Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ChTKsFbfHsyn1ptRYEnyB93vcYA.roa
File: ChTKsFbfHsyn1ptRYEnyB93vcYA.roa (raw, json)
Hash identifier: +x5tWwuQdtrR3GFGUKj3lcua08vzpoDcSnkGetgn8vs=
Subject key identifier: 0A:14:CA:B0:56:DF:1E:CC:A7:D6:9B:51:60:49:F2:07:DD:EF:71:80
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 09A4D310
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ChTKsFbfHsyn1ptRYEnyB93vcYA.roa
Signing time: Sat 01 Jan 2022 05:04:15 +0000
ROA not before: Sat 01 Jan 2022 05:04:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209835
IP address blocks: 109.167.12.0/24 maxlen: 24
176.56.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161796880 (0x9a4d310)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a14cab056df1ecca7d69b516049f207ddef7180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b9:90:3a:5b:5e:e0:84:fc:06:18:3c:a4:e7:
3f:39:b4:40:18:10:78:1e:85:8d:34:2e:c3:b3:9b:
68:52:4f:14:0a:c1:9d:99:d6:4f:b8:c1:1b:d4:45:
64:12:10:c6:be:a4:47:bb:7b:bf:f1:3d:0d:58:77:
98:2b:7c:d2:f4:31:f5:19:06:65:35:b5:9e:2e:b1:
c8:2a:59:78:a5:54:72:4f:37:12:d6:13:8c:53:7b:
f3:08:92:fe:c6:e4:68:68:83:1e:08:50:21:38:c9:
9d:12:4a:7e:43:a1:6e:48:f5:a3:78:ec:b6:7b:40:
cd:ea:48:e7:be:4a:d8:5d:21:a9:a3:e9:13:12:31:
05:ac:f3:2a:26:84:f5:22:0f:73:d6:0a:4f:8b:00:
7c:5f:8f:eb:53:a7:73:08:58:5d:d7:bd:68:db:2d:
39:31:bf:55:db:58:fd:ec:d8:25:83:ff:fc:ff:7d:
0d:ad:f9:17:7c:c3:ad:ad:b2:dd:7d:f6:ab:6e:00:
01:98:a7:76:e9:12:7f:22:78:be:0b:91:c2:ad:75:
f0:1c:de:87:85:af:bd:ec:3b:e1:7d:aa:bc:6f:52:
97:0d:1e:32:2b:0f:2b:00:e9:f6:a0:a4:56:c8:8a:
61:5c:f0:40:1b:8d:4b:85:87:99:b9:c2:fa:d5:3a:
0d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:14:CA:B0:56:DF:1E:CC:A7:D6:9B:51:60:49:F2:07:DD:EF:71:80
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ChTKsFbfHsyn1ptRYEnyB93vcYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.167.12.0/24
176.56.119.0/24
Signature Algorithm: sha256WithRSAEncryption
15:0d:bd:0a:a0:60:05:69:98:b6:91:59:3a:78:e5:c7:55:42:
9a:70:57:62:4f:c6:e2:4b:99:ae:f7:92:f9:3b:d5:79:19:e7:
68:1c:13:39:57:69:5b:b7:53:48:ca:90:d0:f2:6e:fa:03:dc:
7e:dd:fc:10:00:18:35:84:33:ba:50:8c:79:63:a6:b3:46:eb:
96:db:ec:e2:33:9e:56:e4:a0:b7:77:17:f5:13:cd:66:e8:aa:
3d:a6:3b:c5:66:37:76:97:69:01:c3:8f:4b:d8:f2:9d:fc:e9:
b2:8d:6e:ca:b4:0d:26:a1:2f:fa:7e:e8:63:bf:49:a8:12:46:
e7:b6:a3:a2:99:1c:a1:75:5a:2d:13:f2:2f:c9:1d:51:be:15:
79:0a:18:db:f5:7a:64:76:7c:7e:3b:9f:f0:f0:b2:ed:39:fd:
07:cf:0e:7c:86:2e:6b:0c:44:bf:b7:b6:00:66:aa:7a:5b:f2:
21:7b:f6:4d:41:fd:f9:a5:5b:43:13:ac:8d:d9:6b:2b:43:7d:
f7:72:a3:33:52:8e:ea:c8:a9:bc:25:3a:de:3c:3c:f6:cd:19:
3b:63:f4:a1:c5:5e:aa:0d:32:64:96:99:cc:eb:5a:38:eb:64:
c6:c3:7a:b7:a3:52:25:d7:7a:9d:b5:fa:b1:b8:4c:23:32:91:
8b:84:5a:8e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECaTTEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGExNGNhYjA1NmRm
MWVjY2E3ZDY5YjUxNjA0OWYyMDdkZGVmNzE4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANC5kDpbXuCE/AYYPKTnPzm0QBgQeB6FjTQuw7ObaFJPFArB
nZnWT7jBG9RFZBIQxr6kR7t7v/E9DVh3mCt80vQx9RkGZTW1ni6xyCpZeKVUck83
EtYTjFN78wiS/sbkaGiDHghQITjJnRJKfkOhbkj1o3jstntAzepI575K2F0hqaPp
ExIxBazzKiaE9SIPc9YKT4sAfF+P61OncwhYXde9aNstOTG/VdtY/ezYJYP//P99
Da35F3zDra2y3X32q24AAZindukSfyJ4vguRwq118Bzeh4Wvvew74X2qvG9Slw0e
MisPKwDp9qCkVsiKYVzwQBuNS4WHmbnC+tU6DbUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQKFMqwVt8ezKfWm1FgSfIH3e9xgDAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
L0NoVEtzRmJmSHN5bjFwdFJZRW55QjkzdmNZQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAG2nDAMEALA4dzANBgkqhkiG9w0B
AQsFAAOCAQEAFQ29CqBgBWmYtpFZOnjlx1VCmnBXYk/G4kuZrveS+TvVeRnnaBwT
OVdpW7dTSMqQ0PJu+gPcft38EAAYNYQzulCMeWOms0brltvs4jOeVuSgt3cX9RPN
ZuiqPaY7xWY3dpdpAcOPS9jynfzpso1uyrQNJqEv+n7oY79JqBJG57ajopkcoXVa
LRPyL8kdUb4VeQoY2/V6ZHZ8fjuf8PCy7Tn9B88OfIYuawxEv7e2AGaqelvyIXv2
TUH9+aVbQxOsjdlrK0N993KjM1KO6sipvCU63jw89s0ZO2P0ocVeqg0yZJaZzOta
OOtkxsN6t6NSJdd6nbX6sbhMIzKRi4Rajg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:02 2023 by rpki-client on console-ams.rpki-client.org