Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/CHVtY52xPqX7_ux80SRWUCodjYc.roa
File: CHVtY52xPqX7_ux80SRWUCodjYc.roa (raw, json)
Hash identifier: pC1oCyI3kDk1zA8H9NEkpni3bduWIjfwwc9zphXYCy4=
Subject key identifier: 08:75:6D:63:9D:B1:3E:A5:FB:FE:EC:7C:D1:24:56:50:2A:1D:8D:87
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 50DA0111
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/CHVtY52xPqX7_ux80SRWUCodjYc.roa
Signing time: Sat 01 Jan 2022 16:01:50 +0000
ROA not before: Sat 01 Jan 2022 16:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48590
IP address blocks: 194.209.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1356464401 (0x50da0111)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 16:01:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08756d639db13ea5fbfeec7cd12456502a1d8d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0a:cc:6b:83:a3:d7:cb:82:70:13:0e:a2:11:
32:24:11:32:64:5a:5d:2b:b4:20:63:d3:00:9d:e2:
7b:2e:29:f0:a1:4f:e8:25:af:05:8b:d5:10:11:b8:
0b:10:fe:cf:6d:23:23:9e:91:f6:6b:c5:76:33:ba:
ce:13:73:0d:18:65:66:96:85:f0:71:fa:07:9f:1f:
ef:5c:73:c3:40:03:24:5d:b4:a7:53:12:e0:28:81:
7f:ef:42:18:c4:68:4f:d1:0a:18:8c:16:09:30:50:
03:83:e2:c8:da:c0:39:bb:e2:db:c5:0a:48:22:ef:
9c:03:94:70:cf:ed:fe:26:ff:22:65:de:34:b2:81:
b6:c5:d1:27:5e:cc:b2:ca:2d:2a:18:37:16:be:95:
4a:14:6f:01:d7:cd:81:5f:6c:4b:97:e9:cf:84:08:
d1:82:07:95:e0:dd:33:fc:9c:f2:19:36:23:af:c1:
b2:20:6b:93:d2:2f:93:e6:2f:e2:13:fc:02:c5:52:
49:6b:04:26:90:6a:84:58:20:e5:58:db:f4:20:27:
5f:3b:fa:01:94:d6:3a:7e:29:c2:32:4d:4b:47:53:
00:ee:97:0a:1a:5a:4a:55:cd:f4:99:c9:87:fe:9d:
df:03:53:25:fe:df:cc:e8:7b:31:16:a7:e2:84:b3:
cf:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:75:6D:63:9D:B1:3E:A5:FB:FE:EC:7C:D1:24:56:50:2A:1D:8D:87
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/CHVtY52xPqX7_ux80SRWUCodjYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.12.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:eb:00:a7:ca:cd:31:6b:c3:e7:1d:ab:67:e8:74:7a:53:14:
38:a9:e2:6f:6a:5f:e2:de:31:c7:de:58:00:5a:39:a6:a5:87:
d5:1c:92:0d:38:d0:0c:c4:13:37:19:7d:8c:40:84:11:37:8d:
a9:24:13:ff:15:00:db:4c:0e:8e:c3:68:d7:89:2c:e7:4b:97:
ba:da:31:8c:72:66:c0:8f:cf:fd:58:76:43:53:4b:fe:27:b2:
62:26:a0:25:79:d3:7a:f1:7b:30:81:f3:66:19:f7:ee:71:42:
80:32:46:eb:06:e9:b6:f9:af:3a:e2:75:39:78:a4:18:ab:87:
08:99:e4:67:c5:85:bf:fc:fe:66:b0:a2:99:57:f3:04:b0:af:
a9:44:e1:38:12:99:1f:8d:24:8b:db:6b:3d:48:5d:a3:e5:41:
24:94:bc:df:db:6e:66:8e:f4:1f:66:85:15:99:30:be:5b:ed:
0c:58:49:4b:8e:bf:ce:45:1a:1f:52:7d:e2:19:61:96:95:bd:
6c:f5:1e:82:1c:1d:9f:3f:e8:d4:74:29:c1:79:11:55:c7:e8:
8b:a0:e2:f6:3b:1a:44:c1:6b:e1:e7:28:97:81:dc:6c:31:b1:
08:36:d3:cd:89:c1:40:36:de:f3:3b:da:30:17:b6:44:92:32:
7c:11:01:bf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEUNoBETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMB4XDTIyMDEw
MTE2MDE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg3NTZkNjM5ZGIx
M2VhNWZiZmVlYzdjZDEyNDU2NTAyYTFkOGQ4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIKzGuDo9fLgnATDqIRMiQRMmRaXSu0IGPTAJ3iey4p8KFP
6CWvBYvVEBG4CxD+z20jI56R9mvFdjO6zhNzDRhlZpaF8HH6B58f71xzw0ADJF20
p1MS4CiBf+9CGMRoT9EKGIwWCTBQA4PiyNrAObvi28UKSCLvnAOUcM/t/ib/ImXe
NLKBtsXRJ17MssotKhg3Fr6VShRvAdfNgV9sS5fpz4QI0YIHleDdM/yc8hk2I6/B
siBrk9Ivk+Yv4hP8AsVSSWsEJpBqhFgg5Vjb9CAnXzv6AZTWOn4pwjJNS0dTAO6X
ChpaSlXN9JnJh/6d3wNTJf7fzOh7MRan4oSzz0ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQIdW1jnbE+pfv+7HzRJFZQKh2NhzAfBgNVHSMEGDAWgBQmY/PbFS4FWsFF
vbtCngGGVCBMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8x
L0NIVnRZNTJ4UHFYN191eDgwU1JXVUNvZGpZYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZy
QlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMLRDDANBgkqhkiG9w0BAQsFAAOC
AQEAs+sAp8rNMWvD5x2rZ+h0elMUOKnib2pf4t4xx95YAFo5pqWH1RySDTjQDMQT
Nxl9jECEETeNqSQT/xUA20wOjsNo14ks50uXutoxjHJmwI/P/Vh2Q1NL/ieyYiag
JXnTevF7MIHzZhn37nFCgDJG6wbptvmvOuJ1OXikGKuHCJnkZ8WFv/z+ZrCimVfz
BLCvqUThOBKZH40ki9trPUhdo+VBJJS839tuZo70H2aFFZkwvlvtDFhJS46/zkUa
H1J94hlhlpW9bPUeghwdnz/o1HQpwXkRVcfoi6Di9jsaRMFr4ecol4HcbDGxCDbT
zYnBQDbe8zvaMBe2RJIyfBEBvw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:27:49 2025 by rpki-client