Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/DRN6-OT2WgGvafekqW0ylF-gppA.roa
File: DRN6-OT2WgGvafekqW0ylF-gppA.roa (raw, json)
Hash identifier: q1insG/fxdAU11NbFBpYYSPJOxK1EUrYHDgjxuyxps0=
Subject key identifier: 0D:13:7A:F8:E4:F6:5A:01:AF:69:F7:A4:A9:6D:32:94:5F:A0:A6:90
Certificate issuer: /CN=5b1a2cf2f13745ee1bbf7f0a74bead3ce5074855
Certificate serial: 15E2BDF3
Authority key identifier: 5B:1A:2C:F2:F1:37:45:EE:1B:BF:7F:0A:74:BE:AD:3C:E5:07:48:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wxos8vE3Re4bv38KdL6tPOUHSFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/DRN6-OT2WgGvafekqW0ylF-gppA.roa
Signing time: Sat 01 Jan 2022 07:00:56 +0000
ROA not before: Sat 01 Jan 2022 07:00:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3303
IP address blocks: 91.198.58.0/24 maxlen: 24
2001:678:d98::/48 maxlen: 48
2001:678:d9c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 367181299 (0x15e2bdf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b1a2cf2f13745ee1bbf7f0a74bead3ce5074855
Validity
Not Before: Jan 1 07:00:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d137af8e4f65a01af69f7a4a96d32945fa0a690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1c:38:a7:5e:f3:2d:76:11:2d:77:3b:51:54:
3c:73:79:05:fa:5e:84:41:49:fe:36:61:de:be:5e:
8c:af:3b:a5:87:93:02:52:86:00:4a:b2:19:aa:5a:
6d:75:70:61:44:dc:f8:08:81:83:b8:1c:15:f8:c4:
1d:9e:a0:1f:d7:b5:36:62:04:c4:10:34:fc:76:90:
0c:1c:fc:0e:b2:96:3a:93:1d:5e:74:78:5e:15:7c:
d8:22:39:84:ef:0d:d2:1d:85:74:95:80:c2:66:7e:
5e:37:b3:82:92:fe:d1:f1:35:8d:50:b1:72:71:fe:
f0:90:79:4c:22:98:27:1e:26:b8:d7:92:64:b3:67:
2c:83:e5:9c:79:a9:65:74:22:b9:8c:3a:0f:1e:e1:
76:7c:05:23:63:5e:6e:09:55:fc:d4:08:d4:21:19:
ac:74:74:41:77:f0:b2:92:17:66:92:63:c8:8c:72:
01:58:a3:c2:58:89:aa:3c:8e:fc:05:93:aa:93:80:
eb:43:04:e6:59:82:be:1b:52:8b:e1:5a:32:67:0b:
cd:0b:32:22:c0:27:cf:c4:3f:34:dd:c0:9d:74:63:
24:1c:8d:8d:e2:97:42:ec:7e:e0:7f:8b:95:87:a0:
18:45:a8:e8:ce:87:e3:3f:ce:f4:90:50:24:72:0e:
72:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:13:7A:F8:E4:F6:5A:01:AF:69:F7:A4:A9:6D:32:94:5F:A0:A6:90
X509v3 Authority Key Identifier:
keyid:5B:1A:2C:F2:F1:37:45:EE:1B:BF:7F:0A:74:BE:AD:3C:E5:07:48:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wxos8vE3Re4bv38KdL6tPOUHSFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/DRN6-OT2WgGvafekqW0ylF-gppA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/Wxos8vE3Re4bv38KdL6tPOUHSFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.58.0/24
IPv6:
2001:678:d98::/48
2001:678:d9c::/48
