Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/OhrY39SzRDBTsFLEzTSGsno-PSI.roa
File: OhrY39SzRDBTsFLEzTSGsno-PSI.roa (raw, json)
Hash identifier: c9NbzqlBwQexWU8JqIBGQ3pcbEmDKcXi51xonS110BA=
Subject key identifier: 3A:1A:D8:DF:D4:B3:44:30:53:B0:52:C4:CD:34:86:B2:7A:3E:3D:22
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 2457AC
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/OhrY39SzRDBTsFLEzTSGsno-PSI.roa
Signing time: Fri 25 Mar 2022 13:54:49 +0000
ROA not before: Fri 25 Mar 2022 13:54:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21485
IP address blocks: 91.231.153.0/24 maxlen: 24
2001:67c:15ec::/48 maxlen: 48
2a12:a4c0::/32 maxlen: 32
2a0a:3500::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2381740 (0x2457ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Mar 25 13:54:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a1ad8dfd4b3443053b052c4cd3486b27a3e3d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:87:c6:ec:bb:04:72:15:0d:69:34:e4:82:2f:
52:9e:bb:28:22:db:4b:2a:56:19:23:fc:dd:dc:ef:
bc:c8:6f:12:a6:93:1c:70:81:dc:fe:b4:1d:8c:cd:
02:b8:84:fc:f9:ab:00:95:09:75:c0:f4:44:ba:cf:
1e:6d:4f:7b:bb:17:21:e7:e1:5a:8c:8b:b2:2e:33:
75:57:5e:ac:ab:5d:45:bb:4f:ee:c0:3e:f5:34:f4:
75:6c:56:a6:dd:ae:6f:35:e9:d0:d0:9c:9a:de:c5:
d9:5c:a0:b8:ea:01:75:0a:80:7b:0d:67:d8:87:a9:
6a:11:f9:37:c7:32:0f:2d:c2:2d:b0:d8:c7:ac:66:
4f:d9:ec:ec:85:9e:3f:ae:22:d8:08:20:cf:18:69:
f1:b4:a3:a6:55:91:05:28:90:90:1c:da:11:78:76:
a5:2d:d1:49:84:0f:d3:f3:8f:be:28:be:05:50:66:
38:4d:5f:f9:9c:25:76:9d:e9:7f:56:44:8c:7c:ea:
10:2d:12:37:23:1e:1d:c1:c2:3a:4b:a7:e4:bb:dc:
7e:ff:5c:0d:31:72:b1:7d:a8:63:88:91:18:17:68:
bf:90:e9:0e:57:0b:b1:ab:d1:dd:70:ef:4d:77:29:
28:d9:f7:7a:32:44:ab:87:29:0c:68:33:88:cc:b4:
fe:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1A:D8:DF:D4:B3:44:30:53:B0:52:C4:CD:34:86:B2:7A:3E:3D:22
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/OhrY39SzRDBTsFLEzTSGsno-PSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.153.0/24
IPv6:
2001:67c:15ec::/48
2a0a:3500::/32
2a12:a4c0::/32
Signature Algorithm: sha256WithRSAEncryption
18:85:23:1c:cd:3a:86:1f:11:7d:06:77:f4:8b:e5:ab:e9:2e:
2b:fa:0a:f7:26:7c:20:f0:b6:99:eb:c1:31:0d:3c:b0:2d:9a:
61:d0:a7:11:de:db:ea:22:50:b6:49:33:8c:09:ca:c7:02:4c:
4f:80:ba:70:98:ae:17:95:a5:aa:3b:46:51:94:cd:e9:5d:ec:
8f:18:38:07:89:a4:8a:9e:17:c1:19:d3:4d:1b:62:ad:0f:1e:
96:bf:ea:ec:9e:66:92:98:7f:5c:8f:0f:e9:9f:2c:dc:29:a0:
3c:61:23:6a:1b:30:50:f2:d2:cc:ee:fa:f8:d7:dc:44:5d:ae:
9e:d4:85:ab:bb:2b:9c:a0:9e:1e:1e:6d:54:c5:12:2f:4d:25:
0b:9f:c0:9d:04:d2:72:54:ec:13:09:e9:4a:01:e0:2a:08:b0:
01:c2:76:b1:a3:b7:1d:cc:39:b5:82:07:42:eb:4a:cf:b6:c1:
62:20:b6:6a:f2:87:e0:8f:33:7b:b8:4d:1e:b3:d1:cc:8d:cb:
52:e9:2d:46:19:df:26:c8:b4:6d:23:86:57:30:f5:64:4e:72:
ef:e6:0f:05:f8:67:3d:8f:77:6e:da:c3:4e:45:9b:98:92:d4:
de:8a:3e:8e:33:d7:ab:e0:02:6f:73:aa:26:53:94:26:76:d7:
df:78:89:df
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIDJFesMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0NDg4NzgwHhcNMjIwMzI1
MTM1NDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYTFhZDhkZmQ0YjM0
NDMwNTNiMDUyYzRjZDM0ODZiMjdhM2UzZDIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoIfG7LsEchUNaTTkgi9SnrsoIttLKlYZI/zd3O+8yG8SppMc
cIHc/rQdjM0CuIT8+asAlQl1wPREus8ebU97uxch5+FajIuyLjN1V16sq11Fu0/u
wD71NPR1bFam3a5vNenQ0Jya3sXZXKC46gF1CoB7DWfYh6lqEfk3xzIPLcItsNjH
rGZP2ezshZ4/riLYCCDPGGnxtKOmVZEFKJCQHNoReHalLdFJhA/T84++KL4FUGY4
TV/5nCV2nel/VkSMfOoQLRI3Ix4dwcI6S6fku9x+/1wNMXKxfahjiJEYF2i/kOkO
Vwuxq9HdcO9Ndyko2fd6MkSrhykMaDOIzLT+1QIDAQABo4ICKDCCAiQwHQYDVR0O
BBYEFDoa2N/Us0QwU7BSxM00hrJ6Pj0iMB8GA1UdIwQYMBaAFKf9P4kzXc+Chmay
j62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEv
T2hyWTM5U3pSREJUc0ZMRXpUU0dzbm8tUFNJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8z
ODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEvcF8wX2lUTmR6NEtH
WnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD4G
CCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQAW+eZMB0EAgACMBcDBwAgAQZ8FewD
BQAqCjUAAwUAKhKkwDANBgkqhkiG9w0BAQsFAAOCAQEAGIUjHM06hh8RfQZ39Ivl
q+kuK/oK9yZ8IPC2mevBMQ08sC2aYdCnEd7b6iJQtkkzjAnKxwJMT4C6cJiuF5Wl
qjtGUZTN6V3sjxg4B4mkip4XwRnTTRtirQ8elr/q7J5mkph/XI8P6Z8s3CmgPGEj
ahswUPLSzO76+NfcRF2untSFq7srnKCeHh5tVMUSL00lC5/AnQTSclTsEwnpSgHg
KgiwAcJ2saO3Hcw5tYIHQutKz7bBYiC2avKH4I8ze7hNHrPRzI3LUuktRhnfJsi0
bSOGVzD1ZE5y7+YPBfhnPY93btrDTkWbmJLU3oo+jjPXq+ACb3OqJlOUJnbX33iJ
3w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:26 2023 by rpki-client on console-fra.rpki-client.org