Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/OZRhrzVmDKuKrf-tXUscX36-IRU.roa
File: OZRhrzVmDKuKrf-tXUscX36-IRU.roa (raw, json)
Hash identifier: 2qq9IoNH+WtaYADJ5njyjF/5I3+7XPvfilDIncyn6hs=
Subject key identifier: 39:94:61:AF:35:66:0C:AB:8A:AD:FF:AD:5D:4B:1C:5F:7E:BE:21:15
Certificate issuer: /CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Certificate serial: 037D4709
Authority key identifier: AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/OZRhrzVmDKuKrf-tXUscX36-IRU.roa
Signing time: Sat 01 Jan 2022 10:53:59 +0000
ROA not before: Sat 01 Jan 2022 10:53:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58147
IP address blocks: 91.239.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58541833 (0x37d4709)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Validity
Not Before: Jan 1 10:53:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=399461af35660cab8aadffad5d4b1c5f7ebe2115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:27:e3:2d:33:c7:e3:b9:22:43:67:71:e2:28:
2f:44:c5:dc:ca:26:bf:6d:7f:c6:14:e8:61:bb:fb:
30:16:2b:f5:2a:90:8d:d4:a1:6e:b8:2a:27:87:24:
f5:14:d5:8c:e3:eb:c9:22:e0:66:32:d9:e3:97:a2:
d2:db:c7:59:78:0a:5b:0b:55:0c:ed:59:5b:3a:da:
c0:a4:bd:3a:a3:ea:85:73:46:44:8b:0f:7b:fd:db:
68:cf:44:3d:1d:a1:b5:54:06:52:f8:18:c0:48:ed:
84:3b:e2:55:ed:34:83:6b:f2:ef:b8:4d:86:f7:99:
5e:5e:bc:a4:4c:7b:a2:ce:31:b0:0e:f9:c0:28:8e:
5e:35:f3:67:4d:ca:72:13:33:3f:13:07:11:1a:d3:
84:f4:5b:1d:7b:2e:f3:5f:69:05:cc:24:45:33:e8:
e5:40:71:4f:ea:88:f6:83:54:d0:d5:ff:0a:0b:ee:
80:3f:39:c0:7d:29:9e:48:a4:77:35:ca:55:eb:57:
d7:74:ff:d2:81:d9:3f:4d:02:02:0c:52:3a:aa:bc:
88:13:df:68:14:56:16:57:70:d7:fa:da:8d:d5:37:
5b:a3:e4:38:6f:d7:30:ef:dc:b0:1c:b4:c9:2a:b6:
2e:49:2f:31:dd:a5:47:5d:38:82:86:c6:34:e6:a9:
6c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:94:61:AF:35:66:0C:AB:8A:AD:FF:AD:5D:4B:1C:5F:7E:BE:21:15
X509v3 Authority Key Identifier:
keyid:AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/OZRhrzVmDKuKrf-tXUscX36-IRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.60.0/24
Signature Algorithm: sha256WithRSAEncryption
e2:4c:2b:5c:20:55:c9:00:9f:3c:37:d4:f5:d0:ef:ce:f6:50:
b8:32:68:fe:a6:e4:16:62:c6:dc:73:d0:eb:5f:1e:9c:cd:2e:
bd:0e:6e:60:fe:8e:ef:a8:b0:df:67:17:c6:75:0c:1d:c3:bd:
ab:0d:c8:90:61:e0:e5:f3:a4:c7:86:ae:f0:d6:82:7c:77:c3:
5d:96:43:4d:5c:21:c6:6c:41:f0:9a:70:cd:bb:f9:f2:af:26:
be:5e:d7:6a:c0:3d:2f:28:5b:30:c1:1a:b4:7c:09:52:9c:88:
fd:4f:53:9e:07:30:0f:3a:c7:b9:ba:f0:e7:fd:1b:c1:0f:a6:
b0:41:f3:b5:bd:15:59:5f:89:80:49:c1:62:b3:f2:13:f5:c4:
74:43:f0:40:d5:17:52:63:e4:0a:c9:fc:a4:37:25:ff:84:8c:
88:af:9b:1c:ba:f9:0f:7f:08:08:61:eb:4f:be:2d:96:24:55:
0b:af:0a:e5:a9:8e:c5:53:2d:fc:19:d6:a9:93:62:bf:f7:28:
e1:fe:41:87:ad:db:a8:c9:5e:70:30:f4:1a:00:1e:34:01:0c:
32:90:e4:8a:3a:da:dd:90:0c:f9:68:c9:66:22:37:e1:1b:69:
53:05:b3:51:c6:12:d8:5a:a0:23:a3:f9:43:1a:e4:99:9d:ba:
ff:64:41:74
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA31HCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2EyYTE5NTJlNzE4OTQ0YTQwNDM0YTBlYmVmZmZkYTJiZmVlZDVmMB4XDTIyMDEw
MTEwNTM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk5NDYxYWYzNTY2
MGNhYjhhYWRmZmFkNWQ0YjFjNWY3ZWJlMjExNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4n4y0zx+O5IkNnceIoL0TF3Momv21/xhToYbv7MBYr9SqQ
jdShbrgqJ4ck9RTVjOPrySLgZjLZ45ei0tvHWXgKWwtVDO1ZWzrawKS9OqPqhXNG
RIsPe/3baM9EPR2htVQGUvgYwEjthDviVe00g2vy77hNhveZXl68pEx7os4xsA75
wCiOXjXzZ03KchMzPxMHERrThPRbHXsu819pBcwkRTPo5UBxT+qI9oNU0NX/Cgvu
gD85wH0pnkikdzXKVetX13T/0oHZP00CAgxSOqq8iBPfaBRWFldw1/rajdU3W6Pk
OG/XMO/csBy0ySq2LkkvMd2lR104gobGNOapbIkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ5lGGvNWYMq4qt/61dSxxffr4hFTAfBgNVHSMEGDAWgBSsoqGVLnGJRKQE
NKDr7//aK/7tXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JLS2hsUzV4aVVTa0JEU2c2LV9fMml2LTdWOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvYTI2NGE4LWE2NjYtNGM4Ny04NTFjLWFkYTI0ZWYzMTBjYS8x
L09aUmhyelZtREt1S3JmLXRYVXNjWDM2LUlSVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
YTI2NGE4LWE2NjYtNGM4Ny04NTFjLWFkYTI0ZWYzMTBjYS8xL3JLS2hsUzV4aVVT
a0JEU2c2LV9fMml2LTdWOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvvPDANBgkqhkiG9w0BAQsFAAOC
AQEA4kwrXCBVyQCfPDfU9dDvzvZQuDJo/qbkFmLG3HPQ618enM0uvQ5uYP6O76iw
32cXxnUMHcO9qw3IkGHg5fOkx4au8NaCfHfDXZZDTVwhxmxB8Jpwzbv58q8mvl7X
asA9LyhbMMEatHwJUpyI/U9TngcwDzrHubrw5/0bwQ+msEHztb0VWV+JgEnBYrPy
E/XEdEPwQNUXUmPkCsn8pDcl/4SMiK+bHLr5D38ICGHrT74tliRVC68K5amOxVMt
/BnWqZNiv/co4f5Bh63bqMlecDD0GgAeNAEMMpDkijra3ZAM+WjJZiI34RtpUwWz
UcYS2FqgI6P5QxrkmZ26/2RBdA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:07 2025 by rpki-client