Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/RCH_5hTJHR4ZpXZvoYSre4zKBb0.roa
File: RCH_5hTJHR4ZpXZvoYSre4zKBb0.roa (raw, json)
Hash identifier: uOzXjZXrVKJQo5GGwnvIoW2UWS8j0Rrck3XYkFI1Y5k=
Subject key identifier: 44:21:FF:E6:14:C9:1D:1E:19:A5:76:6F:A1:84:AB:7B:8C:CA:05:BD
Certificate issuer: /CN=26bab8c6915851f4efd40274f742509b7ac7e22e
Certificate serial: 09DF5BE6
Authority key identifier: 26:BA:B8:C6:91:58:51:F4:EF:D4:02:74:F7:42:50:9B:7A:C7:E2:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jrq4xpFYUfTv1AJ090JQm3rH4i4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/RCH_5hTJHR4ZpXZvoYSre4zKBb0.roa
Signing time: Sat 01 Jan 2022 10:59:28 +0000
ROA not before: Sat 01 Jan 2022 10:59:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1213
IP address blocks: 157.190.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165632998 (0x9df5be6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bab8c6915851f4efd40274f742509b7ac7e22e
Validity
Not Before: Jan 1 10:59:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4421ffe614c91d1e19a5766fa184ab7b8cca05bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e5:78:71:39:25:18:59:17:ea:28:e6:10:dc:
fa:c6:7f:03:11:ca:e1:47:a7:2b:24:d2:ac:51:cf:
3a:c6:0a:41:ef:83:54:1e:d9:cf:0e:5b:b5:a8:7a:
5d:8a:5b:d5:49:75:b7:57:09:2d:f9:b2:7c:64:b1:
e6:b4:e3:cd:a3:ec:4c:78:12:07:07:34:c6:c1:47:
97:7f:b6:dd:32:9d:08:da:9f:4f:2a:83:f5:9d:51:
9a:3d:4c:77:b5:c8:87:a4:f0:75:78:5b:d2:cd:77:
b8:0a:b4:b1:88:8a:c2:fa:a3:11:af:23:5a:95:24:
58:a2:6f:83:a3:e6:b5:c3:58:76:91:f2:14:54:d1:
a2:02:09:2a:33:b4:85:b9:6b:11:d7:14:97:f1:ee:
c2:33:39:39:6a:8e:b6:74:c9:5e:c7:93:3e:79:2d:
d5:0b:a2:71:52:8c:5a:f9:12:5b:f5:e3:95:f4:b8:
75:d7:e0:a9:ed:c1:7b:ab:9d:17:74:a1:94:73:dc:
5f:e4:75:be:ac:bb:c1:09:60:f0:0e:ef:2a:45:12:
3a:74:a1:06:83:62:31:a3:52:11:2b:47:01:0f:35:
06:2e:2f:b3:58:2e:95:8e:94:2e:07:00:47:b4:b0:
ad:3a:b8:65:e2:c8:3a:65:ba:a8:40:08:b8:48:0e:
b4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:21:FF:E6:14:C9:1D:1E:19:A5:76:6F:A1:84:AB:7B:8C:CA:05:BD
X509v3 Authority Key Identifier:
keyid:26:BA:B8:C6:91:58:51:F4:EF:D4:02:74:F7:42:50:9B:7A:C7:E2:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jrq4xpFYUfTv1AJ090JQm3rH4i4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/RCH_5hTJHR4ZpXZvoYSre4zKBb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/Jrq4xpFYUfTv1AJ090JQm3rH4i4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.190.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:a3:94:5b:62:3c:af:c5:d7:fe:60:3b:07:a8:92:74:41:66:
