Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/CHL2YhgLyX08oQozH3JsD-OxLnM.roa
File: CHL2YhgLyX08oQozH3JsD-OxLnM.roa (raw, json)
Hash identifier: wahhI1KWrhN2kqE7JkqAqeWEMWkeoI5busXnC6AUDSE=
Subject key identifier: 08:72:F6:62:18:0B:C9:7D:3C:A1:0A:33:1F:72:6C:0F:E3:B1:2E:73
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 0AAC9D00
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/CHL2YhgLyX08oQozH3JsD-OxLnM.roa
Signing time: Thu 17 Mar 2022 20:36:04 +0000
ROA not before: Thu 17 Mar 2022 20:36:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 213.226.118.0/24 maxlen: 24
2a10:3302::/32 maxlen: 32
2a10:3305::/32 maxlen: 32
2a10:3301::/32 maxlen: 32
2a10:3306::/32 maxlen: 32
2a10:3304::/32 maxlen: 32
2a10:3303::/32 maxlen: 32
2a10:3307::/32 maxlen: 32
2a10:3300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179084544 (0xaac9d00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Mar 17 20:36:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0872f662180bc97d3ca10a331f726c0fe3b12e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:26:13:04:ef:a5:64:0d:49:cf:cb:91:b9:c0:
02:10:00:45:1f:77:4c:d8:3f:a7:b5:46:56:52:bc:
e2:1f:65:3f:25:6b:22:38:f1:04:92:fc:9d:95:dd:
05:14:aa:a3:52:8e:cd:3e:4e:ad:20:a4:cf:89:08:
09:2c:dd:4a:62:24:08:df:b1:41:27:86:14:60:ef:
45:08:22:a8:c7:f6:1f:61:43:dd:67:e0:32:6d:c1:
97:63:ae:f0:b2:87:8a:d9:01:c5:f5:01:83:fc:76:
ff:97:50:a6:c3:00:fb:ce:01:05:8f:53:48:6f:fd:
2e:ff:d0:d8:17:f0:00:bd:b1:0e:f4:85:a8:c8:a6:
d9:10:aa:bd:a1:d3:d5:04:de:d0:a6:c2:c4:8e:2a:
fa:c5:44:92:4a:c1:d6:91:9d:62:de:a7:b2:6f:14:
6d:06:43:55:0f:17:8c:f9:d9:4b:70:84:39:63:47:
43:75:ce:f8:3e:76:89:63:b0:8d:dd:9a:b9:15:b7:
8a:bb:f1:06:38:7a:9d:d7:74:f7:db:75:21:81:55:
69:2e:c2:b2:5c:9d:c4:26:2e:ec:5c:6a:5c:01:41:
d9:25:60:54:68:7a:54:f8:51:f7:4b:17:b9:d5:d7:
87:c2:9e:31:59:74:e5:99:ed:3e:31:08:9b:50:dc:
c1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:72:F6:62:18:0B:C9:7D:3C:A1:0A:33:1F:72:6C:0F:E3:B1:2E:73
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/CHL2YhgLyX08oQozH3JsD-OxLnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.226.118.0/24
IPv6:
2a10:3300::/29
Signature Algorithm: sha256WithRSAEncryption
12:c5:26:4e:62:85:50:5c:71:fe:6e:74:b8:c5:77:d0:bf:be:
04:56:e4:81:01:9d:c5:04:e0:87:ce:1b:28:ce:c2:42:fa:3a:
20:c8:32:ec:7d:b7:ed:f5:2a:e4:fb:40:27:b7:b4:d9:63:d5:
aa:f1:08:f8:b4:ce:b6:8a:01:20:84:e2:58:0d:63:68:e5:45:
9b:37:52:1c:4e:e7:04:1a:4d:c6:60:40:32:77:21:1f:89:3f:
08:f9:29:f7:cb:82:7e:e2:ad:fc:48:fc:f4:f5:27:5e:fc:54:
9f:b2:83:c2:31:1b:dc:bd:d2:c2:cc:c0:47:3c:70:5b:c7:4e:
5c:78:c5:de:33:2f:eb:d8:6a:4c:1f:a4:ab:1f:49:4a:ec:f9:
ea:84:e5:a3:e8:4a:16:2a:b7:df:eb:2d:d0:c5:2d:7a:03:e9:
a2:b7:3e:44:d4:a6:19:54:92:56:a6:cd:98:0a:d8:e4:c1:aa:
36:01:c6:3b:5f:20:8f:55:7f:3e:26:9d:f7:8c:62:4f:a7:0f:
08:8c:d3:ed:d6:b9:bc:25:3c:03:d6:ab:87:23:91:b5:59:fd:
d4:6b:88:75:27:c7:b3:77:da:52:ce:08:ca:97:e7:78:52:4f:
07:95:b4:11:2d:54:e4:93:20:b3:22:f4:4e:2d:86:18:b2:e7:
30:cc:b4:60
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECqydADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGIzNDc3NGIwMTk3OTI4NGZkOWU3NTRmZWE2OGZhM2M2MTc4M2QwMB4XDTIyMDMx
NzIwMzYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg3MmY2NjIxODBi
Yzk3ZDNjYTEwYTMzMWY3MjZjMGZlM2IxMmU3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkmEwTvpWQNSc/LkbnAAhAARR93TNg/p7VGVlK84h9lPyVr
IjjxBJL8nZXdBRSqo1KOzT5OrSCkz4kICSzdSmIkCN+xQSeGFGDvRQgiqMf2H2FD
3WfgMm3Bl2Ou8LKHitkBxfUBg/x2/5dQpsMA+84BBY9TSG/9Lv/Q2BfwAL2xDvSF
qMim2RCqvaHT1QTe0KbCxI4q+sVEkkrB1pGdYt6nsm8UbQZDVQ8XjPnZS3CEOWNH
Q3XO+D52iWOwjd2auRW3irvxBjh6ndd099t1IYFVaS7CslydxCYu7FxqXAFB2SVg
VGh6VPhR90sXudXXh8KeMVl05ZntPjEIm1DcwYECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQIcvZiGAvJfTyhCjMfcmwP47EuczAfBgNVHSMEGDAWgBSNs0d0sBl5KE/Z
51T+po+jxheD0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2piTkhkTEFaZVNoUDJlZFVfcWFQbzhZWGc5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvNzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8x
L0NITDJZaGdMeVgwOG9Rb3pIM0pzRC1PeExuTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
NzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8xL2piTkhkTEFaZVNo
UDJlZFVfcWFQbzhZWGc5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEANXidjANBAIAAjAHAwUDKhAzADAN
BgkqhkiG9w0BAQsFAAOCAQEAEsUmTmKFUFxx/m50uMV30L++BFbkgQGdxQTgh84b
KM7CQvo6IMgy7H237fUq5PtAJ7e02WPVqvEI+LTOtooBIITiWA1jaOVFmzdSHE7n
BBpNxmBAMnchH4k/CPkp98uCfuKt/Ej89PUnXvxUn7KDwjEb3L3SwszARzxwW8dO
XHjF3jMv69hqTB+kqx9JSuz56oTlo+hKFiq33+st0MUtegPporc+RNSmGVSSVqbN
mArY5MGqNgHGO18gj1V/Piad94xiT6cPCIzT7da5vCU8A9arhyORtVn91GuIdSfH
s3faUs4IypfneFJPB5W0ES1U5JMgsyL0Ti2GGLLnMMy0YA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-fra.rpki-client.org