Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8a59cf-5092-474d-81cf-974c31f2660b/1/OsmTTKN60QGtCkZwLmXTZPwokjs.roa
File: OsmTTKN60QGtCkZwLmXTZPwokjs.roa (raw, json)
Hash identifier: zHd3kSN8HY+3HKkLdI2wzYmehdwHs7CKim5Ew1dz84Y=
Subject key identifier: 3A:C9:93:4C:A3:7A:D1:01:AD:0A:46:70:2E:65:D3:64:FC:28:92:3B
Certificate issuer: /CN=23f21f7316e1bd78f86eea6425d5c229b980f9ac
Certificate serial: 018570B076FA1440B3DDDF8644917B7F3A37
Authority key identifier: 23:F2:1F:73:16:E1:BD:78:F8:6E:EA:64:25:D5:C2:29:B9:80:F9:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I_IfcxbhvXj4bupkJdXCKbmA-aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/8a59cf-5092-474d-81cf-974c31f2660b/1/OsmTTKN60QGtCkZwLmXTZPwokjs.roa
Signing time: Mon 02 Jan 2023 04:14:51 +0000
ROA not before: Mon 02 Jan 2023 04:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51296
IP address blocks: 91.216.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:76:fa:14:40:b3:dd:df:86:44:91:7b:7f:3a:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23f21f7316e1bd78f86eea6425d5c229b980f9ac
Validity
Not Before: Jan 2 04:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ac9934ca37ad101ad0a46702e65d364fc28923b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9d:91:e6:be:66:45:b3:8e:35:97:10:e7:34:
81:9d:7b:d0:2d:a8:d2:c4:2c:d8:83:92:1a:29:46:
19:60:60:69:74:6d:a0:94:75:98:78:06:31:11:62:
9d:41:16:06:dc:83:cc:b2:03:a9:68:b9:7e:55:ae:
e6:d3:92:ae:30:10:a6:2f:d7:8f:55:7a:ee:bc:55:
e4:18:6a:e6:66:c0:73:08:a4:b0:d8:a9:19:c6:e9:
b7:c8:90:e9:22:16:77:0c:f7:c6:83:d8:fa:f6:46:
61:7b:df:a3:a3:9e:77:f4:af:6c:1f:8d:a2:16:19:
fe:03:2f:d7:6d:d2:69:1b:25:28:de:6c:d3:61:99:
92:6f:ec:f4:ef:c3:3a:1f:a7:9e:97:52:0d:a1:06:
65:2f:5f:57:44:58:5f:90:68:78:b3:ec:9d:85:70:
25:ff:87:2d:15:02:f0:4b:96:4c:08:a5:5e:e8:97:
20:4e:a3:f8:18:ea:82:95:ad:b4:64:e2:a6:ad:5b:
40:be:5d:79:82:33:0e:8e:16:e4:3a:fc:51:32:02:
36:58:b6:67:8b:37:86:2a:31:60:58:f9:ab:8b:27:
4b:8b:c5:07:33:94:5d:7b:9f:51:27:c4:4d:f8:5d:
12:37:27:c6:3e:88:3f:3f:2f:56:78:74:b2:4e:b5:
53:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C9:93:4C:A3:7A:D1:01:AD:0A:46:70:2E:65:D3:64:FC:28:92:3B
X509v3 Authority Key Identifier:
keyid:23:F2:1F:73:16:E1:BD:78:F8:6E:EA:64:25:D5:C2:29:B9:80:F9:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_IfcxbhvXj4bupkJdXCKbmA-aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a59cf-5092-474d-81cf-974c31f2660b/1/OsmTTKN60QGtCkZwLmXTZPwokjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a59cf-5092-474d-81cf-974c31f2660b/1/I_IfcxbhvXj4bupkJdXCKbmA-aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.255.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:19:60:71:b9:6a:49:69:c0:3e:e6:4a:b4:43:9d:06:79:4e:
