Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/OlYEfDxAlLqFqFWNctXFz_uPJ8w.roa
File: OlYEfDxAlLqFqFWNctXFz_uPJ8w.roa (raw, json)
Hash identifier: k+Slei3KrVJp7LOsN8lZO9cE9biXIMg3Uz6v0UG4Bds=
Subject key identifier: 3A:56:04:7C:3C:40:94:BA:85:A8:55:8D:72:D5:C5:CF:FB:8F:27:CC
Certificate issuer: /CN=7001e422227fa44cc5cb95d2a9dcce0fa5b89c07
Certificate serial: 018570398CE7DC3BA00E0315FBDD70A06DC0
Authority key identifier: 70:01:E4:22:22:7F:A4:4C:C5:CB:95:D2:A9:DC:CE:0F:A5:B8:9C:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAHkIiJ_pEzFy5XSqdzOD6W4nAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/OlYEfDxAlLqFqFWNctXFz_uPJ8w.roa
Signing time: Mon 02 Jan 2023 02:04:57 +0000
ROA not before: Mon 02 Jan 2023 02:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 91.227.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:8c:e7:dc:3b:a0:0e:03:15:fb:dd:70:a0:6d:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7001e422227fa44cc5cb95d2a9dcce0fa5b89c07
Validity
Not Before: Jan 2 02:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a56047c3c4094ba85a8558d72d5c5cffb8f27cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:49:f4:00:69:af:51:fa:57:43:68:8d:d7:f2:
fb:6a:34:ec:de:38:06:f1:23:f6:6d:63:5d:1b:3f:
8d:be:ab:ff:5b:ab:81:05:c0:d0:cf:f8:72:67:78:
03:0d:3c:f8:a3:20:3f:91:b6:7a:d1:4f:0a:73:05:
92:6a:85:81:01:86:c5:0e:f7:a7:0d:bb:2c:e6:73:
f3:4d:64:8e:e4:10:cf:74:05:dd:45:77:6a:d6:55:
42:54:15:67:af:c1:01:7f:70:c9:59:3f:c5:b4:37:
d2:2f:78:ec:0c:7d:4d:50:2b:6f:25:65:65:94:01:
3e:2c:9d:d9:e9:e7:80:8c:d9:16:9f:df:99:a9:2c:
2e:38:f9:3d:66:c3:25:4a:9d:74:05:1c:9e:bf:b1:
bb:64:42:b9:a8:de:c7:44:b0:13:56:0e:bf:ee:b1:
0d:ca:ca:46:0a:b6:1b:df:f3:0b:b9:19:08:1a:8b:
fb:fe:76:62:18:63:1b:1a:6b:9c:ba:03:d7:42:1e:
5a:e6:a1:7c:58:e6:39:52:41:99:5e:6b:40:71:1f:
1e:7e:e7:dc:f5:32:bf:15:2e:85:06:74:d9:c4:c0:
71:12:19:05:db:15:b6:dd:a6:b9:34:32:e3:7b:fb:
d9:9f:a7:bc:00:c0:f9:50:92:d4:ca:06:ab:0a:38:
2d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:56:04:7C:3C:40:94:BA:85:A8:55:8D:72:D5:C5:CF:FB:8F:27:CC
X509v3 Authority Key Identifier:
keyid:70:01:E4:22:22:7F:A4:4C:C5:CB:95:D2:A9:DC:CE:0F:A5:B8:9C:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAHkIiJ_pEzFy5XSqdzOD6W4nAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/OlYEfDxAlLqFqFWNctXFz_uPJ8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/cAHkIiJ_pEzFy5XSqdzOD6W4nAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.253.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:01:b1:14:2c:99:dd:51:4f:3d:ab:cf:1a:b2:75:93:c5:46:
a5:85:12:ad:6a:92:d7:9f:31:38:c5:9a:eb:0c:37:5d:51:1f:
e8:15:30:d0:22:ac:76:20:be:9d:e3:31:57:ed:f9:9a:35:41:
fd:93:8d:b2:55:3c:22:7b:7b:e4:4a:59:f7:6a:f0:d8:77:5d:
79:c3:f7:4d:94:24:a2:0e:fa:2b:53:1c:55:db:27:1a:90:de:
58:1d:cd:13:14:41:a7:c1:87:35:bf:ab:b5:e4:6f:b3:33:f9:
3b:f8:5a:fd:30:e7:43:57:96:67:ea:6c:43:76:4d:7b:5b:9f:
a2:18:67:f4:58:2c:11:a8:f2:88:5c:e1:44:b9:f3:65:bf:5a:
58:d7:80:01:f9:d3:6d:b8:df:f9:71:ca:66:e4:52:1d:69:41:
ed:05:88:f8:76:2d:a8:12:2d:c9:07:a4:55:28:c7:57:c8:ed:
c5:92:74:e9:87:dc:e0:c2:5d:29:8b:c9:1d:68:e2:22:2f:62:
ac:41:65:f0:90:de:7a:69:d5:66:d6:aa:44:20:a6:6e:a5:6a:
bb:b6:b2:de:e1:d0:eb:bb:29:1c:cd:96:46:a4:44:ab:a6:4a:
2c:4a:ee:41:b3:dc:57:a4:a9:9c:48:bd:65:83:8d:36:da:cc:
9e:41:a6:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOYzn3DugDgMV+91woG3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMDFlNDIyMjI3ZmE0NGNjNWNiOTVkMmE5ZGNjZTBmYTVi
ODljMDcwHhcNMjMwMTAyMDIwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTU2MDQ3YzNjNDA5NGJhODVhODU1OGQ3MmQ1YzVjZmZiOGYyN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0n0AGmvUfpXQ2iN1/L7ajTs3jgG
8SP2bWNdGz+Nvqv/W6uBBcDQz/hyZ3gDDTz4oyA/kbZ60U8KcwWSaoWBAYbFDven
Dbss5nPzTWSO5BDPdAXdRXdq1lVCVBVnr8EBf3DJWT/FtDfSL3jsDH1NUCtvJWVl
lAE+LJ3Z6eeAjNkWn9+ZqSwuOPk9ZsMlSp10BRyev7G7ZEK5qN7HRLATVg6/7rEN
yspGCrYb3/MLuRkIGov7/nZiGGMbGmucugPXQh5a5qF8WOY5UkGZXmtAcR8efufc
9TK/FS6FBnTZxMBxEhkF2xW23aa5NDLje/vZn6e8AMD5UJLUygarCjgtlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpWBHw8QJS6hahVjXLVxc/7jyfMMB8GA1UdIwQY
MBaAFHAB5CIif6RMxcuV0qnczg+luJwHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0FIa0lpSl9wRXpGeTVYU3Fkek9ENlc0bkFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My85OTJkMDMtODgzYi00MDRkLTg4N2Ut
ZjI0MzVkNWNmMzdiLzEvT2xZRWZEeEFsTHFGcUZXTmN0WEZ6X3VQSjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My85OTJkMDMtODgzYi00MDRkLTg4N2UtZjI0MzVkNWNmMzdi
LzEvY0FIa0lpSl9wRXpGeTVYU3Fkek9ENlc0bkFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+P9MA0G
CSqGSIb3DQEBCwUAA4IBAQCMAbEULJndUU89q88asnWTxUalhRKtapLXnzE4xZrr
DDddUR/oFTDQIqx2IL6d4zFX7fmaNUH9k42yVTwie3vkSln3avDYd115w/dNlCSi
DvorUxxV2ycakN5YHc0TFEGnwYc1v6u15G+zM/k7+Fr9MOdDV5Zn6mxDdk17W5+i
GGf0WCwRqPKIXOFEufNlv1pY14AB+dNtuN/5ccpm5FIdaUHtBYj4di2oEi3JB6RV
KMdXyO3FknTph9zgwl0pi8kdaOIiL2KsQWXwkN56adVm1qpEIKZupWq7trLe4dDr
uykczZZGpESrpkosSu5Bs9xXpKmcSL1lg4022syeQaac
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:46 2025 by rpki-client