Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/3ae541-57f4-4466-91d5-02a3be4773a3/1/OksBpqBIFe5CXiqL7h0zs3lrUmo.roa
File: OksBpqBIFe5CXiqL7h0zs3lrUmo.roa (raw, json)
Hash identifier: H6o9OnF0uy1Gk0rqW5OyCfM2GMztWhwlUEuP0k+UlxE=
Subject key identifier: 3A:4B:01:A6:A0:48:15:EE:42:5E:2A:8B:EE:1D:33:B3:79:6B:52:6A
Certificate issuer: /CN=4d6165e4f1813e4b3f5c48720631c7cc0b2374d2
Certificate serial: 0182014B5349B66BCB5725A77E040C264579
Authority key identifier: 4D:61:65:E4:F1:81:3E:4B:3F:5C:48:72:06:31:C7:CC:0B:23:74:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TWFl5PGBPks_XEhyBjHHzAsjdNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/3ae541-57f4-4466-91d5-02a3be4773a3/1/OksBpqBIFe5CXiqL7h0zs3lrUmo.roa
Signing time: Fri 15 Jul 2022 09:58:09 +0000
ROA not before: Fri 15 Jul 2022 09:58:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196837
IP address blocks: 91.223.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:4b:53:49:b6:6b:cb:57:25:a7:7e:04:0c:26:45:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d6165e4f1813e4b3f5c48720631c7cc0b2374d2
Validity
Not Before: Jul 15 09:58:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a4b01a6a04815ee425e2a8bee1d33b3796b526a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cb:bd:3e:3b:dc:bf:8d:a7:c7:83:c6:5d:4e:
c0:0a:ef:94:40:ab:73:da:42:7b:38:f4:74:7f:98:
dc:04:c8:3a:cf:43:9f:2e:0d:b1:ad:7f:f1:e9:22:
5f:ff:00:1b:61:93:20:14:81:1f:87:7f:34:65:83:
9b:06:00:50:9f:df:29:32:6b:d9:cb:94:20:d7:97:
9f:cf:78:d7:c0:42:d1:b1:51:03:a6:ca:e4:ca:a0:
29:5a:eb:15:b4:9e:40:cc:13:f5:10:de:5f:e4:3e:
5e:33:52:d5:85:f8:3a:63:c8:a8:ee:5b:e7:99:57:
35:44:37:74:e7:97:01:92:9d:4b:95:dd:69:cc:1c:
47:0a:dc:fe:0b:8a:f4:99:45:4e:9a:9a:f2:6d:9e:
59:99:53:4d:56:3e:3b:45:a8:76:17:ba:71:b2:b6:
8b:bc:9b:48:b7:82:3f:e4:45:8e:e4:54:2f:05:cb:
5b:ea:72:72:28:aa:3a:b7:9c:ff:73:39:20:60:db:
33:0f:10:a6:91:ca:a4:f4:78:55:9b:5b:10:49:60:
bb:36:44:4d:22:f4:49:8c:a8:8c:b4:44:20:34:fc:
80:08:00:52:64:53:12:13:9d:d0:c8:6b:97:c6:df:
1e:40:93:53:97:5f:01:46:de:a9:a8:83:77:98:a8:
ca:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4B:01:A6:A0:48:15:EE:42:5E:2A:8B:EE:1D:33:B3:79:6B:52:6A
X509v3 Authority Key Identifier:
keyid:4D:61:65:E4:F1:81:3E:4B:3F:5C:48:72:06:31:C7:CC:0B:23:74:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TWFl5PGBPks_XEhyBjHHzAsjdNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3ae541-57f4-4466-91d5-02a3be4773a3/1/OksBpqBIFe5CXiqL7h0zs3lrUmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3ae541-57f4-4466-91d5-02a3be4773a3/1/TWFl5PGBPks_XEhyBjHHzAsjdNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.80.0/24
