Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/CHKULwHuOYKdEdfdfuq_2zmYbA4.roa
File: CHKULwHuOYKdEdfdfuq_2zmYbA4.roa (raw, json)
Hash identifier: AO9XuDjmAnQtWItw1G2hqn6GjZwpwg7RUxfUQbvfwK4=
Subject key identifier: 08:72:94:2F:01:EE:39:82:9D:11:D7:DD:7E:EA:BF:DB:39:98:6C:0E
Certificate issuer: /CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Certificate serial: 01898C331A9B433E3883F17C31CEDBA368C0
Authority key identifier: 36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/CHKULwHuOYKdEdfdfuq_2zmYbA4.roa
Signing time: Tue 25 Jul 2023 08:38:26 +0000
ROA not before: Tue 25 Jul 2023 08:38:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 195.66.224.0/19 maxlen: 19
2001:7f8:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:33:1a:9b:43:3e:38:83:f1:7c:31:ce:db:a3:68:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Validity
Not Before: Jul 25 08:38:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0872942f01ee39829d11d7dd7eeabfdb39986c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b9:ad:94:40:1c:d7:6c:93:1b:5f:50:59:e0:
0c:83:53:29:fc:ef:5e:90:72:8d:d9:9d:c6:0b:c5:
31:f6:56:f9:84:f8:05:26:2a:7f:1a:92:90:a3:7e:
21:d0:af:8b:07:d9:4e:f0:64:36:d9:5f:23:98:f7:
a4:a4:a3:cd:32:59:8d:f1:dc:bb:66:36:81:fc:13:
a6:9a:a2:53:70:45:55:0d:7f:d5:e0:a1:32:e5:b1:
96:00:b0:c0:77:bf:73:88:2c:55:c3:39:28:66:bb:
03:26:2f:7a:7a:ec:8d:9a:1b:ff:7c:69:71:91:a8:
3f:bc:cc:4a:19:f4:3c:29:01:a9:b2:6f:7d:d2:6e:
e4:a6:b4:96:3a:ee:38:73:f8:b5:4a:5c:94:9e:02:
2e:79:9b:b4:a8:79:e5:3c:bc:9a:cd:0d:75:c9:55:
25:0c:60:70:85:2a:8a:92:b6:9e:c3:7f:fc:b1:f6:
a1:a1:5c:dd:1d:1e:78:97:f3:1c:4d:d3:5a:5d:29:
ca:73:ec:70:ad:bb:37:9a:86:d5:25:ab:a3:af:0c:
77:10:4b:e0:ff:9e:46:f7:c3:6e:e8:a0:e6:b5:ee:
4d:2c:b0:31:40:28:c1:bb:4e:d0:2e:c9:b8:e6:9f:
7a:91:b4:65:d8:76:0e:16:ef:48:f1:e2:c2:ca:97:
60:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:72:94:2F:01:EE:39:82:9D:11:D7:DD:7E:EA:BF:DB:39:98:6C:0E
X509v3 Authority Key Identifier:
keyid:36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/CHKULwHuOYKdEdfdfuq_2zmYbA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.224.0/19
IPv6:
2001:7f8:4::/48
Signature Algorithm: sha256WithRSAEncryption
7a:cf:21:45:7e:ba:d2:58:86:47:c1:01:a1:12:35:8c:a3:f4:
f4:0b:6f:a3:6d:de:3b:9c:69:a0:08:e5:84:62:e8:8a:79:91:
37:e5:f3:b9:0d:1c:4c:65:92:8f:a8:2b:5f:0b:99:56:26:bf:
02:59:33:0e:81:fb:a7:20:9f:43:ba:e7:67:f6:e5:cf:32:2e:
5f:88:d1:11:08:8d:48:b6:6f:f3:15:1f:be:6d:a2:21:48:1f:
33:22:3c:1b:63:4b:36:42:a1:e1:ba:4e:54:1d:51:29:34:39:
c4:04:59:e6:5b:a8:c2:fe:d9:fc:a7:92:2b:a5:ed:c3:ef:be:
70:7c:23:1a:e3:5f:4b:74:d0:87:e4:8e:8b:45:f2:39:eb:fb:
98:0b:62:87:ee:d7:2f:92:7e:3c:47:0b:ba:ae:8b:c6:28:45:
cf:1f:c8:46:75:e6:09:41:ee:62:92:fc:ff:ea:81:c6:2e:26:
34:88:7f:13:e8:2f:8d:e4:ef:bd:49:72:46:9d:49:01:46:1f:
28:75:c8:e2:28:b4:b2:6a:ca:23:66:4d:13:8f:41:b1:ca:e1:
8f:7d:84:1b:f6:ec:7e:82:ff:44:db:86:80:0d:af:40:e7:4c:
e2:db:34:09:7e:cc:1b:2e:64:4b:d6:dc:a0:d1:ef:3c:7f:20:
3f:41:8e:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmMMxqbQz44g/F8Mc7bo2jAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZWFhMDBlYTc3NzA5OGIxYmYwMzY3NTZkNjQwZTlkMzFk
NjNiM2IwHhcNMjMwNzI1MDgzODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODcyOTQyZjAxZWUzOTgyOWQxMWQ3ZGQ3ZWVhYmZkYjM5OTg2YzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLmtlEAc12yTG19QWeAMg1Mp/O9e
kHKN2Z3GC8Ux9lb5hPgFJip/GpKQo34h0K+LB9lO8GQ22V8jmPekpKPNMlmN8dy7
ZjaB/BOmmqJTcEVVDX/V4KEy5bGWALDAd79ziCxVwzkoZrsDJi96euyNmhv/fGlx
kag/vMxKGfQ8KQGpsm990m7kprSWOu44c/i1SlyUngIueZu0qHnlPLyazQ11yVUl
DGBwhSqKkraew3/8sfahoVzdHR54l/McTdNaXSnKc+xwrbs3mobVJaujrwx3EEvg
/55G98Nu6KDmte5NLLAxQCjBu07QLsm45p96kbRl2HYOFu9I8eLCypdgTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAhylC8B7jmCnRHX3X7qv9s5mGwOMB8GA1UdIwQY
MBaAFDbqoA6ndwmLG/A2dW1kDp0x1js7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQt
YmRiMjEzMTNjM2VjLzEvQ0hLVUx3SHVPWUtkRWRmZGZ1cV8yem1ZYkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQtYmRiMjEzMTNjM2Vj
LzEvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQFw0LgMA8E
AgACMAkDBwAgAQf4AAQwDQYJKoZIhvcNAQELBQADggEBAHrPIUV+utJYhkfBAaES
NYyj9PQLb6Nt3jucaaAI5YRi6Ip5kTfl87kNHExlko+oK18LmVYmvwJZMw6B+6cg
n0O652f25c8yLl+I0REIjUi2b/MVH75toiFIHzMiPBtjSzZCoeG6TlQdUSk0OcQE
WeZbqML+2fynkiul7cPvvnB8IxrjX0t00IfkjotF8jnr+5gLYofu1y+SfjxHC7qu
i8YoRc8fyEZ15glB7mKS/P/qgcYuJjSIfxPoL43k771JckadSQFGHyh1yOIotLJq
yiNmTROPQbHK4Y99hBv27H6C/0TbhoANr0DnTOLbNAl+zBsuZEvW3KDR7zx/ID9B
ji0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:47 2025 by rpki-client