Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/xK_LgwzQgqS1pFXeLtGQE7gXqNk.roa
File: xK_LgwzQgqS1pFXeLtGQE7gXqNk.roa (raw, json)
Hash identifier: QueJIi5Km7rE34yPgVkf6QK+sQJU+wMdHOZ6J+wZ2hk=
Subject key identifier: C4:AF:CB:83:0C:D0:82:A4:B5:A4:55:DE:2E:D1:90:13:B8:17:A8:D9
Certificate issuer: /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial: C668
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/xK_LgwzQgqS1pFXeLtGQE7gXqNk.roa
Signing time: Fri 02 Dec 2022 12:04:42 +0000
ROA not before: Fri 02 Dec 2022 12:04:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15562
IP address blocks: 2001:67c:208c::/48 maxlen: 48
2a0e:b240::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50792 (0xc668)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Validity
Not Before: Dec 2 12:04:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=C4AFCB830CD082A4B5A455DE2ED19013B817A8D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7d:f1:18:1b:c3:e7:b4:c6:79:ca:66:96:af:
96:0c:bc:d8:e0:43:36:2a:cf:dd:8a:3d:b9:20:88:
4a:f2:6e:c4:b4:0c:73:c1:85:fa:73:0b:10:67:2a:
52:a5:bd:65:a9:95:7e:39:64:e3:d7:45:b6:66:f1:
ef:91:a2:94:0e:89:80:40:d9:22:82:1c:81:5f:4d:
4d:00:be:bd:ee:1f:2f:17:7a:11:20:63:cc:0d:65:
80:df:57:76:c2:c0:97:3f:70:52:59:07:c9:9b:bb:
2a:a6:22:00:0a:36:ad:cc:6b:15:44:8f:b5:69:81:
c5:1c:fe:09:2a:5d:21:ad:ef:de:03:0c:1b:ec:18:
c1:7c:be:90:82:99:19:10:13:76:a5:a8:d8:13:1f:
71:36:83:93:93:39:61:ba:01:36:fa:86:48:15:b1:
3d:d8:9b:67:5f:25:f1:db:a3:41:9b:f4:8d:8c:52:
d9:87:7c:b6:46:2d:88:3a:16:8c:1f:c4:d8:66:b3:
ff:4d:08:0d:ea:91:ca:91:cb:a8:71:d3:a4:f2:5e:
f0:59:63:68:d5:c6:5e:61:85:0e:87:64:19:33:71:
26:95:cb:c4:57:5d:c5:0d:e6:19:53:0f:4c:e8:18:
64:47:df:c7:ec:c4:2a:02:d0:2d:43:0f:ba:a0:36:
14:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AF:CB:83:0C:D0:82:A4:B5:A4:55:DE:2E:D1:90:13:B8:17:A8:D9
X509v3 Authority Key Identifier:
keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/xK_LgwzQgqS1pFXeLtGQE7gXqNk.roa
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:208c::/48
2a0e:b240::/48
Signature Algorithm: sha256WithRSAEncryption
85:a4:40:9c:45:07:1e:8a:df:40:8a:a7:7b:7a:30:57:a9:68:
2e:11:3b:69:4b:62:71:67:c8:6d:a7:6f:18:d9:bc:c8:44:0c:
77:10:39:34:ec:fc:e6:f7:c3:9e:4d:4c:47:70:2f:c9:df:fd:
09:44:55:ea:0f:de:80:d1:f9:e0:45:ef:3e:79:a2:e7:cc:f4:
6e:e6:e6:99:ed:30:fd:0a:6d:77:bf:6b:f4:61:22:34:52:62:
27:0c:08:cf:a7:dd:69:8c:2a:a5:5f:70:c9:88:2c:4a:ca:ad:
e5:81:b2:f9:7e:d8:e8:34:28:43:b3:27:c0:a4:ef:c5:9c:30:
91:62:76:1a:5d:97:98:54:2f:53:b7:c1:28:2a:8e:3c:28:54:
32:3c:3c:67:a8:7e:cb:2f:7e:a0:f4:e9:e2:b9:74:8e:66:2d:
77:a9:06:75:ac:33:59:f6:2a:a5:30:53:af:98:86:56:eb:96:
a0:52:91:ed:2e:ba:78:ec:87:f0:31:db:57:b9:1c:b7:95:99:
be:bd:4d:e1:a0:79:2d:65:ec:d2:f6:73:11:74:89:4f:40:77:
64:80:18:a1:10:2f:60:30:7a:41:91:71:17:fa:38:1d:b1:d8:
78:a9:a3:51:7d:47:50:1f:a7:3d:9e:91:4a:50:01:d4:52:54:
0c:dc:16:18
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgIDAMZoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjIxMjAy
MTIwNDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhDNEFGQ0I4MzBDRDA4
MkE0QjVBNDU1REUyRUQxOTAxM0I4MTdBOEQ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuH3xGBvD57TGecpmlq+WDLzY4EM2Ks/dij25IIhK8m7EtAxz
wYX6cwsQZypSpb1lqZV+OWTj10W2ZvHvkaKUDomAQNkighyBX01NAL697h8vF3oR
IGPMDWWA31d2wsCXP3BSWQfJm7sqpiIACjatzGsVRI+1aYHFHP4JKl0hre/eAwwb
7BjBfL6QgpkZEBN2pajYEx9xNoOTkzlhugE2+oZIFbE92JtnXyXx26NBm/SNjFLZ
h3y2Ri2IOhaMH8TYZrP/TQgN6pHKkcuocdOk8l7wWWNo1cZeYYUOh2QZM3EmlcvE
V13FDeYZUw9M6BhkR9/H7MQqAtAtQw+6oDYUmQIDAQABo4IB2DCCAdQwHQYDVR0O
BBYEFMSvy4MM0IKktaRV3i7RkBO4F6jZMB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L3hLX0xnd3pRZ3FTMXBGWGVMdEdRRTdnWHFOay5yb2EwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwAgAQZ8IIwDBwAqDrJAAAAwDQYJKoZIhvcNAQELBQADggEB
AIWkQJxFBx6K30CKp3t6MFepaC4RO2lLYnFnyG2nbxjZvMhEDHcQOTTs/Ob3w55N
TEdwL8nf/QlEVeoP3oDR+eBF7z55oufM9G7m5pntMP0KbXe/a/RhIjRSYicMCM+n
3WmMKqVfcMmILErKreWBsvl+2Og0KEOzJ8Ck78WcMJFidhpdl5hUL1O3wSgqjjwo
VDI8PGeofssvfqD06eK5dI5mLXepBnWsM1n2KqUwU6+YhlbrlqBSke0uunjsh/Ax
21e5HLeVmb69TeGgeS1l7NL2cxF0iU9Ad2SAGKEQL2AwekGRcRf6OB2x2Hipo1F9
R1Afpz2ekUpQAdRSVAzcFhg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org