Signature Algorithm: sha256WithRSAEncryption
72:67:57:39:91:b2:64:6c:01:0f:6d:1e:01:0e:49:b2:2d:57:
83:2c:cc:5c:57:9d:d1:d3:87:df:71:5a:99:ab:ba:48:42:c8:
94:81:0e:eb:5e:ac:da:63:67:90:38:57:9a:d2:61:4d:0f:02:
8f:cf:0d:12:89:c6:11:73:c3:e6:0d:5f:c9:62:71:36:9e:11:
f2:8f:dc:8f:fd:bc:e2:0c:e3:83:bc:7b:a8:3f:d5:ae:fa:a2:
ad:3b:eb:7a:5a:c0:14:8a:65:bf:6e:b6:ea:99:4a:f9:7c:1c:
80:9d:55:df:c6:66:4d:fe:ae:11:43:f7:d1:ac:60:5a:44:62:
d4:3b:67:7c:8e:9d:47:53:70:08:00:0d:f8:01:d2:38:44:b5:
c4:fd:29:18:a4:a2:e1:4e:96:6a:91:84:ed:6c:e2:d1:3e:21:
58:96:65:d8:07:6f:e8:21:1e:3c:c2:e3:c1:7a:21:cc:b2:21:
9f:67:4d:a8:75:2a:ab:4a:30:0f:79:41:bf:d2:99:80:b3:8a:
47:15:fc:9d:e5:20:8e:f9:b9:d3:9b:f4:bb:a7:25:c9:ad:b0:
22:f1:5a:4d:00:97:44:b9:0e:fc:c2:a9:ad:b2:02:ac:07:38:
19:34:1e:1a:a5:33:1e:1d:48:bc:72:d1:0d:18:7a:1f:a1:69:
1b:d4:65:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIBS1NJtmvLVyWnfgQMJkV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNjE2NWU0ZjE4MTNlNGIzZjVjNDg3MjA2MzFjN2NjMGIy
Mzc0ZDIwHhcNMjIwNzE1MDk1ODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTRiMDFhNmEwNDgxNWVlNDI1ZTJhOGJlZTFkMzNiMzc5NmI1MjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMu9Pjvcv42nx4PGXU7ACu+UQKtz
2kJ7OPR0f5jcBMg6z0OfLg2xrX/x6SJf/wAbYZMgFIEfh380ZYObBgBQn98pMmvZ
y5Qg15efz3jXwELRsVEDpsrkyqApWusVtJ5AzBP1EN5f5D5eM1LVhfg6Y8io7lvn
mVc1RDd055cBkp1Lld1pzBxHCtz+C4r0mUVOmprybZ5ZmVNNVj47Rah2F7pxsraL
vJtIt4I/5EWO5FQvBctb6nJyKKo6t5z/czkgYNszDxCmkcqk9HhVm1sQSWC7NkRN
IvRJjKiMtEQgNPyACABSZFMSE53QyGuXxt8eQJNTl18BRt6pqIN3mKjKMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpLAaagSBXuQl4qi+4dM7N5a1JqMB8GA1UdIwQY
MBaAFE1hZeTxgT5LP1xIcgYxx8wLI3TSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFdGbDVQR0JQa3NfWEVoeUJqSEh6QXNqZE5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zYWU1NDEtNTdmNC00NDY2LTkxZDUt
MDJhM2JlNDc3M2EzLzEvT2tzQnBxQklGZTVDWGlxTDdoMHpzM2xyVW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zYWU1NDEtNTdmNC00NDY2LTkxZDUtMDJhM2JlNDc3M2Ez
LzEvVFdGbDVQR0JQa3NfWEVoeUJqSEh6QXNqZE5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW99QMA0G
CSqGSIb3DQEBCwUAA4IBAQByZ1c5kbJkbAEPbR4BDkmyLVeDLMxcV53R04ffcVqZ
q7pIQsiUgQ7rXqzaY2eQOFea0mFNDwKPzw0SicYRc8PmDV/JYnE2nhHyj9yP/bzi
DOODvHuoP9Wu+qKtO+t6WsAUimW/brbqmUr5fByAnVXfxmZN/q4RQ/fRrGBaRGLU
O2d8jp1HU3AIAA34AdI4RLXE/SkYpKLhTpZqkYTtbOLRPiFYlmXYB2/oIR48wuPB
eiHMsiGfZ02odSqrSjAPeUG/0pmAs4pHFfyd5SCO+bnTm/S7pyXJrbAi8VpNAJdE
uQ78wqmtsgKsBzgZNB4apTMeHUi8ctENGHofoWkb1GUz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:06 2024 by rpki-client on console-ams.rpki-client.org