Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/OhAKbEi-aGQfJuZzov7sotY2XBY.roa
File: OhAKbEi-aGQfJuZzov7sotY2XBY.roa (raw, json)
Hash identifier: VsQnXyYYJrmioh5akdAMnV1317GWm9970yx4QeGR/+U=
Subject key identifier: 3A:10:0A:6C:48:BE:68:64:1F:26:E6:73:A2:FE:EC:A2:D6:36:5C:16
Certificate issuer: /CN=f0a32d2129a386c9a0afdbb915e0dbf130ba70d5
Certificate serial: 018B89F9DF02D76FA1CFE3321C796A43308E
Authority key identifier: F0:A3:2D:21:29:A3:86:C9:A0:AF:DB:B9:15:E0:DB:F1:30:BA:70:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8KMtISmjhsmgr9u5FeDb8TC6cNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/OhAKbEi-aGQfJuZzov7sotY2XBY.roa
Signing time: Wed 01 Nov 2023 08:22:15 +0000
ROA not before: Wed 01 Nov 2023 08:22:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207829
IP address blocks: 91.198.170.0/23 maxlen: 23
2a0b:c140::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:89:f9:df:02:d7:6f:a1:cf:e3:32:1c:79:6a:43:30:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0a32d2129a386c9a0afdbb915e0dbf130ba70d5
Validity
Not Before: Nov 1 08:22:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a100a6c48be68641f26e673a2feeca2d6365c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:dc:06:ca:b0:de:0e:25:95:82:ec:0b:a4:c1:
5c:f9:70:c2:27:5d:49:25:10:ca:0d:e8:17:cb:44:
ed:1e:4b:92:f0:f6:cb:1c:9b:bf:70:b6:da:ee:d8:
4a:63:09:1c:3f:08:08:f6:ba:96:19:d0:64:db:22:
ce:02:97:10:d7:4d:63:f2:b9:80:77:b1:77:d8:6a:
9b:ef:20:62:7d:5a:ca:b1:60:52:a7:49:ed:a6:3a:
96:ba:b7:e8:e3:0b:76:8f:3d:81:80:ad:08:51:61:
8e:bc:ce:50:a0:20:a1:bd:c0:27:f7:96:8d:be:49:
0b:42:1e:3a:35:76:38:e6:71:01:1c:b0:a6:d5:94:
cd:81:b6:f7:ec:ce:ae:51:ce:65:ee:f2:bd:ec:f6:
28:0a:26:9a:01:dd:2e:86:7f:43:fe:9b:51:69:a3:
f7:f5:68:1a:55:68:86:f5:25:b5:8b:30:54:26:2f:
da:25:84:47:52:65:02:d0:b8:93:bd:1e:90:97:dd:
77:f2:b9:10:1c:f4:cc:05:f4:21:4b:82:e2:e9:30:
c0:51:7b:e9:78:95:1a:22:a0:0e:fb:fc:9a:22:d0:
6b:54:97:c7:d9:79:ce:ab:72:0d:31:94:e1:77:18:
1c:cb:9e:fe:03:a0:34:e3:24:f1:fa:7a:8a:39:c1:
c7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:10:0A:6C:48:BE:68:64:1F:26:E6:73:A2:FE:EC:A2:D6:36:5C:16
X509v3 Authority Key Identifier:
keyid:F0:A3:2D:21:29:A3:86:C9:A0:AF:DB:B9:15:E0:DB:F1:30:BA:70:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KMtISmjhsmgr9u5FeDb8TC6cNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/OhAKbEi-aGQfJuZzov7sotY2XBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/8KMtISmjhsmgr9u5FeDb8TC6cNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.170.0/23
IPv6:
2a0b:c140::/32
