Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/opspYzAKS13gohnzkqzx_gn3umI.roa
File: opspYzAKS13gohnzkqzx_gn3umI.roa (raw, json)
Hash identifier: fFX96wXRftzKcAs4e/bXh3BuYeAlA/6j8AfKf37oQ0I=
Subject key identifier: A2:9B:29:63:30:0A:4B:5D:E0:A2:19:F3:92:AC:F1:FE:09:F7:BA:62
Certificate issuer: /CN=8e57b1447642c14f11c04b641cf1d8de8adac784
Certificate serial: 055B2A56
Authority key identifier: 8E:57:B1:44:76:42:C1:4F:11:C0:4B:64:1C:F1:D8:DE:8A:DA:C7:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jlexRHZCwU8RwEtkHPHY3orax4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/opspYzAKS13gohnzkqzx_gn3umI.roa
Signing time: Fri 13 May 2022 07:49:02 +0000
ROA not before: Fri 13 May 2022 07:49:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205239
IP address blocks: 91.229.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89860694 (0x55b2a56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e57b1447642c14f11c04b641cf1d8de8adac784
Validity
Not Before: May 13 07:49:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a29b2963300a4b5de0a219f392acf1fe09f7ba62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7f:07:a1:38:59:da:a2:56:f3:9a:d1:1b:18:
c4:75:3c:24:d8:18:58:13:e3:25:f9:e5:be:c2:b4:
84:4d:4f:65:49:76:61:75:92:0e:db:c2:c6:52:6f:
25:82:78:86:e3:73:30:9f:5d:40:87:97:b3:c7:60:
77:5e:87:89:0d:03:88:06:9e:e7:ce:1a:c3:89:fb:
c2:15:78:91:e3:53:4d:a8:b5:b9:ea:2f:9e:ef:e9:
bb:ec:f5:b8:9f:1b:b5:f9:15:31:46:bd:6b:a5:03:
2a:d8:29:d7:1d:0d:18:d4:70:7c:77:72:78:b2:62:
70:59:b3:a9:2f:79:b2:c5:90:9d:a9:62:a1:45:eb:
3c:1b:42:51:ac:81:b2:c1:77:86:ea:9f:6f:22:9a:
69:a3:7e:d7:b0:e6:2f:b8:c6:b7:d1:96:25:2c:a0:
1a:67:1a:9a:10:f8:c6:ff:4c:62:b5:ca:03:42:81:
b8:61:0d:76:12:60:f0:d7:53:dd:65:22:a1:a5:ad:
df:c4:c3:83:83:3f:8e:ce:ff:26:46:fb:32:8c:a2:
5b:95:7e:0f:35:63:7d:bd:cd:e0:c6:91:12:5c:8b:
99:8e:3b:7b:d4:f1:8b:d6:c6:d1:5a:fa:94:22:46:
6e:14:cb:70:d4:a1:ad:1d:9e:10:4d:05:25:57:38:
dc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9B:29:63:30:0A:4B:5D:E0:A2:19:F3:92:AC:F1:FE:09:F7:BA:62
X509v3 Authority Key Identifier:
keyid:8E:57:B1:44:76:42:C1:4F:11:C0:4B:64:1C:F1:D8:DE:8A:DA:C7:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jlexRHZCwU8RwEtkHPHY3orax4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/opspYzAKS13gohnzkqzx_gn3umI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/jlexRHZCwU8RwEtkHPHY3orax4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.101.0/24
Signature Algorithm: sha256WithRSAEncryption
