Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CH-dKQ7zRfNZWqtRwhUnxWx8pyQ.roa
File: CH-dKQ7zRfNZWqtRwhUnxWx8pyQ.roa (raw, json)
Hash identifier: jGCP0INtXPmqJdfkIz4NNdkpTdRTXlb5ccnBufkQj/o=
Subject key identifier: 08:7F:9D:29:0E:F3:45:F3:59:5A:AB:51:C2:15:27:C5:6C:7C:A7:24
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184769C980E1D16873CA74A3533CA836F04
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CH-dKQ7zRfNZWqtRwhUnxWx8pyQ.roa
Signing time: Mon 14 Nov 2022 14:48:04 +0000
ROA not before: Mon 14 Nov 2022 14:48:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138687
IP address blocks: 212.192.7.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:9c:98:0e:1d:16:87:3c:a7:4a:35:33:ca:83:6f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 14 14:48:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=087f9d290ef345f3595aab51c21527c56c7ca724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:11:b6:b8:cf:b4:7f:ec:62:6e:66:65:f9:29:
10:a6:37:1c:4e:b6:65:7c:22:ee:df:a2:ce:43:a9:
54:54:74:b6:42:3c:b6:b8:5c:50:9f:aa:96:77:05:
a3:50:0c:e0:f8:3a:24:95:7d:67:2d:d6:24:1c:dd:
f8:ec:e9:1a:36:9a:9c:d8:38:c7:36:06:92:53:9f:
67:b6:71:3c:8e:8d:94:d4:d7:77:93:57:36:3f:b3:
6a:fd:69:7d:8a:26:90:fc:3f:17:b2:4b:cb:d9:30:
9d:95:c9:bc:a1:b6:68:ff:c1:f2:7d:67:fd:c1:7d:
f9:0d:bb:51:5d:20:f3:86:1f:95:45:25:db:d6:b6:
ac:9f:eb:14:51:01:79:5d:90:e3:ea:bc:67:b9:dd:
d5:af:03:0b:9a:74:1b:84:28:bc:fe:3e:d8:78:27:
41:98:21:97:02:56:64:b0:22:e5:1e:b1:0e:7c:1b:
af:b7:03:b6:a0:c6:85:31:93:9f:fe:98:b9:1a:e8:
70:62:42:f4:74:ea:e0:d5:be:04:86:26:a5:b9:41:
a6:77:c7:b1:97:58:8d:d6:a9:4a:42:b1:ab:47:d2:
53:7a:02:a8:f2:19:e9:a7:ed:2f:db:dc:3d:e6:8a:
44:6f:0e:f7:69:cb:72:7e:64:b7:dc:46:68:40:63:
3e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7F:9D:29:0E:F3:45:F3:59:5A:AB:51:C2:15:27:C5:6C:7C:A7:24
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CH-dKQ7zRfNZWqtRwhUnxWx8pyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
194.87.180.0/24
195.58.61.0/24
212.192.7.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
15:a5:21:67:39:f0:c8:24:34:0e:5d:a1:70:10:4a:a1:e6:f5:
3e:1f:7d:ce:39:da:a6:3b:67:91:60:4e:ac:7b:6e:e7:40:f4:
16:a5:40:e3:a1:d7:62:5a:74:94:43:80:66:c0:bb:86:33:38:
cf:6b:ad:98:d1:2a:b1:10:3b:ff:fb:4e:b8:3c:02:9b:24:b7:
3b:15:46:6c:05:cf:9d:64:ca:83:cb:45:5c:0c:a7:36:a0:27:
c8:0f:6a:21:8d:14:b9:15:37:df:25:33:69:4d:25:d1:44:c2:
d7:ae:23:c6:5f:03:1b:f9:3d:3b:3f:67:0b:76:35:99:ab:a4:
1c:78:88:dc:f0:9b:21:9e:78:79:30:08:77:41:2e:05:75:a7:
72:69:91:29:4c:97:71:de:6a:3c:b6:84:38:85:f1:3f:9f:6f:
cf:63:52:63:3c:41:52:b7:52:dd:6a:c9:0a:b1:c9:d4:2c:0b:
6b:1b:93:4f:ad:f3:8a:ad:02:ed:12:4b:8c:3c:0a:8b:91:8d:
eb:92:84:08:b0:53:8c:01:24:a9:75:55:1d:d7:e2:7a:37:73:
ac:c1:5e:30:36:19:69:75:08:87:fc:a4:0d:d7:64:a9:f2:e4:
8b:86:7d:9a:36:a0:45:a3:d7:42:cd:e5:7b:42:17:3b:6c:2d:
65:0f:c1:33
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYR2nJgOHRaHPKdKNTPKg28EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTE0MTQ0ODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdmOWQyOTBlZjM0NWYzNTk1YWFiNTFjMjE1MjdjNTZjN2NhNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxG2uM+0f+xibmZl+SkQpjccTrZl
fCLu36LOQ6lUVHS2Qjy2uFxQn6qWdwWjUAzg+DoklX1nLdYkHN347OkaNpqc2DjH
NgaSU59ntnE8jo2U1Nd3k1c2P7Nq/Wl9iiaQ/D8XskvL2TCdlcm8obZo/8HyfWf9
wX35DbtRXSDzhh+VRSXb1rasn+sUUQF5XZDj6rxnud3VrwMLmnQbhCi8/j7YeCdB
mCGXAlZksCLlHrEOfBuvtwO2oMaFMZOf/pi5GuhwYkL0dOrg1b4EhialuUGmd8ex
l1iN1qlKQrGrR9JTegKo8hnpp+0v29w95opEbw73actyfmS33EZoQGM+ZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAh/nSkO80XzWVqrUcIVJ8VsfKckMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ0gtZEtRN3pSZk5aV3F0UndoVW54V3g4cHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwHy1AwQA
wle0AwQAwzo9AwQA1MAHAwQA1MEFMA0GCSqGSIb3DQEBCwUAA4IBAQAVpSFnOfDI
JDQOXaFwEEqh5vU+H33OOdqmO2eRYE6se27nQPQWpUDjoddiWnSUQ4BmwLuGMzjP
a62Y0SqxEDv/+064PAKbJLc7FUZsBc+dZMqDy0VcDKc2oCfID2ohjRS5FTffJTNp
TSXRRMLXriPGXwMb+T07P2cLdjWZq6QceIjc8Jshnnh5MAh3QS4FdadyaZEpTJdx
3mo8toQ4hfE/n2/PY1JjPEFSt1LdaskKscnULAtrG5NPrfOKrQLtEkuMPAqLkY3r
koQIsFOMASSpdVUd1+J6N3OswV4wNhlpdQiH/KQN12Sp8uSLhn2aNqBFo9dCzeV7
Qhc7bC1lD8Ez
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org