Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/Chbk78dlWwSOmxDpCRXNF0hu4es.roa
File: Chbk78dlWwSOmxDpCRXNF0hu4es.roa (raw, json)
Hash identifier: f/mZMdGZwkOCG2iHdZxlOTzANlO4gOh1BOPaEwbvjSI=
Subject key identifier: 0A:16:E4:EF:C7:65:5B:04:8E:9B:10:E9:09:15:CD:17:48:6E:E1:EB
Certificate issuer: /CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Certificate serial: 0187A2C042D3C19FD21EC90F7013A3D260C2
Authority key identifier: 1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/Chbk78dlWwSOmxDpCRXNF0hu4es.roa
Signing time: Fri 21 Apr 2023 07:38:41 +0000
ROA not before: Fri 21 Apr 2023 07:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43581
IP address blocks: 2a13:a500::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a2:c0:42:d3:c1:9f:d2:1e:c9:0f:70:13:a3:d2:60:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Validity
Not Before: Apr 21 07:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a16e4efc7655b048e9b10e90915cd17486ee1eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:17:73:18:7a:cb:38:b3:9e:5d:01:74:16:da:
6e:1e:9d:f2:99:bb:dd:c3:80:07:90:90:4d:d8:97:
41:90:51:b6:68:91:3f:8b:e2:18:6c:b5:54:bc:02:
5b:92:1e:81:98:ba:f0:59:ba:45:7d:41:01:24:ed:
3f:68:b0:1c:1f:2f:ce:e1:b9:8a:db:57:29:4c:6f:
cf:fe:a1:ba:8d:b2:b4:5a:4d:c9:46:37:e2:9a:11:
f2:e2:ed:70:63:cd:03:5c:1c:30:ac:8e:0f:46:5c:
27:9d:52:43:5b:68:db:12:47:ae:cd:57:da:6d:0b:
7d:e8:27:ca:f8:de:ef:43:81:f1:c9:6a:40:c6:78:
dc:02:53:3d:32:26:64:7b:47:27:8c:47:61:41:98:
0b:c4:48:5f:e6:67:55:25:b4:c9:f4:2f:ed:57:97:
b6:60:86:38:73:72:c6:8d:60:a3:ae:0f:55:b3:a3:
9f:c6:34:12:93:1b:50:8e:2b:b4:bb:22:2c:91:35:
99:f6:b0:5e:8c:91:9b:71:ba:cf:67:09:2e:b1:eb:
bb:a6:e7:ea:2e:fc:b2:f3:d7:a1:0e:ba:55:ab:cd:
5b:f0:3c:ef:99:52:4e:54:77:81:bd:ad:c1:19:18:
15:b9:f8:49:01:33:8d:eb:d8:65:83:9f:11:86:0f:
59:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:16:E4:EF:C7:65:5B:04:8E:9B:10:E9:09:15:CD:17:48:6E:E1:EB
X509v3 Authority Key Identifier:
keyid:1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/Chbk78dlWwSOmxDpCRXNF0hu4es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a500::/32
Signature Algorithm: sha256WithRSAEncryption
12:e3:01:16:ed:7a:21:49:7c:95:1a:01:a5:e4:c8:29:22:a5:
78:fe:1f:f4:90:ad:ce:ca:af:bb:a1:2b:0a:d7:ea:f6:43:89:
cf:67:7d:49:0a:59:51:23:0e:92:34:a1:19:cd:55:11:e4:21:
50:f8:22:6c:b7:bc:57:f1:9b:26:2c:4e:b1:05:e0:09:0e:66:
d4:27:94:9e:01:e9:28:1b:8e:19:30:e2:2d:73:f9:b2:e0:1f:
ad:ba:01:3e:06:d1:af:58:f0:1f:b6:cf:8b:b8:e4:67:7c:77:
99:b3:18:c9:43:2f:e1:5b:6e:43:d2:0c:dc:92:e0:73:03:85:
ce:57:f0:11:14:a6:15:c6:0d:55:9b:01:89:7e:ec:dc:13:36:
24:20:89:5f:68:d0:48:af:56:19:05:6b:f6:bf:de:0e:67:5b:
16:23:51:80:af:20:8a:33:4c:ce:dd:55:98:a2:22:5d:0f:89:
30:aa:a4:8b:d8:c2:bd:1e:7f:17:24:ce:35:29:5f:98:0f:ac:
3f:94:83:36:ee:66:ea:c0:9b:9b:99:99:35:60:8b:36:4b:a3:
8e:9a:f9:16:fb:30:b0:aa:f5:1b:fc:20:85:5b:b0:f4:fe:19:
83:bc:9c:3d:47:42:27:73:3a:09:ce:e5:f1:f6:3a:0a:e2:5a:
66:24:c8:29
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYeiwELTwZ/SHskPcBOj0mDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjI2ODE3NWM1YTA5YTdhZmQwZDg3ODUxODI0ZTFkYjcz
ZjdlN2IwHhcNMjMwNDIxMDczODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE2ZTRlZmM3NjU1YjA0OGU5YjEwZTkwOTE1Y2QxNzQ4NmVlMWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBdzGHrLOLOeXQF0FtpuHp3ymbvd
w4AHkJBN2JdBkFG2aJE/i+IYbLVUvAJbkh6BmLrwWbpFfUEBJO0/aLAcHy/O4bmK
21cpTG/P/qG6jbK0Wk3JRjfimhHy4u1wY80DXBwwrI4PRlwnnVJDW2jbEkeuzVfa
bQt96CfK+N7vQ4HxyWpAxnjcAlM9MiZke0cnjEdhQZgLxEhf5mdVJbTJ9C/tV5e2
YIY4c3LGjWCjrg9Vs6OfxjQSkxtQjiu0uyIskTWZ9rBejJGbcbrPZwkuseu7pufq
Lvyy89ehDrpVq81b8DzvmVJOVHeBva3BGRgVufhJATON69hlg58Rhg9ZhQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAoW5O/HZVsEjpsQ6QkVzRdIbuHrMB8GA1UdIwQY
MBaAFBvyaBdcWgmnr9DYeFGCTh23P357MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYt
NTM0YjhjZDY1MmU5LzEvQ2hiazc4ZGxXd1NPbXhEcENSWE5GMGh1NGVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYtNTM0YjhjZDY1MmU5
LzEvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhOlADAN
BgkqhkiG9w0BAQsFAAOCAQEAEuMBFu16IUl8lRoBpeTIKSKleP4f9JCtzsqvu6Er
Ctfq9kOJz2d9SQpZUSMOkjShGc1VEeQhUPgibLe8V/GbJixOsQXgCQ5m1CeUngHp
KBuOGTDiLXP5suAfrboBPgbRr1jwH7bPi7jkZ3x3mbMYyUMv4VtuQ9IM3JLgcwOF
zlfwERSmFcYNVZsBiX7s3BM2JCCJX2jQSK9WGQVr9r/eDmdbFiNRgK8gijNMzt1V
mKIiXQ+JMKqki9jCvR5/FyTONSlfmA+sP5SDNu5m6sCbm5mZNWCLNkujjpr5Fvsw
sKr1G/wghVuw9P4Zg7ycPUdCJ3M6Cc7l8fY6CuJaZiTIKQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:34 2025 by rpki-client