Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/O80-rUqt_ZOq1x64FiiNLHnOg6w.roa
File: O80-rUqt_ZOq1x64FiiNLHnOg6w.roa (raw, json)
Hash identifier: RLC/VCEetuoKz0C5afd91hHE1JXvlKqaaICLlVC6vTU=
Subject key identifier: 3B:CD:3E:AD:4A:AD:FD:93:AA:D7:1E:B8:16:28:8D:2C:79:CE:83:AC
Certificate issuer: /CN=f2a959dc16715c8a54c8094267b8e491fe321d2c
Certificate serial: 01856F42D80E3D2E426911B1CBED85054B8E
Authority key identifier: F2:A9:59:DC:16:71:5C:8A:54:C8:09:42:67:B8:E4:91:FE:32:1D:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8qlZ3BZxXIpUyAlCZ7jkkf4yHSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/O80-rUqt_ZOq1x64FiiNLHnOg6w.roa
Signing time: Sun 01 Jan 2023 21:35:29 +0000
ROA not before: Sun 01 Jan 2023 21:35:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197615
IP address blocks: 91.224.180.0/23 maxlen: 23
91.223.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d8:0e:3d:2e:42:69:11:b1:cb:ed:85:05:4b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2a959dc16715c8a54c8094267b8e491fe321d2c
Validity
Not Before: Jan 1 21:35:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bcd3ead4aadfd93aad71eb816288d2c79ce83ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7f:7a:c6:c2:83:a2:29:7c:b0:8d:85:19:e7:
48:0b:49:ad:19:a2:5a:89:0c:5b:4e:e7:0b:ee:47:
fc:99:c9:96:9b:42:d1:1e:1c:a2:ec:10:89:d0:2f:
a8:e2:fc:f2:48:bc:9b:83:41:a3:bb:90:9e:d5:5f:
37:60:3a:72:15:4f:c6:1f:6a:ff:be:0d:35:0d:77:
42:ec:10:7a:62:d5:ab:1a:47:8a:12:96:e5:ae:a0:
69:1b:20:8a:e5:66:d7:45:8d:ba:a2:72:c3:9b:eb:
67:81:59:e6:43:10:4f:8b:77:84:56:86:fa:5e:35:
fd:b8:0b:8e:da:66:fb:de:e4:8d:33:ad:96:3b:35:
0d:52:9e:0a:b8:c9:02:8a:56:d0:66:32:51:e8:d5:
c4:b9:33:eb:da:c6:a2:6c:4a:f1:97:1b:25:08:1e:
e0:d4:ac:fc:d2:3d:f1:87:6d:d2:62:05:8c:75:c3:
f0:b0:7b:d0:03:3d:90:81:59:3a:21:e1:8c:fe:4d:
e7:46:56:c7:79:32:7c:bf:65:5a:75:49:57:cb:f4:
03:63:ba:6d:69:4e:3c:3f:0a:63:7d:c6:b7:96:40:
66:1d:d3:88:da:5d:e1:84:60:f7:0b:8e:7e:6e:70:
4a:86:a6:cb:8d:4f:54:bd:08:42:5f:45:42:b3:cd:
9f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CD:3E:AD:4A:AD:FD:93:AA:D7:1E:B8:16:28:8D:2C:79:CE:83:AC
X509v3 Authority Key Identifier:
keyid:F2:A9:59:DC:16:71:5C:8A:54:C8:09:42:67:B8:E4:91:FE:32:1D:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8qlZ3BZxXIpUyAlCZ7jkkf4yHSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/O80-rUqt_ZOq1x64FiiNLHnOg6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/8qlZ3BZxXIpUyAlCZ7jkkf4yHSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.167.0/24
