Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/chUti52N0QtnWuB2jv7t2d510uc.roa
File: chUti52N0QtnWuB2jv7t2d510uc.roa (raw, json)
Hash identifier: CmncoLlMWT0XDpxbe31PrZbWBv17NdaC5ZJZiQIV2Nc=
Subject key identifier: 72:15:2D:8B:9D:8D:D1:0B:67:5A:E0:76:8E:FE:ED:D9:DE:75:D2:E7
Certificate issuer: /CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Certificate serial: 04B00C19
Authority key identifier: 5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/chUti52N0QtnWuB2jv7t2d510uc.roa
Signing time: Mon 07 Feb 2022 18:04:09 +0000
ROA not before: Mon 07 Feb 2022 18:04:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208806
IP address blocks: 2a10:4741:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78646297 (0x4b00c19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Validity
Not Before: Feb 7 18:04:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72152d8b9d8dd10b675ae0768efeedd9de75d2e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:93:50:83:67:ac:61:f6:d4:e1:6e:57:92:4c:
f3:7c:70:c9:d7:f7:1a:60:2c:ad:bb:0e:75:9d:03:
0d:56:60:59:87:76:96:08:a6:6d:16:cc:8c:2f:38:
f9:ba:2a:f3:8a:7d:52:2a:bc:eb:04:25:cb:24:cd:
2d:84:e4:2c:38:a7:61:0d:3a:58:b3:ed:d3:bf:bc:
4a:12:b1:a3:32:68:20:bf:44:3a:6d:9d:89:c4:1d:
7d:03:5b:2c:fd:3b:12:f0:3b:a9:97:8a:2d:02:9d:
0d:43:63:c8:ed:fc:57:fc:2c:c3:2b:ff:96:c4:27:
42:76:4e:9a:42:0e:66:67:79:4a:de:15:8c:13:c8:
ea:be:b5:f9:86:68:58:a1:d6:15:a6:30:e9:08:bd:
96:22:40:88:e7:ec:f0:9f:db:dc:99:5d:19:30:9d:
28:3b:2d:7c:75:a6:d2:7e:38:d3:d0:ef:b0:da:27:
39:0d:75:fe:b3:dc:35:67:69:d7:d7:d3:3e:4a:5b:
15:6f:55:32:0b:a0:3d:f0:92:40:d9:c6:ec:8e:22:
03:82:15:ca:05:d7:83:e5:63:9a:e3:e1:59:73:20:
0b:6d:3c:30:0e:9f:35:07:66:26:5b:94:e8:61:f5:
3b:fb:fb:0a:da:64:a2:d0:85:d8:f2:16:33:a5:69:
18:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:15:2D:8B:9D:8D:D1:0B:67:5A:E0:76:8E:FE:ED:D9:DE:75:D2:E7
X509v3 Authority Key Identifier:
keyid:5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/chUti52N0QtnWuB2jv7t2d510uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/XfU2RYQ-bSiD3I-cT0FcHq279go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4741:20::/48
Signature Algorithm: sha256WithRSAEncryption
b7:60:a2:fd:88:e7:2f:ec:58:64:80:5d:27:be:88:10:2b:82:
bf:c3:24:2c:40:23:ec:15:ee:93:64:92:ec:53:0d:45:a6:9f:
7b:ab:fc:af:59:ef:4f:9b:09:48:1a:58:a9:0f:2c:c1:51:46:
70:af:08:29:bf:96:7d:c5:7f:4a:02:24:c1:e5:60:e0:ca:d3:
c4:5d:c3:86:b6:40:73:81:31:4b:06:eb:97:17:2f:2c:1b:36:
f5:88:6a:4d:67:3a:c9:43:38:eb:b0:d7:f1:25:47:21:ca:c8:
28:1a:f6:4d:83:74:c5:6d:c5:99:46:fd:9a:49:64:f4:d5:7e:
42:e0:e0:dd:0b:7e:44:81:59:65:4f:50:8c:0b:f7:ba:4e:40:
ea:b9:f9:b3:ec:ab:ce:94:38:cc:bf:66:f3:79:79:a8:4d:57:
0c:4f:ea:e2:f2:b4:8c:55:ae:0a:bf:85:d0:23:cc:8f:88:1a:
72:7a:c6:8a:62:6b:0e:51:2a:69:3a:bb:c2:ab:2d:50:a4:c0:
d4:ee:a1:11:bc:7f:34:93:09:33:57:24:1c:4e:44:32:d1:4b:
d9:53:72:f3:cf:d0:e1:a3:76:20:86:a9:72:5c:d3:f9:66:01:
70:23:44:4e:a3:46:56:a5:b8:45:e6:be:9f:11:60:39:a9:48:
9c:c3:0e:41
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBLAMGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGY1MzY0NTg0M2U2ZDI4ODNkYzhmOWM0ZjQxNWMxZWFkYmJmNjBhMB4XDTIyMDIw
NzE4MDQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzIxNTJkOGI5ZDhk
ZDEwYjY3NWFlMDc2OGVmZWVkZDlkZTc1ZDJlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOTUINnrGH21OFuV5JM83xwydf3GmAsrbsOdZ0DDVZgWYd2
lgimbRbMjC84+boq84p9Uiq86wQlyyTNLYTkLDinYQ06WLPt07+8ShKxozJoIL9E
Om2dicQdfQNbLP07EvA7qZeKLQKdDUNjyO38V/wswyv/lsQnQnZOmkIOZmd5St4V
jBPI6r61+YZoWKHWFaYw6Qi9liJAiOfs8J/b3JldGTCdKDstfHWm0n4409DvsNon
OQ11/rPcNWdp19fTPkpbFW9VMgugPfCSQNnG7I4iA4IVygXXg+VjmuPhWXMgC208
MA6fNQdmJluU6GH1O/v7CtpkotCF2PIWM6VpGB0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRyFS2LnY3RC2da4HaO/u3Z3nXS5zAfBgNVHSMEGDAWgBRd9TZFhD5tKIPc
j5xPQVwerbv2CjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hmVTJSWVEtYlNpRDNJLWNUMEZjSHEyNzlnby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvZDEwN2RlLWUyZTUtNDcyNy05OGFkLTM4MjE4MTAzNDRlNi8x
L2NoVXRpNTJOMFF0bld1QjJqdjd0MmQ1MTB1Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
ZDEwN2RlLWUyZTUtNDcyNy05OGFkLTM4MjE4MTAzNDRlNi8xL1hmVTJSWVEtYlNp
RDNJLWNUMEZjSHEyNzlnby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoQR0EAIDANBgkqhkiG9w0BAQsF
AAOCAQEAt2Ci/YjnL+xYZIBdJ76IECuCv8MkLEAj7BXuk2SS7FMNRaafe6v8r1nv
T5sJSBpYqQ8swVFGcK8IKb+WfcV/SgIkweVg4MrTxF3DhrZAc4ExSwbrlxcvLBs2
9YhqTWc6yUM467DX8SVHIcrIKBr2TYN0xW3FmUb9mklk9NV+QuDg3Qt+RIFZZU9Q
jAv3uk5A6rn5s+yrzpQ4zL9m83l5qE1XDE/q4vK0jFWuCr+F0CPMj4gacnrGimJr
DlEqaTq7wqstUKTA1O6hEbx/NJMJM1ckHE5EMtFL2VNy88/Q4aN2IIapclzT+WYB
cCNETqNGVqW4Rea+nxFgOalInMMOQQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:43 2023 by rpki-client on console-ams.rpki-client.org