40:9d:09:41:cd:5c:3a:5d:d7:a5:33:90:b1:5d:e6:0e:dd:bd:
bf:75:8e:14:72:93:63:2d:03:4c:dc:1e:fa:10:f2:fd:e4:c1:
03:db:00:09:0c:fa:db:70:be:8f:b7:37:f7:86:93:c8:1a:a6:
15:ac:be:25:8e:df:8c:fb:b3:8f:d6:fb:96:d7:49:36:41:34:
47:4e:1a:58:6b:d9:3b:3f:3b:38:15:b8:7f:86:99:85:f3:af:
42:18:a4:13:f5:18:b4:23:cb:8a:2d:d1:67:2c:8d:2a:30:71:
a3:a3:c4:e1:ef:f9:18:a4:41:ba:e8:d5:4a:dd:5f:cd:62:a2:
49:1d:64:cf:ff:0e:0b:62:6d:8c:e5:b3:a5:8a:67:a2:97:a4:
cc:84:3d:06:62:35:0d:0b:99:1c:f4:ae:cc:99:f5:b3:7f:f6:
45:c3:85:59:12:9c:fd:d4:ec:0c:4f:9d:7b:33:8a:b4:1a:54:
16:64:91:0a:ba:fb:5d:cd:08:46:8b:d7:6a:e6:d8:ad:c2:8f:
1c:92:ac:6c:cd:41:51:dd:c6:34:2f:0a:f4:eb:3a:77:57:b5:
38:1f:ea:7e:96:74:80:28:20:80:5d:98:4a:14:01:c9:5b:92:
67:d1:0b:2c:d0:4b:67:30:d2:42:7f:40:dc:b9:d1:6b:ce:80:
2f:0c:89:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBVsqVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTU3YjE0NDc2NDJjMTRmMTFjMDRiNjQxY2YxZDhkZThhZGFjNzg0MB4XDTIyMDUx
MzA3NDkwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI5YjI5NjMzMDBh
NGI1ZGUwYTIxOWYzOTJhY2YxZmUwOWY3YmE2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALF/B6E4WdqiVvOa0RsYxHU8JNgYWBPjJfnlvsK0hE1PZUl2
YXWSDtvCxlJvJYJ4huNzMJ9dQIeXs8dgd16HiQ0DiAae584aw4n7whV4keNTTai1
ueovnu/pu+z1uJ8btfkVMUa9a6UDKtgp1x0NGNRwfHdyeLJicFmzqS95ssWQnali
oUXrPBtCUayBssF3huqfbyKaaaN+17DmL7jGt9GWJSygGmcamhD4xv9MYrXKA0KB
uGENdhJg8NdT3WUioaWt38TDg4M/js7/Jkb7MoyiW5V+DzVjfb3N4MaRElyLmY47
e9Txi9bG0Vr6lCJGbhTLcNShrR2eEE0FJVc43IMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSimyljMApLXeCiGfOSrPH+Cfe6YjAfBgNVHSMEGDAWgBSOV7FEdkLBTxHA
S2Qc8djeitrHhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2psZXhSSFpDd1U4UndFdGtIUEhZM29yYXg0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvZTFjN2M5LWNjODAtNDVkNy1hNmQ4LWFmMzM0YTBhMWU5My8x
L29wc3BZekFLUzEzZ29obnprcXp4X2duM3VtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
ZTFjN2M5LWNjODAtNDVkNy1hNmQ4LWFmMzM0YTBhMWU5My8xL2psZXhSSFpDd1U4
UndFdGtIUEhZM29yYXg0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvlZTANBgkqhkiG9w0BAQsFAAOC
AQEAQJ0JQc1cOl3XpTOQsV3mDt29v3WOFHKTYy0DTNwe+hDy/eTBA9sACQz623C+
j7c394aTyBqmFay+JY7fjPuzj9b7ltdJNkE0R04aWGvZOz87OBW4f4aZhfOvQhik
E/UYtCPLii3RZyyNKjBxo6PE4e/5GKRBuujVSt1fzWKiSR1kz/8OC2JtjOWzpYpn
opekzIQ9BmI1DQuZHPSuzJn1s3/2RcOFWRKc/dTsDE+dezOKtBpUFmSRCrr7Xc0I
RovXaubYrcKPHJKsbM1BUd3GNC8K9Os6d1e1OB/qfpZ0gCgggF2YShQByVuSZ9EL
LNBLZzDSQn9A3LnRa86ALwyJ2A==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:13:53 2025 by rpki-client