Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/od_R__O_N0gCYCxvHPFQ_DhzFAo.roa
File: od_R__O_N0gCYCxvHPFQ_DhzFAo.roa (raw, json)
Hash identifier: Qe66X8JW/8o7ewVGh3AmZmD1uEj6iWwSWBudM4+Hlqw=
Subject key identifier: A1:DF:D1:FF:F3:BF:37:48:02:60:2C:6F:1C:F1:50:FC:38:73:14:0A
Certificate issuer: /CN=f85d04e6c50ba906f9ac11c2e75bf3f5d1042a62
Certificate serial: 06C9E287
Authority key identifier: F8:5D:04:E6:C5:0B:A9:06:F9:AC:11:C2:E7:5B:F3:F5:D1:04:2A:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-F0E5sULqQb5rBHC51vz9dEEKmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/od_R__O_N0gCYCxvHPFQ_DhzFAo.roa
Signing time: Sat 01 Jan 2022 14:59:26 +0000
ROA not before: Sat 01 Jan 2022 14:59:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43164
IP address blocks: 91.198.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113894023 (0x6c9e287)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f85d04e6c50ba906f9ac11c2e75bf3f5d1042a62
Validity
Not Before: Jan 1 14:59:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1dfd1fff3bf374802602c6f1cf150fc3873140a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:00:53:2a:98:41:c1:56:ce:36:9f:3e:b0:d2:
2f:59:c8:92:cf:58:aa:26:c7:5c:72:1e:69:ee:bc:
44:67:a5:fa:ac:55:c2:69:95:81:82:ef:76:9c:80:
56:b1:e4:99:9f:73:b8:d4:7f:da:72:bd:99:2a:06:
c1:c9:75:aa:07:83:20:0c:8a:2e:49:8f:f5:8e:e2:
61:d7:50:25:c1:3a:35:4a:8e:65:5c:bf:04:08:22:
db:4a:d2:e7:3a:8a:b5:b2:70:4b:79:af:9e:b8:c0:
39:fa:fd:9c:58:b5:e3:b4:e2:5a:54:20:42:6b:bc:
dc:7d:01:de:b2:21:5f:40:cf:88:72:e2:f9:31:9b:
f8:fd:3c:a4:a3:a0:aa:a9:82:1b:da:42:1c:3f:07:
9a:dd:86:48:a6:5c:a1:d9:7b:7b:40:c4:e8:cb:4d:
6c:13:44:7a:c1:14:9f:3d:54:ce:07:05:b4:eb:f6:
3e:c4:a7:2a:42:a9:78:ee:86:a5:2f:00:bd:62:e5:
e5:11:3f:82:b5:7f:16:92:97:d5:27:7e:43:35:ec:
ce:d3:8c:bc:15:59:69:80:68:59:d4:f7:a3:ce:61:
3a:57:75:64:a8:4c:2c:5a:ea:f5:c4:73:3b:f2:0b:
0a:db:0f:cd:8b:3d:51:77:0e:dc:1d:4c:73:22:01:
27:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DF:D1:FF:F3:BF:37:48:02:60:2C:6F:1C:F1:50:FC:38:73:14:0A
X509v3 Authority Key Identifier:
keyid:F8:5D:04:E6:C5:0B:A9:06:F9:AC:11:C2:E7:5B:F3:F5:D1:04:2A:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-F0E5sULqQb5rBHC51vz9dEEKmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/od_R__O_N0gCYCxvHPFQ_DhzFAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/1-F0E5sULqQb5rBHC51vz9dEEKmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.0.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:5e:91:15:ca:9e:c6:31:2f:81:6e:ce:29:d9:d9:2f:66:94:
