Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/dea778-09c8-4572-b3bb-c6059a3aa340/1/ocg8jnJgOobz4ye-fAiaNATbylQ.roa
File: ocg8jnJgOobz4ye-fAiaNATbylQ.roa (raw, json)
Hash identifier: HySTC8Ig7BuuLrTONjoNjMJtpnShhcNx+aq6NfTr7PE=
Subject key identifier: A1:C8:3C:8E:72:60:3A:86:F3:E3:27:BE:7C:08:9A:34:04:DB:CA:54
Certificate issuer: /CN=bac55ec7cff0ef5650725adf3aefe6051a10cb6a
Certificate serial: 016EBC
Authority key identifier: BA:C5:5E:C7:CF:F0:EF:56:50:72:5A:DF:3A:EF:E6:05:1A:10:CB:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/usVex8_w71ZQclrfOu_mBRoQy2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/dea778-09c8-4572-b3bb-c6059a3aa340/1/ocg8jnJgOobz4ye-fAiaNATbylQ.roa
Signing time: Fri 18 Feb 2022 15:54:04 +0000
ROA not before: Fri 18 Feb 2022 15:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47430
IP address blocks: 91.200.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93884 (0x16ebc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bac55ec7cff0ef5650725adf3aefe6051a10cb6a
Validity
Not Before: Feb 18 15:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1c83c8e72603a86f3e327be7c089a3404dbca54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:db:a7:22:7b:71:c2:ca:15:70:e1:0a:68:26:
0c:c8:87:02:8f:9d:52:a0:c6:6c:1c:85:58:02:17:
f4:36:f3:d6:7a:bb:cf:1a:7e:3e:2b:77:55:ef:cb:
64:ac:7c:b4:fa:20:c5:ef:53:38:bb:e6:0a:9e:ef:
b1:6f:e3:d2:8e:17:fb:02:80:7d:fb:bd:04:b0:fb:
b6:e3:2b:95:93:4a:7c:a0:1d:99:c7:c6:40:e4:a3:
3f:d9:71:7c:19:22:95:d7:c4:00:e4:82:dc:5c:4e:
1d:5b:0f:c9:1e:77:c8:d4:2b:b8:45:bb:1f:44:b8:
19:ab:06:11:5b:a2:f4:35:a3:67:a3:dd:19:d1:cb:
36:fc:03:c7:69:c8:37:db:31:29:8d:d7:ec:f2:85:
d0:8b:10:c2:86:78:b0:7e:d8:41:76:ab:ba:45:90:
1e:0c:cb:e5:00:84:d2:65:1d:42:09:16:3a:e0:5e:
85:14:44:76:33:ab:04:46:cf:ce:c8:e1:de:25:d2:
49:55:68:ee:f9:b7:01:1b:51:b8:cf:80:1c:b2:71:
49:ac:af:f5:ab:35:eb:14:6b:f5:df:24:c4:24:f7:
b8:bb:79:c3:b6:f6:92:64:22:53:80:a2:82:f9:0b:
10:56:e5:b1:3c:62:2f:c2:6b:91:17:53:47:f0:7b:
d0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C8:3C:8E:72:60:3A:86:F3:E3:27:BE:7C:08:9A:34:04:DB:CA:54
X509v3 Authority Key Identifier:
keyid:BA:C5:5E:C7:CF:F0:EF:56:50:72:5A:DF:3A:EF:E6:05:1A:10:CB:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/usVex8_w71ZQclrfOu_mBRoQy2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/dea778-09c8-4572-b3bb-c6059a3aa340/1/ocg8jnJgOobz4ye-fAiaNATbylQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/dea778-09c8-4572-b3bb-c6059a3aa340/1/usVex8_w71ZQclrfOu_mBRoQy2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.146.0/24