Signature Algorithm: sha256WithRSAEncryption
ca:4c:2d:fe:54:a2:a1:d3:bb:6e:bb:7c:66:9d:ba:fa:5b:db:
2d:1c:c0:88:0c:99:57:ce:76:c6:00:f7:b3:31:f2:5e:d3:ad:
66:fb:ce:c2:d9:be:fa:10:97:dc:a1:80:5f:0c:6b:3a:f2:ec:
73:c0:4d:be:83:6a:7c:6c:f0:12:62:60:ea:d4:38:cb:2c:2f:
46:3f:76:33:e0:8b:90:a3:63:6f:12:9e:d0:b8:1e:d9:df:82:
d6:15:e8:45:25:f7:2a:d1:b4:e4:fc:64:56:b7:51:21:c2:87:
9b:14:13:ed:af:7e:2d:82:66:36:bd:62:e2:74:10:1c:79:5f:
2a:68:bc:1c:dd:0b:ab:fa:46:e8:ad:57:09:f9:78:0c:26:6f:
91:ee:2b:27:95:46:c6:37:a9:49:23:01:7c:fc:7e:c7:6a:92:
b3:da:05:6e:71:70:29:50:73:c1:9b:c9:05:13:3f:de:33:5a:
c1:2a:13:9d:cc:9a:7a:af:b9:4f:09:7b:d2:d6:43:d7:d9:23:
ef:82:55:09:db:ea:09:6a:c7:2a:8a:93:23:8d:e9:7d:35:31:
f5:47:08:32:4f:b8:c4:0e:dd:53:0a:7f:7e:34:02:c0:7d:8c:
14:0e:61:a7:f1:b2:65:9f:28:61:67:52:dd:47:da:97:2c:7d:
ea:b6:af:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEFeK98zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjFhMmNmMmYxMzc0NWVlMWJiZjdmMGE3NGJlYWQzY2U1MDc0ODU1MB4XDTIyMDEw
MTA3MDA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQxMzdhZjhlNGY2
NWEwMWFmNjlmN2E0YTk2ZDMyOTQ1ZmEwYTY5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ4cOKde8y12ES13O1FUPHN5BfpehEFJ/jZh3r5ejK87pYeT
AlKGAEqyGapabXVwYUTc+AiBg7gcFfjEHZ6gH9e1NmIExBA0/HaQDBz8DrKWOpMd
XnR4XhV82CI5hO8N0h2FdJWAwmZ+XjezgpL+0fE1jVCxcnH+8JB5TCKYJx4muNeS
ZLNnLIPlnHmpZXQiuYw6Dx7hdnwFI2NebglV/NQI1CEZrHR0QXfwspIXZpJjyIxy
AVijwliJqjyO/AWTqpOA60ME5lmCvhtSi+FaMmcLzQsyIsAnz8Q/NN3AnXRjJByN
jeKXQux+4H+LlYegGEWo6M6H4z/O9JBQJHIOcqMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQNE3r45PZaAa9p96SpbTKUX6CmkDAfBgNVHSMEGDAWgBRbGizy8TdF7hu/
fwp0vq085QdIVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1d4b3M4dkUzUmU0YnYzOEtkTDZ0UE9VSFNGVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvMjRmMDJkLWIyM2EtNGM4MS05MWYwLTdmOTAyNWU1MzEwOS8x
L0RSTjYtT1QyV2dHdmFmZWtxVzB5bEYtZ3BwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
MjRmMDJkLWIyM2EtNGM4MS05MWYwLTdmOTAyNWU1MzEwOS8xL1d4b3M4dkUzUmU0
YnYzOEtkTDZ0UE9VSFNGVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAFvGOjAYBAIAAjASAwcAIAEGeA2Y
AwcAIAEGeA2cMA0GCSqGSIb3DQEBCwUAA4IBAQDKTC3+VKKh07tuu3xmnbr6W9st
HMCIDJlXznbGAPezMfJe061m+87C2b76EJfcoYBfDGs68uxzwE2+g2p8bPASYmDq
1DjLLC9GP3Yz4IuQo2NvEp7QuB7Z34LWFehFJfcq0bTk/GRWt1EhwoebFBPtr34t
gmY2vWLidBAceV8qaLwc3Qur+kborVcJ+XgMJm+R7isnlUbGN6lJIwF8/H7HapKz
2gVucXApUHPBm8kFEz/eM1rBKhOdzJp6r7lPCXvS1kPX2SPvglUJ2+oJascqipMj
jel9NTH1RwgyT7jEDt1TCn9+NALAfYwUDmGn8bJlnyhhZ1LdR9qXLH3qtq/p
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:41 2025 by rpki-client