91.224.180.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:c2:15:39:0c:eb:c5:86:da:0c:70:9f:0b:86:b0:91:21:fb:
85:56:ab:5c:d5:0e:98:f2:e2:44:3e:da:49:89:58:95:ef:dd:
80:d5:8f:e6:17:57:0a:d3:d9:ab:67:40:0b:39:cb:8e:23:d6:
9c:e9:57:4f:d1:b1:3b:37:a7:a9:10:ba:4a:20:f7:41:ac:52:
78:ab:34:ad:70:d0:1d:76:27:14:a5:98:37:b6:da:3f:ce:7c:
85:fd:36:00:94:ba:40:6a:a0:7d:d9:db:83:14:d1:ff:26:b9:
5b:72:44:c4:1b:55:15:00:9e:0d:b7:dd:bd:17:04:79:e4:0a:
6e:ed:99:f8:e2:e2:34:56:a7:82:c6:55:46:84:e9:f0:56:56:
18:38:6e:7d:33:eb:25:51:5f:4e:51:2f:17:60:8c:47:31:52:
3e:fe:b5:87:53:36:69:7c:16:67:ee:d3:0f:dc:7b:48:aa:e8:
b0:cb:47:d2:0b:01:b7:44:57:35:e6:ed:98:69:06:af:1b:6a:
58:5e:f8:b8:bb:52:5b:44:6f:78:54:c8:21:da:7c:76:99:da:
18:4b:46:b7:57:6b:ef:70:15:73:6e:8b:fa:1a:29:80:9b:0a:
a5:7b:1e:be:37:21:83:9a:0b:f2:b0:1a:d0:91:99:2b:ff:02:
c5:24:06:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvQtgOPS5CaRGxy+2FBUuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYTk1OWRjMTY3MTVjOGE1NGM4MDk0MjY3YjhlNDkxZmUz
MjFkMmMwHhcNMjMwMTAxMjEzNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmNkM2VhZDRhYWRmZDkzYWFkNzFlYjgxNjI4OGQyYzc5Y2U4M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkX96xsKDoil8sI2FGedIC0mtGaJa
iQxbTucL7kf8mcmWm0LRHhyi7BCJ0C+o4vzySLybg0Gju5Ce1V83YDpyFU/GH2r/
vg01DXdC7BB6YtWrGkeKEpblrqBpGyCK5WbXRY26onLDm+tngVnmQxBPi3eEVob6
XjX9uAuO2mb73uSNM62WOzUNUp4KuMkCilbQZjJR6NXEuTPr2saibErxlxslCB7g
1Kz80j3xh23SYgWMdcPwsHvQAz2QgVk6IeGM/k3nRlbHeTJ8v2VadUlXy/QDY7pt
aU48Pwpjfca3lkBmHdOI2l3hhGD3C45+bnBKhqbLjU9UvQhCX0VCs82fZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDvNPq1Krf2TqtceuBYojSx5zoOsMB8GA1UdIwQY
MBaAFPKpWdwWcVyKVMgJQme45JH+Mh0sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHFsWjNCWnhYSXBVeUFsQ1o3amtrZjR5SFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi84OGEzODMtMDMwYy00NTQ1LTllOWMt
NGViZWVjN2U4Mjc1LzEvTzgwLXJVcXRfWk9xMXg2NEZpaU5MSG5PZzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi84OGEzODMtMDMwYy00NTQ1LTllOWMtNGViZWVjN2U4Mjc1
LzEvOHFsWjNCWnhYSXBVeUFsQ1o3amtrZjR5SFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9+nAwQB
W+C0MA0GCSqGSIb3DQEBCwUAA4IBAQCmwhU5DOvFhtoMcJ8LhrCRIfuFVqtc1Q6Y
8uJEPtpJiViV792A1Y/mF1cK09mrZ0ALOcuOI9ac6VdP0bE7N6epELpKIPdBrFJ4
qzStcNAddicUpZg3tto/znyF/TYAlLpAaqB92duDFNH/JrlbckTEG1UVAJ4Nt929
FwR55Apu7Zn44uI0VqeCxlVGhOnwVlYYOG59M+slUV9OUS8XYIxHMVI+/rWHUzZp
fBZn7tMP3HtIquiwy0fSCwG3RFc15u2YaQavG2pYXvi4u1JbRG94VMgh2nx2mdoY
S0a3V2vvcBVzbov6GimAmwqlex6+NyGDmgvysBrQkZkr/wLFJAaq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:58 2025 by rpki-client