Signature Algorithm: sha256WithRSAEncryption
6a:6e:07:68:e4:cf:b6:15:d6:d7:d4:17:5a:9f:d3:fa:2e:63:
c5:56:06:a5:85:90:95:f1:aa:56:9e:9c:37:28:ba:ac:a1:65:
21:75:a3:7a:40:83:0c:79:9c:67:a4:13:b8:9b:64:a8:c6:e8:
55:80:9e:fa:3c:ce:84:d9:03:87:cd:7b:61:82:aa:24:64:25:
b6:1c:6d:db:cc:a6:54:1d:40:bc:ad:7d:f9:09:1a:f1:2b:69:
67:67:d5:07:54:48:87:53:1a:f6:2b:48:2e:48:8d:23:b9:a3:
4e:b4:16:fe:b2:d6:4c:33:9c:bb:ce:73:1f:e8:a2:5a:0f:c7:
01:ef:ac:7b:14:ee:ee:ae:0a:5d:5f:fb:2f:de:ef:fe:79:a1:
47:4f:4b:9b:9b:9d:7f:74:02:65:7a:b2:30:9b:cb:51:d5:c7:
46:89:82:4e:12:d3:1f:33:be:1d:0e:61:c7:75:a6:2b:68:16:
3d:1a:f4:59:e4:53:13:ec:f9:3c:06:ac:f1:62:5c:07:1b:e6:
60:a9:04:1d:a8:c9:80:6c:55:46:a5:10:54:d8:c4:66:16:c5:
8f:48:ab:40:08:fa:54:98:de:f0:04:a2:e4:d6:98:f0:88:94:
a8:60:c8:f7:1a:33:3f:99:aa:67:6c:f8:f4:23:72:3e:3f:61:
6f:84:f2:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuJ+d8C12+hz+MyHHlqQzCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYTMyZDIxMjlhMzg2YzlhMGFmZGJiOTE1ZTBkYmYxMzBi
YTcwZDUwHhcNMjMxMTAxMDgyMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTEwMGE2YzQ4YmU2ODY0MWYyNmU2NzNhMmZlZWNhMmQ2MzY1YzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtwGyrDeDiWVguwLpMFc+XDCJ11J
JRDKDegXy0TtHkuS8PbLHJu/cLba7thKYwkcPwgI9rqWGdBk2yLOApcQ101j8rmA
d7F32Gqb7yBifVrKsWBSp0ntpjqWurfo4wt2jz2BgK0IUWGOvM5QoCChvcAn95aN
vkkLQh46NXY45nEBHLCm1ZTNgbb37M6uUc5l7vK97PYoCiaaAd0uhn9D/ptRaaP3
9WgaVWiG9SW1izBUJi/aJYRHUmUC0LiTvR6Ql9138rkQHPTMBfQhS4Li6TDAUXvp
eJUaIqAO+/yaItBrVJfH2XnOq3INMZThdxgcy57+A6A04yTx+nqKOcHH8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDoQCmxIvmhkHybmc6L+7KLWNlwWMB8GA1UdIwQY
MBaAFPCjLSEpo4bJoK/buRXg2/EwunDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEtNdElTbWpoc21ncjl1NUZlRGI4VEM2Y05VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81OGI4ZTItMTIxNS00YmIwLTk2ZGYt
MmYwODM4MGFlNmM3LzEvT2hBS2JFaS1hR1FmSnVaem92N3NvdFkyWEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81OGI4ZTItMTIxNS00YmIwLTk2ZGYtMmYwODM4MGFlNmM3
LzEvOEtNdElTbWpoc21ncjl1NUZlRGI4VEM2Y05VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW8aqMA0E
AgACMAcDBQAqC8FAMA0GCSqGSIb3DQEBCwUAA4IBAQBqbgdo5M+2FdbX1Bdan9P6
LmPFVgalhZCV8apWnpw3KLqsoWUhdaN6QIMMeZxnpBO4m2SoxuhVgJ76PM6E2QOH
zXthgqokZCW2HG3bzKZUHUC8rX35CRrxK2lnZ9UHVEiHUxr2K0guSI0juaNOtBb+
stZMM5y7znMf6KJaD8cB76x7FO7urgpdX/sv3u/+eaFHT0ubm51/dAJlerIwm8tR
1cdGiYJOEtMfM74dDmHHdaYraBY9GvRZ5FMT7Pk8BqzxYlwHG+ZgqQQdqMmAbFVG
pRBU2MRmFsWPSKtACPpUmN7wBKLk1pjwiJSoYMj3GjM/mapnbPj0I3I+P2FvhPJ0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:26 2025 by rpki-client