSIwcKbWic37TY.roa
Signing time: Fri 02 Dec 2022 12:04:42 +0000
ROA not before: Fri 02 Dec 2022 12:04:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 2a0e:b240::/29 maxlen: 29
2a0e:b240::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50793 (0xc669)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Validity
Not Before: Dec 2 12:04:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=AB6271F72AB156F2314DB488C1C29B5A2737ED36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2f:87:fa:de:f6:d6:10:38:49:8c:f2:d9:8f:
07:2d:75:28:a1:78:d8:70:01:7f:c7:b3:4e:59:67:
96:e1:aa:96:f1:0e:59:49:cd:ad:fe:94:f5:a4:b4:
e0:31:2a:05:02:34:16:10:53:3e:e3:de:32:d8:fa:
1b:f7:71:57:fa:61:e9:80:aa:aa:8f:ed:24:cc:66:
d1:a0:47:29:05:ce:58:8f:6b:6f:cc:e0:e8:0a:a1:
20:af:6e:ed:e8:e5:47:9b:76:b9:ed:61:91:05:21:
d0:8b:d5:26:87:2c:b2:25:29:3a:27:3b:06:fb:c1:
21:4a:f7:eb:c3:65:15:b3:0b:68:ed:f7:f5:f5:a2:
cf:71:4e:f4:18:41:de:3c:34:7c:01:50:bd:2e:d2:
83:16:1a:49:46:71:54:e8:e4:de:27:cb:c9:61:54:
3f:e9:08:3f:96:db:e4:e1:4f:11:ea:c2:b8:11:14:
16:ab:c9:dc:52:7e:2f:9e:79:7b:9e:2e:86:6d:8f:
3e:c7:f7:9c:7c:4b:86:ca:0c:d2:01:a9:74:77:14:
69:ef:47:a6:20:2e:e7:ef:4b:70:80:4c:df:63:3d:
b3:54:42:ff:ed:ec:1e:b4:ed:ca:32:71:2e:4d:63:
22:36:78:83:c1:24:3d:79:76:75:f7:84:15:5d:93:
44:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:62:71:F7:2A:B1:56:F2:31:4D:B4:88:C1:C2:9B:5A:27:37:ED:36
X509v3 Authority Key Identifier:
keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/q2Jx9yqxVvIxTbSIwcKbWic37TY.roa
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b240::/29
Signature Algorithm: sha256WithRSAEncryption
7b:fa:62:8c:45:3b:7b:52:cf:93:a0:a2:db:72:9e:97:2f:e3:
3f:b2:e8:fa:cf:57:26:af:af:5a:ff:f2:57:fa:51:b6:0d:94:
63:04:cd:c0:28:34:ea:48:aa:77:b7:17:89:c0:56:e5:55:7d:
2c:3e:7f:93:07:41:f9:26:61:24:2a:4b:f7:95:ef:c8:38:67:
fc:4a:cb:39:22:06:f4:9c:b7:6e:04:a3:9f:d6:f9:b0:e1:15:
6b:27:35:f6:32:07:02:e6:b4:e6:90:9e:85:1a:dc:ba:8e:f5:
dc:a2:06:c4:ea:96:c6:ef:19:d4:f9:fb:e1:d0:5b:bf:34:0d:
77:c5:8a:94:76:50:b5:1e:5a:e7:c9:eb:e6:7a:0e:c2:13:80:
fb:d5:4b:44:e3:4e:b9:56:62:30:11:64:29:3f:74:6a:25:1a:
09:2f:f0:e6:bd:c6:28:d8:4f:cb:de:55:61:be:68:86:82:3d:
12:7a:f9:e3:ec:8a:eb:e3:d9:ee:2f:d2:fd:17:a0:a2:86:42:
d9:00:65:9e:1a:5f:f1:37:0e:a5:90:a1:1e:3d:1b:5b:82:59:
91:0f:cc:21:cc:ec:f2:bd:2e:6d:94:e6:fc:47:f5:c6:27:d8:
69:6c:40:9c:4b:3f:19:8a:a8:58:a7:ea:83:04:cb:da:16:7d:
f9:5c:77:4e
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIDAMZpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjIxMjAy
MTIwNDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhBQjYyNzFGNzJBQjE1
NkYyMzE0REI0ODhDMUMyOUI1QTI3MzdFRDM2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArC+H+t721hA4SYzy2Y8HLXUooXjYcAF/x7NOWWeW4aqW8Q5Z
Sc2t/pT1pLTgMSoFAjQWEFM+494y2Pob93FX+mHpgKqqj+0kzGbRoEcpBc5Yj2tv
zODoCqEgr27t6OVHm3a57WGRBSHQi9UmhyyyJSk6JzsG+8EhSvfrw2UVswto7ff1
9aLPcU70GEHePDR8AVC9LtKDFhpJRnFU6OTeJ8vJYVQ/6Qg/ltvk4U8R6sK4ERQW
q8ncUn4vnnl7ni6GbY8+x/ecfEuGygzSAal0dxRp70emIC7n70twgEzfYz2zVEL/
7ewetO3KMnEuTWMiNniDwSQ9eXZ194QVXZNEAwIDAQABo4IBzTCCAckwHQYDVR0O
BBYEFKticfcqsVbyMU20iMHCm1onN+02MB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L3EySng5eXF4VnZJeFRiU0l3Y0tiV2ljMzdUWS5yb2EwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQMqDrJAMA0GCSqGSIb3DQEBCwUAA4IBAQB7+mKMRTt7Us+T
oKLbcp6XL+M/suj6z1cmr69a//JX+lG2DZRjBM3AKDTqSKp3txeJwFblVX0sPn+T
B0H5JmEkKkv3le/IOGf8Sss5Igb0nLduBKOf1vmw4RVrJzX2MgcC5rTmkJ6FGty6
jvXcogbE6pbG7xnU+fvh0Fu/NA13xYqUdlC1Hlrnyevmeg7CE4D71UtE4065VmIw
EWQpP3RqJRoJL/DmvcYo2E/L3lVhvmiGgj0Sevnj7Irr49nuL9L9F6CihkLZAGWe
Gl/xNw6lkKEePRtbglmRD8whzOzyvS5tlOb8R/XGJ9hpbECcSz8ZiqhYp+qDBMva
Fn35XHdO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org