Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OVOtGFmI6icGgX709SZWB3dw0l0.roa
File: OVOtGFmI6icGgX709SZWB3dw0l0.roa (raw, json)
Hash identifier: mQ7Hkif1v+ijIMQ3AzJdn56qGHncYh2J5ksfDzamaO0=
Subject key identifier: 39:53:AD:18:59:88:EA:27:06:81:7E:F4:F5:26:56:07:77:70:D2:5D
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01845DB1776BC8E49E1BD80B34F3FEDDE555
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OVOtGFmI6icGgX709SZWB3dw0l0.roa
Signing time: Wed 09 Nov 2022 18:40:22 +0000
ROA not before: Wed 09 Nov 2022 18:40:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205220
IP address blocks: 91.186.216.0/22 maxlen: 24
91.186.220.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5d:b1:77:6b:c8:e4:9e:1b:d8:0b:34:f3:fe:dd:e5:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 9 18:40:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3953ad185988ea2706817ef4f52656077770d25d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:90:70:8e:00:d9:33:e4:3e:93:af:3e:bd:e1:
db:b4:82:5b:a8:e7:ea:60:55:02:09:30:fc:88:40:
8d:a3:be:07:32:0a:27:b2:94:9d:0e:60:e4:17:37:
a2:e6:b7:c3:f0:39:45:42:c6:8e:3c:47:04:cd:13:
dd:81:ed:31:3b:4e:2b:1c:a4:33:5c:93:53:41:46:
e8:37:ac:55:89:c0:9f:7f:94:2e:b9:c7:26:15:69:
2c:ba:38:fe:97:a2:83:9f:0d:1a:9d:bd:d7:a5:07:
6f:37:2f:de:c1:c5:f8:43:0d:7c:66:81:70:4e:86:
cf:a4:15:56:83:05:2c:21:24:83:42:47:d3:75:3e:
35:04:ba:5c:02:e7:46:eb:25:47:cb:5b:ea:13:b0:
c0:c0:a3:8a:e0:6c:f9:2f:8d:eb:6c:ba:36:29:60:
00:e1:ca:93:ae:8c:60:a5:a9:0e:85:90:99:87:61:
94:72:85:77:d9:e8:1f:4a:ab:06:8e:65:c7:8a:c7:
9c:5d:da:71:ee:d0:2d:83:9f:23:0f:68:62:e2:b8:
63:e8:ea:41:c5:a1:3b:5f:c0:9f:4f:e7:e5:59:f3:
15:be:f4:06:87:3b:c0:49:d4:eb:73:4a:2c:bc:92:
51:a9:1b:a4:45:9e:70:d4:47:7e:88:3a:5c:9a:5e:
b0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:53:AD:18:59:88:EA:27:06:81:7E:F4:F5:26:56:07:77:70:D2:5D
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OVOtGFmI6icGgX709SZWB3dw0l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.186.216.0/21
Signature Algorithm: sha256WithRSAEncryption
53:94:53:49:45:bb:27:c4:90:75:d6:6a:36:f5:e8:13:67:0a:
01:d0:65:56:be:21:2c:12:d1:4f:7f:66:4c:47:4d:59:0f:82:
87:90:0d:5b:67:75:3b:fa:c1:b3:89:43:0c:db:dd:88:d5:3e:
dd:3f:4e:a2:aa:e4:c2:fd:3d:cf:f2:3f:68:31:37:55:7f:0a:
9c:a1:0d:0d:fb:b5:2d:8e:8f:94:02:70:4f:55:3c:50:4f:eb:
c2:32:be:58:92:91:40:e3:2e:33:18:3a:c1:fb:42:4d:fc:e9:
03:f2:9e:88:31:b5:cc:83:1e:8b:0c:f4:d0:5f:59:ac:79:4c:
de:00:7c:24:bb:72:95:69:25:ea:17:75:53:3d:f8:7e:e0:76:
28:c1:6d:40:b0:69:59:ae:4e:41:fd:6b:ac:16:1a:43:f8:f3:
31:eb:77:b3:f1:e9:78:09:a6:9d:62:4d:d6:25:5f:3f:bc:ee:
42:17:f8:7f:08:b1:d8:9a:d7:b0:96:9e:bd:a5:af:cb:60:54:
7d:56:1c:e9:c2:ab:2a:ef:e0:95:e1:b4:bd:47:f1:74:92:e3:
dc:9c:b9:f7:23:00:d1:67:3e:cf:31:ee:b8:20:db:b3:2c:8c:
b8:9d:93:00:a3:e5:db:7d:23:4d:e2:29:e0:03:ed:fa:0e:86:
96:7a:a9:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRdsXdryOSeG9gLNPP+3eVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIxMTA5MTg0MDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTUzYWQxODU5ODhlYTI3MDY4MTdlZjRmNTI2NTYwNzc3NzBkMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZBwjgDZM+Q+k68+veHbtIJbqOfq
YFUCCTD8iECNo74HMgonspSdDmDkFzei5rfD8DlFQsaOPEcEzRPdge0xO04rHKQz
XJNTQUboN6xVicCff5QuuccmFWksujj+l6KDnw0anb3XpQdvNy/ewcX4Qw18ZoFw
TobPpBVWgwUsISSDQkfTdT41BLpcAudG6yVHy1vqE7DAwKOK4Gz5L43rbLo2KWAA
4cqTroxgpakOhZCZh2GUcoV32egfSqsGjmXHisecXdpx7tAtg58jD2hi4rhj6OpB
xaE7X8CfT+flWfMVvvQGhzvASdTrc0osvJJRqRukRZ5w1Ed+iDpcml6wAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlTrRhZiOonBoF+9PUmVgd3cNJdMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvT1ZPdEdGbUk2aWNHZ1g3MDlTWldCM2R3MGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW7rYMA0G
CSqGSIb3DQEBCwUAA4IBAQBTlFNJRbsnxJB11mo29egTZwoB0GVWviEsEtFPf2ZM
R01ZD4KHkA1bZ3U7+sGziUMM292I1T7dP06iquTC/T3P8j9oMTdVfwqcoQ0N+7Ut
jo+UAnBPVTxQT+vCMr5YkpFA4y4zGDrB+0JN/OkD8p6IMbXMgx6LDPTQX1mseUze
AHwku3KVaSXqF3VTPfh+4HYowW1AsGlZrk5B/WusFhpD+PMx63ez8el4CaadYk3W
JV8/vO5CF/h/CLHYmtewlp69pa/LYFR9Vhzpwqsq7+CV4bS9R/F0kuPcnLn3IwDR
Zz7PMe64INuzLIy4nZMAo+XbfSNN4ingA+36DoaWeqkh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:38 2023 by rpki-client on console-ams.rpki-client.org