e3:6d:73:ea:b6:0e:1d:0f:8e:55:3a:42:c0:65:c1:b6:5f:7a:
1a:ad:a4:36:fd:e3:6b:f9:b9:15:fc:3c:74:ec:0c:10:0d:ec:
34:d0:b6:fc:57:22:60:02:4d:32:c8:c2:da:2d:4e:ba:2c:34:
98:b6:3c:02:da:57:fb:bb:31:f0:3b:b0:de:7d:97:5e:5b:19:
dd:a5:73:98:d4:89:61:a2:3d:84:88:be:a5:38:07:5b:d3:ff:
63:f2:b6:30:9e:3c:30:70:03:41:33:e8:86:cd:8e:d0:32:b0:
c1:b0:4e:e3:94:05:41:be:35:80:56:b0:27:8d:72:88:3b:73:
a8:24:4d:28:7e:79:12:54:4e:d7:1a:27:fd:c9:8e:93:55:67:
4c:c6:9f:af:c6:84:c2:1b:36:40:aa:ca:4e:d3:b8:52:95:76:
f4:5b:c7:3d:79:eb:96:de:cb:1d:d6:d8:ad:24:51:88:98:ad:
4b:09:40:4f:87:4c:91:d3:14:73:b6:19:00:fe:6b:ee:24:22:
d6:52:3a:fe:8a:38:e1:23:8a:ba:ff:5d:da:fa:f8:ce:cf:42:
c2:23:a3:b8:9a:35:6c:cd:f6:2c:33:06:6b:bb:98:5d:18:9a:
46:2e:15:6a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIECd9b5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NmJhYjhjNjkxNTg1MWY0ZWZkNDAyNzRmNzQyNTA5YjdhYzdlMjJlMB4XDTIyMDEw
MTEwNTkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQyMWZmZTYxNGM5
MWQxZTE5YTU3NjZmYTE4NGFiN2I4Y2NhMDViZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJTleHE5JRhZF+oo5hDc+sZ/AxHK4UenKyTSrFHPOsYKQe+D
VB7Zzw5btah6XYpb1Ul1t1cJLfmyfGSx5rTjzaPsTHgSBwc0xsFHl3+23TKdCNqf
TyqD9Z1Rmj1Md7XIh6TwdXhb0s13uAq0sYiKwvqjEa8jWpUkWKJvg6PmtcNYdpHy
FFTRogIJKjO0hblrEdcUl/HuwjM5OWqOtnTJXseTPnkt1QuicVKMWvkSW/XjlfS4
ddfgqe3Be6udF3ShlHPcX+R1vqy7wQlg8A7vKkUSOnShBoNiMaNSEStHAQ81Bi4v
s1gulY6ULgcAR7SwrTq4ZeLIOmW6qEAIuEgOtKkCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBREIf/mFMkdHhmldm+hhKt7jMoFvTAfBgNVHSMEGDAWgBQmurjGkVhR9O/U
AnT3QlCbesfiLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pycTR4cEZZVWZUdjFBSjA5MEpRbTNySDRpNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvYTE2NmE3LTdkMDctNDA5YS1hZWQwLTYzOTMxNWRjYTU4MC8x
L1JDSF81aFRKSFI0WnBYWnZvWVNyZTR6S0JiMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
YTE2NmE3LTdkMDctNDA5YS1hZWQwLTYzOTMxNWRjYTU4MC8xL0pycTR4cEZZVWZU
djFBSjA5MEpRbTNySDRpNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ2+MA0GCSqGSIb3DQEBCwUAA4IB
AQCpo5RbYjyvxdf+YDsHqJJ0QWbjbXPqtg4dD45VOkLAZcG2X3oaraQ2/eNr+bkV
/Dx07AwQDew00Lb8VyJgAk0yyMLaLU66LDSYtjwC2lf7uzHwO7DefZdeWxndpXOY
1Ilhoj2EiL6lOAdb0/9j8rYwnjwwcANBM+iGzY7QMrDBsE7jlAVBvjWAVrAnjXKI
O3OoJE0ofnkSVE7XGif9yY6TVWdMxp+vxoTCGzZAqspO07hSlXb0W8c9eeuW3ssd
1titJFGImK1LCUBPh0yR0xRzthkA/mvuJCLWUjr+ijjhI4q6/13a+vjOz0LCI6O4
mjVszfYsMwZru5hdGJpGLhVq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:54 2025 by rpki-client