4c:d6:6a:89:43:5e:f2:2e:a0:3c:1d:28:cc:58:3e:3c:7e:e3:
a2:1e:30:82:29:66:7a:6e:e2:88:61:81:e1:b4:80:82:46:42:
e7:9f:13:b9:6e:f0:9b:49:9d:43:31:63:0a:f6:cc:8a:76:80:
fa:e0:b3:c1:d2:8b:21:11:a9:dd:5e:3c:00:bc:40:a0:51:a2:
b6:29:0f:2d:52:20:66:97:09:8b:81:54:71:d9:64:09:50:59:
b0:48:88:f7:ed:b6:75:80:b6:d8:99:54:44:3d:99:9b:78:d5:
c4:85:09:1d:48:0b:e1:7b:1d:69:90:01:99:d2:5e:8e:b9:a3:
d5:0d:76:41:cd:dc:9c:66:1f:ce:61:91:bc:dd:4c:91:42:a8:
00:d4:82:fe:99:f9:77:12:b6:0f:02:a9:11:3d:9e:17:2d:fe:
45:91:ba:1b:68:1c:20:06:ae:38:99:25:4e:2a:4c:56:39:72:
06:2c:d1:73:53:0f:c4:d5:d1:9f:81:1a:af:2b:eb:62:b4:c1:
98:14:0c:d8:43:b6:70:67:5d:32:cf:2a:79:c8:cc:c6:96:f7:
c9:44:9e:f6:2a:7e:ad:1d:46:05:9f:96:ae:70:2f:98:8c:f2:
8c:4c:77:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwsHb6FECz3d+GRJF7fzo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjIxZjczMTZlMWJkNzhmODZlZWE2NDI1ZDVjMjI5Yjk4
MGY5YWMwHhcNMjMwMTAyMDQxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWM5OTM0Y2EzN2FkMTAxYWQwYTQ2NzAyZTY1ZDM2NGZjMjg5MjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh52R5r5mRbOONZcQ5zSBnXvQLajS
xCzYg5IaKUYZYGBpdG2glHWYeAYxEWKdQRYG3IPMsgOpaLl+Va7m05KuMBCmL9eP
VXruvFXkGGrmZsBzCKSw2KkZxum3yJDpIhZ3DPfGg9j69kZhe9+jo5539K9sH42i
Fhn+Ay/XbdJpGyUo3mzTYZmSb+z078M6H6eel1INoQZlL19XRFhfkGh4s+ydhXAl
/4ctFQLwS5ZMCKVe6JcgTqP4GOqCla20ZOKmrVtAvl15gjMOjhbkOvxRMgI2WLZn
izeGKjFgWPmriydLi8UHM5Rde59RJ8RN+F0SNyfGPog/Py9WeHSyTrVTLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrJk0yjetEBrQpGcC5l02T8KJI7MB8GA1UdIwQY
MBaAFCPyH3MW4b14+G7qZCXVwim5gPmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9JZmN4Ymh2WGo0YnVwa0pkWENLYm1BLWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84YTU5Y2YtNTA5Mi00NzRkLTgxY2Yt
OTc0YzMxZjI2NjBiLzEvT3NtVFRLTjYwUUd0Q2tad0xtWFRaUHdva2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84YTU5Y2YtNTA5Mi00NzRkLTgxY2YtOTc0YzMxZjI2NjBi
LzEvSV9JZmN4Ymh2WGo0YnVwa0pkWENLYm1BLWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9j/MA0G
CSqGSIb3DQEBCwUAA4IBAQBKGWBxuWpJacA+5kq0Q50GeU5M1mqJQ17yLqA8HSjM
WD48fuOiHjCCKWZ6buKIYYHhtICCRkLnnxO5bvCbSZ1DMWMK9syKdoD64LPB0osh
EandXjwAvECgUaK2KQ8tUiBmlwmLgVRx2WQJUFmwSIj37bZ1gLbYmVREPZmbeNXE
hQkdSAvhex1pkAGZ0l6OuaPVDXZBzdycZh/OYZG83UyRQqgA1IL+mfl3ErYPAqkR
PZ4XLf5FkbobaBwgBq44mSVOKkxWOXIGLNFzUw/E1dGfgRqvK+titMGYFAzYQ7Zw
Z10yzyp5yMzGlvfJRJ72Kn6tHUYFn5aucC+YjPKMTHe/
-----END CERTIFICATE-----
Generated at Tue Apr 15 13:59:01 2025 by rpki-client