Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/CHuXYDZpw975BivpQOQr8xjMdOg.roa
File: CHuXYDZpw975BivpQOQr8xjMdOg.roa (raw, json)
Hash identifier: jZ6QqHEEilpL/0Q8FQJc7X0ONdIlvyBC3HlFA0dN7Fo=
Subject key identifier: 08:7B:97:60:36:69:C3:DE:F9:06:2B:E9:40:E4:2B:F3:18:CC:74:E8
Certificate issuer: /CN=3c8d19d9240191c36a974b62df93c221436d9bdd
Certificate serial: 018514BFCFA619A9E8C2A14A3C5CB619A2C5
Authority key identifier: 3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/CHuXYDZpw975BivpQOQr8xjMdOg.roa
Signing time: Thu 15 Dec 2022 07:46:32 +0000
ROA not before: Thu 15 Dec 2022 07:46:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 195.226.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:14:bf:cf:a6:19:a9:e8:c2:a1:4a:3c:5c:b6:19:a2:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c8d19d9240191c36a974b62df93c221436d9bdd
Validity
Not Before: Dec 15 07:46:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=087b97603669c3def9062be940e42bf318cc74e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:64:61:22:53:56:7a:97:33:22:af:e0:51:dc:
20:69:60:7a:f9:44:f9:31:23:d2:ba:46:a6:35:f0:
e5:95:59:a3:46:92:7e:60:81:87:82:cf:60:6f:c1:
fe:88:bc:be:c5:5d:9d:8e:c2:5c:f0:54:81:de:5a:
31:c9:95:db:59:a7:da:db:1b:a6:21:74:63:65:41:
ba:ab:a7:ef:43:1f:12:5a:b2:d1:ef:3e:0b:55:cf:
79:f2:11:03:75:a2:d3:60:7c:03:37:ab:27:6a:2b:
d1:95:60:85:31:6e:f3:0b:f9:6f:40:f5:b5:c5:ba:
68:58:46:f0:69:c1:d5:b2:62:7c:89:06:37:43:34:
06:30:5e:9c:8b:98:41:99:e3:29:d9:9d:7a:08:72:
55:91:83:04:0c:46:91:b9:74:16:57:d2:c0:4f:67:
83:14:99:20:ff:9a:9c:eb:3c:7d:3e:c7:99:0e:85:
dd:0d:cb:e1:fb:03:0c:45:fa:e3:57:3d:08:07:ba:
9e:14:a2:11:11:6f:80:0d:c7:4e:74:01:70:4c:fe:
c0:65:50:df:94:99:16:ad:14:ef:d7:5a:a1:3c:5c:
52:33:70:58:3a:55:3a:9f:bd:34:33:be:28:8e:ee:
50:5b:47:89:a1:1a:b3:5c:ed:0c:9f:53:52:91:49:
1c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7B:97:60:36:69:C3:DE:F9:06:2B:E9:40:E4:2B:F3:18:CC:74:E8
X509v3 Authority Key Identifier:
keyid:3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/CHuXYDZpw975BivpQOQr8xjMdOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.226.196.0/24
Signature Algorithm: sha256WithRSAEncryption
37:01:5e:ce:96:c9:6f:5a:b1:a3:e1:bd:69:ac:01:a3:07:90:
c7:c7:25:98:e3:e1:e5:47:3d:8d:d5:77:79:10:ab:66:1b:60:
4e:26:f9:58:13:2c:74:89:a5:af:5c:30:61:07:c5:25:50:e3:
33:5d:d6:c7:91:d6:a5:8d:39:1e:19:57:71:60:c9:01:1d:02:
5a:84:aa:da:b8:75:e4:de:59:2e:e3:8b:84:13:ce:40:72:95:
b3:ac:12:a1:7a:65:ec:5c:13:01:e9:e4:aa:c3:47:5c:9d:53:
b6:aa:10:8b:84:4a:48:20:bb:db:06:e1:3f:39:c6:71:19:21:
af:70:36:54:47:4c:74:38:1d:19:68:73:72:7e:ed:6c:f4:e9:
d6:08:58:d7:32:9f:7f:d7:fc:eb:70:27:c8:cf:6f:b2:e0:90:
74:e5:02:fe:e2:b3:f0:a2:1f:71:cb:b4:91:f0:78:db:29:11:
10:d4:73:32:4a:ee:49:0a:36:92:00:36:fc:8e:8a:ac:4e:7a:
db:c3:12:63:91:80:77:06:ba:c3:0a:15:4c:77:42:9c:74:3d:
0b:3f:c0:ea:2b:37:6b:b2:dd:95:1e:93:bb:b5:51:23:00:9d:
70:a2:30:4b:eb:95:08:0f:28:ea:35:e2:91:eb:e9:e8:40:11:
5e:58:ba:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUUv8+mGanowqFKPFy2GaLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOGQxOWQ5MjQwMTkxYzM2YTk3NGI2MmRmOTNjMjIxNDM2
ZDliZGQwHhcNMjIxMjE1MDc0NjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdiOTc2MDM2NjljM2RlZjkwNjJiZTk0MGU0MmJmMzE4Y2M3NGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmRhIlNWepczIq/gUdwgaWB6+UT5
MSPSukamNfDllVmjRpJ+YIGHgs9gb8H+iLy+xV2djsJc8FSB3loxyZXbWafa2xum
IXRjZUG6q6fvQx8SWrLR7z4LVc958hEDdaLTYHwDN6snaivRlWCFMW7zC/lvQPW1
xbpoWEbwacHVsmJ8iQY3QzQGMF6ci5hBmeMp2Z16CHJVkYMEDEaRuXQWV9LAT2eD
FJkg/5qc6zx9PseZDoXdDcvh+wMMRfrjVz0IB7qeFKIREW+ADcdOdAFwTP7AZVDf
lJkWrRTv11qhPFxSM3BYOlU6n700M74oju5QW0eJoRqzXO0Mn1NSkUkcbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAh7l2A2acPe+QYr6UDkK/MYzHToMB8GA1UdIwQY
MBaAFDyNGdkkAZHDapdLYt+TwiFDbZvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAt
MTAzNTdiODdjYjIzLzEvQ0h1WFlEWnB3OTc1Qml2cFFPUXI4eGpNZE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAtMTAzNTdiODdjYjIz
LzEvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+LEMA0G
CSqGSIb3DQEBCwUAA4IBAQA3AV7OlslvWrGj4b1prAGjB5DHxyWY4+HlRz2N1Xd5
EKtmG2BOJvlYEyx0iaWvXDBhB8UlUOMzXdbHkdaljTkeGVdxYMkBHQJahKrauHXk
3lku44uEE85AcpWzrBKhemXsXBMB6eSqw0dcnVO2qhCLhEpIILvbBuE/OcZxGSGv
cDZUR0x0OB0ZaHNyfu1s9OnWCFjXMp9/1/zrcCfIz2+y4JB05QL+4rPwoh9xy7SR
8HjbKREQ1HMySu5JCjaSADb8joqsTnrbwxJjkYB3BrrDChVMd0KcdD0LP8DqKzdr
st2VHpO7tVEjAJ1wojBL65UIDyjqNeKR6+noQBFeWLq/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:46 2025 by rpki-client