Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/O5ja5nYs8YWo7T_uTcLmUyXwD7s.roa
File: O5ja5nYs8YWo7T_uTcLmUyXwD7s.roa (raw, json)
Hash identifier: n1cjhmWylqIpEKI/8Y8/S31iDq7ypplVYwZe8Vyk1lc=
Subject key identifier: 3B:98:DA:E6:76:2C:F1:85:A8:ED:3F:EE:4D:C2:E6:53:25:F0:0F:BB
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 067724E2
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/O5ja5nYs8YWo7T_uTcLmUyXwD7s.roa
Signing time: Fri 28 Jan 2022 00:18:17 +0000
ROA not before: Fri 28 Jan 2022 00:18:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59729
IP address blocks: 91.215.152.0/24 maxlen: 24
91.215.154.0/24 maxlen: 24
2001:67c:2f4c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108471522 (0x67724e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Jan 28 00:18:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b98dae6762cf185a8ed3fee4dc2e65325f00fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:77:72:92:26:5c:30:d1:1c:e3:fc:65:16:5f:
ae:7b:4f:ea:1c:bd:09:a3:a3:69:6b:6f:c9:d8:49:
0f:48:2d:94:f0:d9:2c:d7:27:5f:0d:fc:ff:c3:70:
12:4f:78:50:25:c8:28:ef:70:8f:59:57:30:bc:ee:
cb:e7:e1:de:f6:3d:50:82:8c:8a:9f:a5:27:25:3c:
d4:e1:f3:61:b4:e0:4a:7c:7a:4c:67:71:de:94:36:
fe:2d:9f:5e:48:6e:19:d3:05:55:3f:90:ad:df:8d:
e4:a0:8b:40:98:44:34:e2:69:4d:b8:bf:2c:42:98:
d6:dd:fb:de:75:94:c8:96:77:0d:42:1b:52:d4:7c:
5c:24:08:eb:6e:bf:97:c4:30:42:de:fe:51:ac:ba:
fa:5d:9e:46:a0:75:8e:cc:66:7b:08:31:33:54:bc:
82:ed:5a:8c:c2:79:df:9f:37:a0:94:fe:c4:47:17:
35:16:38:62:97:21:24:e0:2e:38:20:ab:6f:60:28:
6e:8f:a9:8f:78:c1:36:50:9f:ea:25:80:8d:cf:b5:
a5:0e:6c:e7:63:8c:1c:4a:01:29:53:0c:4c:ef:b0:
83:29:03:6d:44:0c:97:87:fc:84:19:f3:38:49:cd:
56:8c:f8:2e:6c:e0:51:48:1c:c6:b0:c8:c3:63:65:
c5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:98:DA:E6:76:2C:F1:85:A8:ED:3F:EE:4D:C2:E6:53:25:F0:0F:BB
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/O5ja5nYs8YWo7T_uTcLmUyXwD7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.152.0/24
91.215.154.0/24
IPv6:
2001:67c:2f4c::/48
Signature Algorithm: sha256WithRSAEncryption
55:9b:bd:ff:bb:cf:a8:e9:b6:08:d5:73:13:14:a4:4b:91:07:
28:f5:21:c0:c4:80:fa:23:76:fc:b9:b5:73:af:8f:1b:d3:c5:
67:2f:89:f9:16:66:00:0d:db:02:c8:03:88:4e:95:44:f0:87:
65:6c:dd:fd:ab:21:9d:d5:f1:af:6c:cd:46:84:b2:df:a2:d1:
c5:ed:1d:96:77:55:44:c6:dd:06:74:a2:70:bf:ff:32:ab:4c:
20:fd:eb:ac:70:54:9f:2d:30:bc:36:d1:1a:67:cc:36:c8:68:
0d:e1:e9:52:c9:cc:b2:e4:a8:66:6c:43:f7:5d:2f:30:03:32:
3c:12:7e:8c:10:d0:80:e4:23:bb:2c:ad:2a:61:a7:e8:80:4c:
c1:28:3c:a8:c4:31:f9:78:17:07:be:3e:63:79:5c:69:31:90:
e8:8e:0b:b9:48:5b:4a:ad:3c:66:f2:54:bb:2a:81:95:d5:4e:
7c:0d:58:df:0a:45:f9:94:ac:36:7a:2b:ad:60:9a:b9:5e:9a:
05:27:56:e1:3f:d8:72:c8:f7:88:7b:3b:73:97:67:6c:2b:bb:
db:66:f9:ac:bc:63:56:6e:11:3c:f8:1b:e0:60:0c:28:9b:cc:
6b:10:19:90:3b:00:2f:0d:c2:33:e5:ff:47:a4:cf:e8:64:e6:
d1:2a:88:f3
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEBnck4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZmNjZGZmZGE2YTRjNDg5MTRiNWU4Y2RlN2RhNWQ4MjBiOWM5NzE4MB4XDTIyMDEy
ODAwMTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2I5OGRhZTY3NjJj
ZjE4NWE4ZWQzZmVlNGRjMmU2NTMyNWYwMGZiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKB3cpImXDDRHOP8ZRZfrntP6hy9CaOjaWtvydhJD0gtlPDZ
LNcnXw38/8NwEk94UCXIKO9wj1lXMLzuy+fh3vY9UIKMip+lJyU81OHzYbTgSnx6
TGdx3pQ2/i2fXkhuGdMFVT+Qrd+N5KCLQJhENOJpTbi/LEKY1t373nWUyJZ3DUIb
UtR8XCQI626/l8QwQt7+Uay6+l2eRqB1jsxmewgxM1S8gu1ajMJ53583oJT+xEcX
NRY4YpchJOAuOCCrb2Aobo+pj3jBNlCf6iWAjc+1pQ5s52OMHEoBKVMMTO+wgykD
bUQMl4f8hBnzOEnNVoz4LmzgUUgcxrDIw2NlxTUCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQ7mNrmdizxhajtP+5NwuZTJfAPuzAfBgNVHSMEGDAWgBRvzN/9pqTEiRS1
6M3n2l2CC5yXGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I4emZfYWFreElrVXRlak41OXBkZ2d1Y2x4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvY2IwMTUzLTgwM2EtNGJiNi1iMTlkLWE3NzRlNDFkMjY0Yy8x
L081amE1bllzOFlXbzdUX3VUY0xtVXlYd0Q3cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
Y2IwMTUzLTgwM2EtNGJiNi1iMTlkLWE3NzRlNDFkMjY0Yy8xL2I4emZfYWFreElr
VXRlak41OXBkZ2d1Y2x4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAFvXmAMEAFvXmjAPBAIAAjAJAwcA
IAEGfC9MMA0GCSqGSIb3DQEBCwUAA4IBAQBVm73/u8+o6bYI1XMTFKRLkQco9SHA
xID6I3b8ubVzr48b08VnL4n5FmYADdsCyAOITpVE8IdlbN39qyGd1fGvbM1GhLLf
otHF7R2Wd1VExt0GdKJwv/8yq0wg/euscFSfLTC8NtEaZ8w2yGgN4elSycyy5Khm
bEP3XS8wAzI8En6MENCA5CO7LK0qYafogEzBKDyoxDH5eBcHvj5jeVxpMZDojgu5
SFtKrTxm8lS7KoGV1U58DVjfCkX5lKw2eiutYJq5XpoFJ1bhP9hyyPeIeztzl2ds
K7vbZvmsvGNWbhE8+BvgYAwom8xrEBmQOwAvDcIz5f9HpM/oZObRKojz
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:27 2025 by rpki-client