Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/3ab6cf-99cd-4ac4-9013-f5bee16ed3a7/1/O_X3EI1YhUx8UCK_ZPyzwtJF_9w.roa
File: O_X3EI1YhUx8UCK_ZPyzwtJF_9w.roa (raw, json)
Hash identifier: kJKvxtU8skI33kbghHK9OREsA82qUEXiH8FZ7dEr7ko=
Subject key identifier: 3B:F5:F7:10:8D:58:85:4C:7C:50:22:BF:64:FC:B3:C2:D2:45:FF:DC
Certificate issuer: /CN=fc48e6506ec6d53c5915dc8f29644485df92fce9
Certificate serial: 01856C1C88321A63EE49E01928DCAD1DEB95
Authority key identifier: FC:48:E6:50:6E:C6:D5:3C:59:15:DC:8F:29:64:44:85:DF:92:FC:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_EjmUG7G1TxZFdyPKWREhd-S_Ok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/3ab6cf-99cd-4ac4-9013-f5bee16ed3a7/1/O_X3EI1YhUx8UCK_ZPyzwtJF_9w.roa
Signing time: Sun 01 Jan 2023 06:54:47 +0000
ROA not before: Sun 01 Jan 2023 06:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9208
IP address blocks: 91.220.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:88:32:1a:63:ee:49:e0:19:28:dc:ad:1d:eb:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc48e6506ec6d53c5915dc8f29644485df92fce9
Validity
Not Before: Jan 1 06:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bf5f7108d58854c7c5022bf64fcb3c2d245ffdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:66:fd:69:44:e3:7b:ae:19:b6:66:b0:23:1b:
7f:46:ed:87:61:77:8b:5e:58:88:a4:f0:28:3f:de:
7d:3f:ef:b1:1f:8a:18:d3:6b:ca:4e:cd:35:24:b1:
d5:52:bc:87:b9:52:02:94:f1:9b:2c:52:0f:61:38:
96:0e:ca:14:fc:3f:ce:c9:d6:cf:06:08:69:d7:d1:
3b:87:a2:09:6d:e8:d4:0f:ab:a2:c5:75:38:28:04:
26:3a:c8:d3:76:5c:74:d4:eb:fe:37:4c:e5:d9:99:
9d:7c:1d:b7:a3:37:91:5c:d9:44:05:fa:cb:96:5f:
ec:56:ec:30:cf:24:b2:91:c7:48:b0:e7:fa:2b:46:
ba:14:c9:0b:66:b7:ff:b7:dd:b3:4b:d2:fc:15:d8:
2d:09:52:45:24:3f:4f:a0:54:a8:38:3f:a9:9b:30:
d7:77:84:3f:b5:f0:c2:07:cd:82:36:e6:b9:2f:09:
03:2f:73:a6:2f:2e:0c:ca:4f:60:dc:c2:14:e1:65:
ae:34:dc:6a:40:88:8e:72:e8:92:b2:d8:e5:ec:b8:
ee:8f:24:6f:a5:4c:a8:84:e7:a6:14:f3:66:6a:be:
c5:16:08:52:90:db:48:dd:74:06:ee:07:0f:30:48:
96:6d:e4:6a:3f:1f:e7:3d:1e:6d:45:a8:d4:3b:36:
02:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F5:F7:10:8D:58:85:4C:7C:50:22:BF:64:FC:B3:C2:D2:45:FF:DC
X509v3 Authority Key Identifier:
keyid:FC:48:E6:50:6E:C6:D5:3C:59:15:DC:8F:29:64:44:85:DF:92:FC:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_EjmUG7G1TxZFdyPKWREhd-S_Ok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/3ab6cf-99cd-4ac4-9013-f5bee16ed3a7/1/O_X3EI1YhUx8UCK_ZPyzwtJF_9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/3ab6cf-99cd-4ac4-9013-f5bee16ed3a7/1/_EjmUG7G1TxZFdyPKWREhd-S_Ok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.68.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:e4:e7:13:5e:87:76:ca:64:ed:8d:92:c3:97:0c:d2:51:4c:
7e:cc:ac:7b:fe:9a:8f:2c:05:31:4f:eb:08:43:82:dd:75:30:
ae:34:f4:ef:e0:56:14:11:9d:2c:19:33:eb:fa:ff:1d:8f:38:
a3:ea:e7:15:6d:fa:19:ac:ea:83:98:3d:82:b2:ae:6b:aa:9f:
a7:f1:18:af:a7:ce:0f:40:3c:f3:98:ed:e5:c9:56:54:71:ab:
f7:be:78:6b:cc:2b:5e:5d:1d:52:de:10:15:9b:5d:6e:a2:d6:
35:be:30:2d:46:01:db:47:a1:03:c9:ff:ee:63:72:45:88:ef:
34:c6:4e:40:66:bb:20:64:b2:55:6a:bc:7a:a5:62:59:b9:8b:
22:e6:3c:bd:ad:7f:b1:01:a1:d8:ef:00:ce:cc:73:ba:c8:15:
4c:e0:62:ef:89:91:12:cc:70:96:99:e9:5c:6a:65:c7:0d:9b:
0c:28:26:26:b9:2e:b7:70:fa:bd:54:be:44:69:46:05:d7:db:
1e:de:98:15:69:18:1b:2d:58:d6:7c:19:46:ab:d8:bf:75:b7:
4f:39:e8:6f:d3:a6:d6:4a:f4:1e:91:34:8d:10:f3:11:9c:a4:
6c:7a:b1:1a:18:3c:6b:b3:14:1f:8d:d6:2c:ae:df:80:41:c3:
2c:88:87:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHIgyGmPuSeAZKNytHeuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNDhlNjUwNmVjNmQ1M2M1OTE1ZGM4ZjI5NjQ0NDg1ZGY5
MmZjZTkwHhcNMjMwMTAxMDY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY1ZjcxMDhkNTg4NTRjN2M1MDIyYmY2NGZjYjNjMmQyNDVmZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWb9aUTje64ZtmawIxt/Ru2HYXeL
XliIpPAoP959P++xH4oY02vKTs01JLHVUryHuVIClPGbLFIPYTiWDsoU/D/OydbP
Bghp19E7h6IJbejUD6uixXU4KAQmOsjTdlx01Ov+N0zl2ZmdfB23ozeRXNlEBfrL
ll/sVuwwzySykcdIsOf6K0a6FMkLZrf/t92zS9L8FdgtCVJFJD9PoFSoOD+pmzDX
d4Q/tfDCB82CNua5LwkDL3OmLy4Myk9g3MIU4WWuNNxqQIiOcuiSstjl7LjujyRv
pUyohOemFPNmar7FFghSkNtI3XQG7gcPMEiWbeRqPx/nPR5tRajUOzYCxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDv19xCNWIVMfFAiv2T8s8LSRf/cMB8GA1UdIwQY
MBaAFPxI5lBuxtU8WRXcjylkRIXfkvzpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0VqbVVHN0cxVHhaRmR5UEtXUkVoZC1TX09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8zYWI2Y2YtOTljZC00YWM0LTkwMTMt
ZjViZWUxNmVkM2E3LzEvT19YM0VJMVloVXg4VUNLX1pQeXp3dEpGXzl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8zYWI2Y2YtOTljZC00YWM0LTkwMTMtZjViZWUxNmVkM2E3
LzEvX0VqbVVHN0cxVHhaRmR5UEtXUkVoZC1TX09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xEMA0G
CSqGSIb3DQEBCwUAA4IBAQAs5OcTXod2ymTtjZLDlwzSUUx+zKx7/pqPLAUxT+sI
Q4LddTCuNPTv4FYUEZ0sGTPr+v8djzij6ucVbfoZrOqDmD2Csq5rqp+n8Rivp84P
QDzzmO3lyVZUcav3vnhrzCteXR1S3hAVm11uotY1vjAtRgHbR6EDyf/uY3JFiO80
xk5AZrsgZLJVarx6pWJZuYsi5jy9rX+xAaHY7wDOzHO6yBVM4GLviZESzHCWmelc
amXHDZsMKCYmuS63cPq9VL5EaUYF19se3pgVaRgbLVjWfBlGq9i/dbdPOehv06bW
SvQekTSNEPMRnKRserEaGDxrsxQfjdYsrt+AQcMsiId+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:05 2025 by rpki-client