10:f1:43:de:a9:39:e1:af:06:f3:58:18:5b:02:05:f4:87:03:
15:3a:41:3f:0a:41:a7:02:19:25:4f:1f:e9:a3:fc:fd:6c:9c:
cc:9a:37:48:10:65:19:92:90:02:85:4e:2c:96:e2:8b:18:2c:
c4:79:33:6f:90:0b:43:65:45:3d:b3:17:ba:cb:49:3b:e6:b8:
dd:44:89:67:9a:f5:0f:69:e0:f2:b3:05:73:08:5e:8a:10:bf:
43:bf:a5:53:ff:ae:9b:4c:b2:ea:54:39:e3:5a:f3:82:c1:e9:
a4:96:b1:62:d9:ae:50:74:d4:cb:99:17:19:0a:ce:b6:2c:fb:
5e:ff:f5:44:30:b6:a2:99:a9:b1:ea:57:0c:05:4a:c9:35:97:
b4:1e:ed:cf:9c:e1:57:f1:ce:64:f6:d4:9b:75:f9:02:63:e2:
0a:4d:f6:6b:69:38:fc:45:ab:6a:2b:3f:74:db:92:2d:49:d8:
48:17:a5:f4:85:7b:53:b9:2f:73:04:7b:bd:44:2d:c9:46:fa:
67:e2:7d:02:df:5f:2f:c7:80:2a:b9:d3:eb:4b:a4:05:60:c4:
b1:54:d6:5b:eb:c4:9e:97:dc:31:7c:f4:fa:17:6a:eb:31:54:
09:f8:bc:78
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEBsnihzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODVkMDRlNmM1MGJhOTA2ZjlhYzExYzJlNzViZjNmNWQxMDQyYTYyMB4XDTIyMDEw
MTE0NTkyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFkZmQxZmZmM2Jm
Mzc0ODAyNjAyYzZmMWNmMTUwZmMzODczMTQwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMoAUyqYQcFWzjafPrDSL1nIks9YqibHXHIeae68RGel+qxV
wmmVgYLvdpyAVrHkmZ9zuNR/2nK9mSoGwcl1qgeDIAyKLkmP9Y7iYddQJcE6NUqO
ZVy/BAgi20rS5zqKtbJwS3mvnrjAOfr9nFi147TiWlQgQmu83H0B3rIhX0DPiHLi
+TGb+P08pKOgqqmCG9pCHD8Hmt2GSKZcodl7e0DE6MtNbBNEesEUnz1UzgcFtOv2
PsSnKkKpeO6GpS8AvWLl5RE/grV/FpKX1Sd+QzXsztOMvBVZaYBoWdT3o85hOld1
ZKhMLFrq9cRzO/ILCtsPzYs9UXcO3B1McyIBJxsCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSh39H/8783SAJgLG8c8VD8OHMUCjAfBgNVHSMEGDAWgBT4XQTmxQupBvms
EcLnW/P10QQqYjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtRjBFNXNVTHFRYjVyQkhDNTF2ejlkRUVLbUkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzU0L2UzYWEzMS05NjRmLTRhODEtYmNlZS1kZThjMjYyMDJiMTcv
MS9vZF9SX19PX04wZ0NZQ3h2SFBGUV9EaHpGQW8ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0
L2UzYWEzMS05NjRmLTRhODEtYmNlZS1kZThjMjYyMDJiMTcvMS8xLUYwRTVzVUxx
UWI1ckJIQzUxdno5ZEVFS21JLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8YAMA0GCSqGSIb3DQEBCwUA
A4IBAQAaXpEVyp7GMS+Bbs4p2dkvZpQQ8UPeqTnhrwbzWBhbAgX0hwMVOkE/CkGn
AhklTx/po/z9bJzMmjdIEGUZkpAChU4sluKLGCzEeTNvkAtDZUU9sxe6y0k75rjd
RIlnmvUPaeDyswVzCF6KEL9Dv6VT/66bTLLqVDnjWvOCwemklrFi2a5QdNTLmRcZ
Cs62LPte//VEMLaimamx6lcMBUrJNZe0Hu3PnOFX8c5k9tSbdfkCY+IKTfZraTj8
RatqKz9025ItSdhIF6X0hXtTuS9zBHu9RC3JRvpn4n0C318vx4AqudPrS6QFYMSx
VNZb68Sel9wxfPT6F2rrMVQJ+Lx4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:15 2023 by rpki-client on console-ams.rpki-client.org