Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/OS6nYLt-s9smetgVfkd9vUlYomM.roa
File: OS6nYLt-s9smetgVfkd9vUlYomM.roa (raw, json)
Hash identifier: yfW4N/PNMC8Y4jhPG4Wy6AemmYEKS0LRrHm7pk4ZSUI=
Subject key identifier: 39:2E:A7:60:BB:7E:B3:DB:26:7A:D8:15:7E:47:7D:BD:49:58:A2:63
Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Certificate serial: 0A9454BD
Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/OS6nYLt-s9smetgVfkd9vUlYomM.roa
Signing time: Sat 01 Jan 2022 13:01:14 +0000
ROA not before: Sat 01 Jan 2022 13:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5588
IP address blocks: 91.245.16.0/23 maxlen: 24
2a01:5f7::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177493181 (0xa9454bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Validity
Not Before: Jan 1 13:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=392ea760bb7eb3db267ad8157e477dbd4958a263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b2:78:59:7a:30:9c:d9:82:01:04:54:76:89:
c8:14:9c:9e:75:a4:c6:b0:3d:77:0e:d2:5d:c7:eb:
49:d7:ee:26:6a:c1:de:4f:fc:81:fa:0b:9b:9c:63:
61:14:41:77:70:1a:ca:e6:60:cc:76:a3:07:ae:38:
23:07:cb:09:98:45:e8:d6:75:99:2f:78:a7:8e:4e:
ea:d6:c5:45:89:66:30:db:e4:20:4a:2f:f9:db:77:
2d:54:cd:85:39:da:b4:5f:c9:c4:b7:e9:03:56:65:
5b:c8:59:4d:4f:2c:70:54:43:00:91:5a:f4:3d:7f:
d5:6c:03:6f:06:62:4b:fc:73:f3:5a:f7:e3:d8:79:
9c:f5:83:44:35:11:5e:0d:17:ac:f0:be:71:cf:40:
cd:8e:92:77:26:57:63:c1:c3:33:86:42:de:1a:38:
e4:cb:a1:4d:9b:ae:76:20:46:de:6b:c0:1b:5c:5a:
47:f6:97:8e:a9:7e:57:2d:0b:c9:79:c7:2c:74:16:
e8:2d:f5:65:26:e6:5c:3e:e0:bf:bc:e8:04:0f:fc:
35:5d:f9:26:9e:f0:8a:e8:89:1c:3d:64:3f:91:66:
e2:f0:ac:7b:d6:e5:6d:e4:ae:a9:b6:bc:2a:af:5c:
60:38:a4:3a:9e:c0:80:5e:31:00:7d:d5:51:48:ad:
48:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2E:A7:60:BB:7E:B3:DB:26:7A:D8:15:7E:47:7D:BD:49:58:A2:63
X509v3 Authority Key Identifier:
keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/OS6nYLt-s9smetgVfkd9vUlYomM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.16.0/23
IPv6:
2a01:5f7::/32
Signature Algorithm: sha256WithRSAEncryption
36:03:cd:76:0d:3a:e6:17:1b:88:54:6d:f1:df:14:a6:f6:78:
26:24:15:f5:c8:a3:1d:6f:81:a1:2a:e7:7f:4c:2f:3c:21:01:
0d:bd:5b:03:04:63:44:79:76:8e:4d:d7:6d:7c:28:69:07:20:
f7:c7:7f:70:9d:47:f8:84:6e:b4:45:ec:99:a2:ad:22:9a:5b:
72:9e:2c:24:cc:55:d0:08:9e:d0:8e:2a:0e:4a:f2:44:47:d3:
7f:8b:ac:34:c0:ba:77:1f:58:c5:4f:92:38:fc:6c:a1:16:85:
02:a9:d3:b7:b2:60:40:a2:10:d8:4a:5f:4d:40:a2:a4:5c:9e:
56:46:a5:21:e2:8a:82:6d:dc:76:a7:5f:5d:0e:65:cd:e0:e6:
26:ff:35:d6:a7:92:31:f2:7e:33:e6:fb:a1:b4:47:65:7e:6e:
18:4f:64:45:4f:aa:d1:a4:50:ee:f5:25:a0:03:65:a5:f1:e4:
24:8a:52:ff:0e:c2:de:26:67:95:c7:a4:85:28:4b:8a:6e:59:
88:9b:e5:92:09:46:92:6b:ed:57:c2:2f:2f:b3:e1:9e:ed:bc:
1a:a6:73:a7:37:e2:0c:f5:4c:fa:d0:36:cc:d5:5e:49:44:37:
e8:5d:51:7f:56:d0:ea:9f:a4:8f:c5:f8:58:52:38:63:3b:84:
78:12:b9:53
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECpRUvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2NiMmQ1ZmIyNTM4NTJmMTgyM2M2NTQzNGU4ZjI3NmQwNGU0ZTBjMB4XDTIyMDEw
MTEzMDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzkyZWE3NjBiYjdl
YjNkYjI2N2FkODE1N2U0NzdkYmQ0OTU4YTI2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJWyeFl6MJzZggEEVHaJyBScnnWkxrA9dw7SXcfrSdfuJmrB
3k/8gfoLm5xjYRRBd3AayuZgzHajB644IwfLCZhF6NZ1mS94p45O6tbFRYlmMNvk
IEov+dt3LVTNhTnatF/JxLfpA1ZlW8hZTU8scFRDAJFa9D1/1WwDbwZiS/xz81r3
49h5nPWDRDURXg0XrPC+cc9AzY6SdyZXY8HDM4ZC3ho45MuhTZuudiBG3mvAG1xa
R/aXjql+Vy0LyXnHLHQW6C31ZSbmXD7gv7zoBA/8NV35Jp7wiuiJHD1kP5Fm4vCs
e9blbeSuqba8Kq9cYDikOp7AgF4xAH3VUUitSPUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ5Lqdgu36z2yZ62BV+R329SViiYzAfBgNVHSMEGDAWgBTcyy1fslOFLxgj
xlQ06PJ20E5ODDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNNc3RYN0pUaFM4WUk4WlVOT2p5ZHRCT1Rndy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvN2MxYzI5LWNhMDItNDkwYi1hYTg0LWUxYThhNmYxZDU5YS8x
L09TNm5ZTHQtczlzbWV0Z1Zma2Q5dlVsWW9tTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
N2MxYzI5LWNhMDItNDkwYi1hYTg0LWUxYThhNmYxZDU5YS8xLzNNc3RYN0pUaFM4
WUk4WlVOT2p5ZHRCT1Rndy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAVv1EDANBAIAAjAHAwUAKgEF9zAN
BgkqhkiG9w0BAQsFAAOCAQEANgPNdg065hcbiFRt8d8UpvZ4JiQV9cijHW+BoSrn
f0wvPCEBDb1bAwRjRHl2jk3XbXwoaQcg98d/cJ1H+IRutEXsmaKtIppbcp4sJMxV
0Aie0I4qDkryREfTf4usNMC6dx9YxU+SOPxsoRaFAqnTt7JgQKIQ2EpfTUCipFye
VkalIeKKgm3cdqdfXQ5lzeDmJv811qeSMfJ+M+b7obRHZX5uGE9kRU+q0aRQ7vUl
oANlpfHkJIpS/w7C3iZnlcekhShLim5ZiJvlkglGkmvtV8IvL7Phnu28GqZzpzfi
DPVM+tA2zNVeSUQ36F1Rf1bQ6p+kj8X4WFI4YzuEeBK5Uw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:59 2023 by rpki-client on console-ams.rpki-client.org