Signature Algorithm: sha256WithRSAEncryption
66:59:e1:ce:a5:b0:da:62:9f:a2:46:71:62:3f:2c:13:59:b6:
e8:6e:94:9d:9d:d2:79:59:62:aa:9e:5c:94:b0:f2:cc:6e:43:
f2:57:b3:9e:35:d1:29:62:11:3e:be:33:a1:0a:cf:5f:de:8d:
b5:8c:e0:5e:13:39:ee:db:f4:dd:4a:ca:82:b1:4c:30:93:91:
d8:05:9d:f6:a2:c8:3d:c8:ef:f0:89:41:81:9d:ee:f5:8e:56:
6a:c7:29:36:c9:7e:df:d0:08:4e:95:6f:3f:a5:b5:2b:f6:88:
f5:de:ac:81:7a:fb:2c:de:df:8e:e1:a4:61:14:26:7b:3b:cf:
d7:50:b9:20:dc:e5:11:ca:6c:ed:a7:55:1c:e8:96:f2:07:95:
78:de:10:d0:e7:f3:b7:8b:69:f1:bd:2c:cc:63:a8:fb:8d:21:
a6:91:e5:04:76:35:6d:6e:34:8b:72:0a:1a:f6:5e:10:dd:11:
9c:34:c0:19:31:eb:34:47:7e:d8:53:0c:e4:bf:db:6c:c4:1e:
06:d3:38:69:21:fe:e6:a9:03:31:2c:45:ae:68:ae:6a:37:51:
30:a2:33:37:d0:1c:cb:74:df:4b:64:1c:45:af:19:15:87:94:
80:b6:a9:f2:e2:b2:95:da:02:1e:2f:a7:a5:3e:35:e8:c1:9c:
88:91:cb:a6
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAW68MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJh
YzU1ZWM3Y2ZmMGVmNTY1MDcyNWFkZjNhZWZlNjA1MWExMGNiNmEwHhcNMjIwMjE4
MTU1NDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhMWM4M2M4ZTcyNjAz
YTg2ZjNlMzI3YmU3YzA4OWEzNDA0ZGJjYTU0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAntunIntxwsoVcOEKaCYMyIcCj51SoMZsHIVYAhf0NvPWervP
Gn4+K3dV78tkrHy0+iDF71M4u+YKnu+xb+PSjhf7AoB9+70EsPu24yuVk0p8oB2Z
x8ZA5KM/2XF8GSKV18QA5ILcXE4dWw/JHnfI1Cu4RbsfRLgZqwYRW6L0NaNno90Z
0cs2/APHacg32zEpjdfs8oXQixDChniwfthBdqu6RZAeDMvlAITSZR1CCRY64F6F
FER2M6sERs/OyOHeJdJJVWju+bcBG1G4z4AcsnFJrK/1qzXrFGv13yTEJPe4u3nD
tvaSZCJTgKKC+QsQVuWxPGIvwmuRF1NH8HvQDwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKHIPI5yYDqG8+MnvnwImjQE28pUMB8GA1UdIwQYMBaAFLrFXsfP8O9WUHJa
3zrv5gUaEMtqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dXNWZXg4X3c3MVpRY2xyZk91X21CUm9ReTJvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82Mi9kZWE3NzgtMDljOC00NTcyLWIzYmItYzYwNTlhM2FhMzQwLzEv
b2NnOGpuSmdPb2J6NHllLWZBaWFOQVRieWxRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9k
ZWE3NzgtMDljOC00NTcyLWIzYmItYzYwNTlhM2FhMzQwLzEvdXNWZXg4X3c3MVpR
Y2xyZk91X21CUm9ReTJvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8iSMA0GCSqGSIb3DQEBCwUAA4IB
AQBmWeHOpbDaYp+iRnFiPywTWbbobpSdndJ5WWKqnlyUsPLMbkPyV7OeNdEpYhE+
vjOhCs9f3o21jOBeEznu2/TdSsqCsUwwk5HYBZ32osg9yO/wiUGBne71jlZqxyk2
yX7f0AhOlW8/pbUr9oj13qyBevss3t+O4aRhFCZ7O8/XULkg3OURymztp1Uc6Jby
B5V43hDQ5/O3i2nxvSzMY6j7jSGmkeUEdjVtbjSLcgoa9l4Q3RGcNMAZMes0R37Y
Uwzkv9tsxB4G0zhpIf7mqQMxLEWuaK5qN1EwojM30BzLdN9LZBxFrxkVh5SAtqny
4rKV2gIeL6elPjXowZyIkcum
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:44 2023 by rpki-client on console-ams.rpki-client.org