Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/O862fw0TyVqXqdHsBtT0evy9xhM.roa
File: O862fw0TyVqXqdHsBtT0evy9xhM.roa (raw, json)
Hash identifier: ZEgxQvi2bqP/8K7YQVq+TLdnI42iRbRWT7jcEbwVhfk=
Subject key identifier: 3B:CE:B6:7F:0D:13:C9:5A:97:A9:D1:EC:06:D4:F4:7A:FC:BD:C6:13
Certificate issuer: /CN=8dc69c6bbe89e7c0479b617744a4424f66674944
Certificate serial: 0187B8A19CFCDD69EA37B2449EC1B2970F2D
Authority key identifier: 8D:C6:9C:6B:BE:89:E7:C0:47:9B:61:77:44:A4:42:4F:66:67:49:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jcaca76J58BHm2F3RKRCT2ZnSUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/O862fw0TyVqXqdHsBtT0evy9xhM.roa
Signing time: Tue 25 Apr 2023 13:36:51 +0000
ROA not before: Tue 25 Apr 2023 13:36:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43824
IP address blocks: 91.92.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b8:a1:9c:fc:dd:69:ea:37:b2:44:9e:c1:b2:97:0f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dc69c6bbe89e7c0479b617744a4424f66674944
Validity
Not Before: Apr 25 13:36:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bceb67f0d13c95a97a9d1ec06d4f47afcbdc613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5d:9f:87:77:2e:09:73:86:7b:f9:5b:70:cd:
8e:e0:17:05:88:a6:4c:ea:36:c8:e5:0f:c9:af:a7:
59:69:ef:82:dd:6b:a2:a7:b1:ec:75:e8:6a:9e:7a:
fc:b3:73:c9:04:66:d9:5c:d4:ed:26:00:ac:e2:78:
58:4f:19:91:f7:c0:9f:3c:6a:1d:5c:fb:b5:d5:b2:
14:a7:3e:93:8c:ba:81:4f:ee:ee:e0:b4:3e:a1:90:
a5:f0:86:ea:bb:27:3b:6e:e4:aa:83:27:03:30:87:
eb:45:59:96:e7:24:e3:cc:c0:2d:24:de:c9:5e:a4:
3a:e6:6c:30:60:71:df:06:12:f0:c8:c0:63:79:01:
47:9b:29:c5:df:10:6c:54:7a:ae:4d:2c:7b:00:60:
50:41:1e:0a:0b:c4:9f:af:bb:79:b0:af:87:74:d1:
7a:9f:ee:cd:8a:16:0a:82:54:b7:aa:d3:e6:45:52:
13:91:38:65:6c:01:2c:7e:82:1f:49:a6:db:10:85:
9f:3c:de:d9:72:c4:d5:74:8b:68:b2:98:24:cd:05:
36:8b:7e:2a:c1:8f:3d:a4:ba:8f:74:d6:8b:45:66:
65:88:4d:94:4e:79:4e:2b:a9:bd:b7:d2:79:9c:59:
7c:9e:b9:4a:cb:a7:cd:f2:79:5a:f1:d9:68:c1:79:
2d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CE:B6:7F:0D:13:C9:5A:97:A9:D1:EC:06:D4:F4:7A:FC:BD:C6:13
X509v3 Authority Key Identifier:
keyid:8D:C6:9C:6B:BE:89:E7:C0:47:9B:61:77:44:A4:42:4F:66:67:49:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jcaca76J58BHm2F3RKRCT2ZnSUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/O862fw0TyVqXqdHsBtT0evy9xhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/jcaca76J58BHm2F3RKRCT2ZnSUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.115.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:16:a8:46:61:4d:64:2d:2c:79:5f:1f:28:67:a5:a5:ff:2a:
b8:55:93:be:21:73:ef:d8:17:41:f8:39:06:61:2e:7b:be:0b:
b1:8c:0e:70:06:44:34:9c:94:37:b1:de:9e:7c:61:54:dd:14:
6a:55:8a:8c:4d:f3:36:e9:c1:72:09:4f:50:2a:36:69:a6:6d:
63:bb:48:da:af:18:84:ba:b4:13:c2:80:32:d2:89:1f:8f:1f:
70:61:d0:1a:a8:86:12:14:31:80:7f:91:48:27:5c:8f:48:25:
6a:a2:58:8f:df:a2:5c:ef:5c:bf:a5:96:eb:88:45:65:91:a7:
48:89:38:f0:f5:2d:17:a3:02:f4:08:0f:cc:50:08:9d:d8:bd:
5d:5e:20:e0:eb:c7:d9:0f:5d:f9:63:71:48:a8:f7:25:05:bc:
9a:ea:2e:ca:da:67:1d:5b:8f:a8:62:27:91:14:b7:9e:73:f3:
95:68:a9:cf:05:4e:b2:3f:d4:7c:56:81:5e:c0:01:8c:13:8e:
4b:3f:73:fc:f3:b6:fc:14:aa:9d:09:8e:f8:e5:f1:ec:c5:01:
f3:ec:2c:4a:8d:87:49:1a:80:44:10:61:33:bc:f9:2d:46:15:
95:ba:63:d7:fd:53:56:ac:b0:be:23:3a:56:12:0b:6c:be:48:
3f:ba:ed:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe4oZz83WnqN7JEnsGylw8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzY5YzZiYmU4OWU3YzA0NzliNjE3NzQ0YTQ0MjRmNjY2
NzQ5NDQwHhcNMjMwNDI1MTMzNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmNlYjY3ZjBkMTNjOTVhOTdhOWQxZWMwNmQ0ZjQ3YWZjYmRjNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3F2fh3cuCXOGe/lbcM2O4BcFiKZM
6jbI5Q/Jr6dZae+C3Wuip7Hsdehqnnr8s3PJBGbZXNTtJgCs4nhYTxmR98CfPGod
XPu11bIUpz6TjLqBT+7u4LQ+oZCl8Ibquyc7buSqgycDMIfrRVmW5yTjzMAtJN7J
XqQ65mwwYHHfBhLwyMBjeQFHmynF3xBsVHquTSx7AGBQQR4KC8Sfr7t5sK+HdNF6
n+7NihYKglS3qtPmRVITkThlbAEsfoIfSabbEIWfPN7ZcsTVdItospgkzQU2i34q
wY89pLqPdNaLRWZliE2UTnlOK6m9t9J5nFl8nrlKy6fN8nla8dlowXktTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvOtn8NE8lal6nR7AbU9Hr8vcYTMB8GA1UdIwQY
MBaAFI3GnGu+iefAR5thd0SkQk9mZ0lEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNhY2E3Nko1OEJIbTJGM1JLUkNUMlpuU1VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yM2RiNWMtMWExMC00NGM2LTlkNzct
YmI1Y2FhYzJlOTAzLzEvTzg2MmZ3MFR5VnFYcWRIc0J0VDBldnk5eGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yM2RiNWMtMWExMC00NGM2LTlkNzctYmI1Y2FhYzJlOTAz
LzEvamNhY2E3Nko1OEJIbTJGM1JLUkNUMlpuU1VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW1xzMA0G
CSqGSIb3DQEBCwUAA4IBAQBfFqhGYU1kLSx5Xx8oZ6Wl/yq4VZO+IXPv2BdB+DkG
YS57vguxjA5wBkQ0nJQ3sd6efGFU3RRqVYqMTfM26cFyCU9QKjZppm1ju0jarxiE
urQTwoAy0okfjx9wYdAaqIYSFDGAf5FIJ1yPSCVqoliP36Jc71y/pZbriEVlkadI
iTjw9S0XowL0CA/MUAid2L1dXiDg68fZD135Y3FIqPclBbya6i7K2mcdW4+oYieR
FLeec/OVaKnPBU6yP9R8VoFewAGME45LP3P887b8FKqdCY745fHsxQHz7CxKjYdJ
GoBEEGEzvPktRhWVumPX/VNWrLC+IzpWEgtsvkg/uu0K
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:22 2025 by rpki-client