Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/ChlmD8-RmjrJ5h5wLlsIbOCtzbg.roa
File: ChlmD8-RmjrJ5h5wLlsIbOCtzbg.roa (raw, json)
Hash identifier: uIRBorNg4DGJDLonU41VHAsjgcrLJeORDdp3DQ3ndR8=
Subject key identifier: 0A:19:66:0F:CF:91:9A:3A:C9:E6:1E:70:2E:5B:08:6C:E0:AD:CD:B8
Certificate issuer: /CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Certificate serial: 01855D91E9C39D60007FF78690530DCDB4F3
Authority key identifier: 19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/ChlmD8-RmjrJ5h5wLlsIbOCtzbg.roa
Signing time: Thu 29 Dec 2022 11:08:41 +0000
ROA not before: Thu 29 Dec 2022 11:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202246
IP address blocks: 109.204.176.0/20 maxlen: 20
185.128.16.0/22 maxlen: 22
2a10:a5c5::/32 maxlen: 32
2a10:a5c3::/32 maxlen: 32
2a10:a5c7::/32 maxlen: 32
2a10:a5c1::/32 maxlen: 32
2a10:a5c0::/29 maxlen: 29
2a10:a5c4::/32 maxlen: 32
2a10:a5c2::/32 maxlen: 32
2a10:a5c0::/32 maxlen: 32
2a10:a5c6::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:91:e9:c3:9d:60:00:7f:f7:86:90:53:0d:cd:b4:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Validity
Not Before: Dec 29 11:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a19660fcf919a3ac9e61e702e5b086ce0adcdb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:dd:52:fe:40:0b:39:7a:e6:b0:ea:4b:c4:78:
4c:ac:9f:50:7c:95:b9:2a:42:dd:39:0a:33:17:36:
9f:6e:0d:3b:16:fe:d2:5a:4a:c5:cc:5d:91:d1:db:
cd:83:10:1f:05:46:d0:53:d7:15:14:18:6b:e8:fc:
a7:af:da:75:94:ef:11:b1:5d:0b:d6:0b:ae:75:95:
0a:6f:55:4a:04:8e:1a:15:2c:59:c3:6e:71:1b:5b:
b9:a2:3f:97:43:68:3f:6d:c9:fe:cf:10:e6:ce:c3:
9c:ac:21:65:9e:49:a4:d2:38:87:c0:1a:f7:c6:3e:
a3:f5:d9:d1:c2:0d:c1:1c:17:88:12:ef:9e:9a:00:
3f:4e:ba:bd:4d:e4:4a:77:80:21:a6:94:b1:d5:50:
4c:64:e0:60:4a:e4:21:de:56:22:32:22:48:07:90:
1c:d5:dc:bf:eb:6d:fc:0d:8d:0e:bf:d3:00:73:c2:
7f:4e:f8:4a:4e:bb:c0:af:e4:08:df:42:15:f6:9f:
3e:de:fe:4c:33:8a:5b:24:81:a7:2a:7e:f9:ad:a6:
0b:0b:e7:68:77:39:12:a2:a5:2a:2a:d6:a6:41:9c:
f0:34:7d:f1:b5:b4:48:61:22:41:ca:ec:0b:07:b7:
4c:2c:c9:10:27:5b:1f:34:2d:8d:ec:a8:c8:61:32:
d3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:19:66:0F:CF:91:9A:3A:C9:E6:1E:70:2E:5B:08:6C:E0:AD:CD:B8
X509v3 Authority Key Identifier:
keyid:19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/ChlmD8-RmjrJ5h5wLlsIbOCtzbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.204.176.0/20
185.128.16.0/22
IPv6:
2a10:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:de:fa:ec:96:5b:a5:51:a8:13:f1:b4:a7:7b:70:4b:62:9c:
2d:76:a5:bb:99:49:64:f8:0b:b1:b9:0c:50:9e:04:8c:d9:03:
4f:33:52:42:74:c4:2e:9a:5a:1d:f5:4c:0c:cc:11:f0:cb:79:
87:8e:4f:04:8d:de:d0:e6:90:55:b9:91:6a:39:f1:79:d0:7d:
9d:48:44:80:9c:da:65:0c:be:bd:a1:54:7d:ec:7d:79:3e:f1:
0a:e2:0b:0e:e0:b1:6d:6d:84:b5:f9:71:33:fd:ed:45:8d:52:
67:1f:af:38:42:1a:54:b8:11:7d:b6:63:52:75:ae:96:9f:e7:
b1:26:23:89:80:a9:0e:6e:82:59:50:e8:f1:f7:67:3c:cd:d4:
72:52:c0:84:fa:c4:f4:32:4c:55:49:b8:c5:d6:59:ae:c8:9f:
a5:b5:01:2e:38:91:2a:e6:d0:25:48:68:98:60:68:1f:22:60:
e1:69:02:7e:b4:fb:95:42:a6:21:2b:50:d4:2f:84:76:38:a6:
28:22:1b:3a:c2:7e:77:c5:9d:eb:eb:be:ca:b7:31:3a:6f:11:
0d:85:27:b2:c8:4d:9b:da:a7:95:7b:b2:60:99:66:a5:9a:39:
30:6a:9f:e1:66:3c:84:02:2d:76:02:05:c3:8b:40:e0:7c:e0:
cd:8f:82:92
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVdkenDnWAAf/eGkFMNzbTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTNjYjQ4NTY4MjFkMTRjZDJlMGI3NjdjMjkzMWEyMmMx
NTRlN2MwHhcNMjIxMjI5MTEwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE5NjYwZmNmOTE5YTNhYzllNjFlNzAyZTViMDg2Y2UwYWRjZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt1S/kALOXrmsOpLxHhMrJ9QfJW5
KkLdOQozFzafbg07Fv7SWkrFzF2R0dvNgxAfBUbQU9cVFBhr6Pynr9p1lO8RsV0L
1guudZUKb1VKBI4aFSxZw25xG1u5oj+XQ2g/bcn+zxDmzsOcrCFlnkmk0jiHwBr3
xj6j9dnRwg3BHBeIEu+emgA/Trq9TeRKd4AhppSx1VBMZOBgSuQh3lYiMiJIB5Ac
1dy/6238DY0Ov9MAc8J/TvhKTrvAr+QI30IV9p8+3v5MM4pbJIGnKn75raYLC+do
dzkSoqUqKtamQZzwNH3xtbRIYSJByuwLB7dMLMkQJ1sfNC2N7KjIYTLTkwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAoZZg/PkZo6yeYecC5bCGzgrc24MB8GA1UdIwQY
MBaAFBkTy0hWgh0UzS4LdnwpMaIsFU58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTkt
MDc3OWRmMWRkNjRkLzEvQ2hsbUQ4LVJtanJKNWg1d0xsc0liT0N0emJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTktMDc3OWRmMWRkNjRk
LzEvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEbcywAwQC
uYAQMA0EAgACMAcDBQMqEKXAMA0GCSqGSIb3DQEBCwUAA4IBAQB93vrsllulUagT
8bSne3BLYpwtdqW7mUlk+AuxuQxQngSM2QNPM1JCdMQumlod9UwMzBHwy3mHjk8E
jd7Q5pBVuZFqOfF50H2dSESAnNplDL69oVR97H15PvEK4gsO4LFtbYS1+XEz/e1F
jVJnH684QhpUuBF9tmNSda6Wn+exJiOJgKkOboJZUOjx92c8zdRyUsCE+sT0MkxV
SbjF1lmuyJ+ltQEuOJEq5tAlSGiYYGgfImDhaQJ+tPuVQqYhK1DUL4R2OKYoIhs6
wn53xZ3r677KtzE6bxENhSeyyE2b2qeVe7JgmWalmjkwap/hZjyEAi12AgXDi0Dg
fODNj4KS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:01 2023 by rpki-client on console-fra.rpki-client.org