Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fdb641-d1a3-4dda-bf91-be7c828c3693/1/OPC8XMa86UPKrP_oimBLy_cVMgg.roa
File: OPC8XMa86UPKrP_oimBLy_cVMgg.roa (raw, json)
Hash identifier: kk/aDqRx6hd6FqeVVaD+KztpYDdR+g9pw7Dpdr+9es4=
Subject key identifier: 38:F0:BC:5C:C6:BC:E9:43:CA:AC:FF:E8:8A:60:4B:CB:F7:15:32:08
Certificate issuer: /CN=c9e0e4c9acbf701f930149b325ce042cf9f92a59
Certificate serial: 9C2E9F
Authority key identifier: C9:E0:E4:C9:AC:BF:70:1F:93:01:49:B3:25:CE:04:2C:F9:F9:2A:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yeDkyay_cB-TAUmzJc4ELPn5Klk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fdb641-d1a3-4dda-bf91-be7c828c3693/1/OPC8XMa86UPKrP_oimBLy_cVMgg.roa
Signing time: Tue 25 Jan 2022 21:20:42 +0000
ROA not before: Tue 25 Jan 2022 21:20:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 91.213.126.0/24 maxlen: 24
2a12:7280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10235551 (0x9c2e9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9e0e4c9acbf701f930149b325ce042cf9f92a59
Validity
Not Before: Jan 25 21:20:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38f0bc5cc6bce943caacffe88a604bcbf7153208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a4:30:01:fa:a0:69:05:43:80:57:b9:94:79:
88:54:a8:72:e5:d5:c4:2e:85:de:9a:6c:34:32:df:
d8:ed:bf:53:fb:df:ed:0f:71:41:e0:0b:09:ed:42:
87:c2:9e:dc:3f:57:31:4f:ca:ef:00:72:d3:9a:a3:
7f:95:66:b8:5b:1a:44:ac:54:0a:4c:77:d4:68:b1:
18:09:ed:55:81:f3:1d:5a:e8:a5:f7:a6:52:c0:c1:
3a:d7:03:0d:9a:3e:90:fa:a6:f9:1e:5a:85:f5:b6:
34:19:08:a7:28:40:e7:80:0e:d1:9d:e8:39:ec:8d:
ad:dc:34:ce:64:43:91:bf:b8:64:b8:28:71:9a:45:
6c:7d:5f:c9:6a:8d:5f:be:31:21:9d:24:4a:9c:a5:
8c:fb:13:dc:58:8f:4c:7f:fb:02:11:8d:7e:96:fa:
cb:9f:aa:61:ad:b2:30:1e:3c:e7:e7:28:b0:8e:24:
5a:14:fe:7d:a1:fe:49:2d:69:de:7a:56:eb:34:00:
79:39:0f:b4:43:00:21:38:04:95:79:99:76:b5:c3:
dc:00:ae:bc:ac:a1:d2:8b:1d:6f:b5:e4:73:84:2d:
a5:9f:b8:e7:47:44:80:ec:0b:2c:9a:e7:6f:23:b7:
19:29:1d:25:9b:4d:58:f9:c2:b8:1b:04:55:29:f0:
00:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F0:BC:5C:C6:BC:E9:43:CA:AC:FF:E8:8A:60:4B:CB:F7:15:32:08
X509v3 Authority Key Identifier:
keyid:C9:E0:E4:C9:AC:BF:70:1F:93:01:49:B3:25:CE:04:2C:F9:F9:2A:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yeDkyay_cB-TAUmzJc4ELPn5Klk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fdb641-d1a3-4dda-bf91-be7c828c3693/1/OPC8XMa86UPKrP_oimBLy_cVMgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fdb641-d1a3-4dda-bf91-be7c828c3693/1/yeDkyay_cB-TAUmzJc4ELPn5Klk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.126.0/24
IPv6:
2a12:7280::/29
Signature Algorithm: sha256WithRSAEncryption
b0:07:2e:5c:ad:6d:b9:b5:18:54:e7:b1:7a:5f:3d:ce:88:89:
b9:b6:17:c0:f0:bc:42:5a:05:68:4c:40:9a:04:0d:cd:00:de:
cc:68:5b:b3:3e:36:b1:a0:21:dd:2d:39:2e:95:93:20:29:50:
3a:5c:17:d3:8e:06:df:03:e7:13:df:06:99:ae:2b:1b:fb:1b:
d8:4d:d4:f0:bc:79:3b:33:84:11:46:93:9e:6a:b4:77:c8:ba:
f2:37:8d:1b:f0:18:bd:4a:97:ce:13:6d:4c:12:28:a8:ea:4b:
a4:e4:71:c7:12:68:33:44:b8:ee:07:c2:09:ad:ea:06:da:12:
f7:be:0e:12:fd:14:27:d5:42:dc:a9:92:ed:4f:a4:31:90:bf:
03:61:8b:35:d8:b1:da:7d:cd:ca:f5:3e:74:0b:1e:ba:17:69:
49:4a:ea:2a:07:a0:b1:57:f9:6e:3f:05:0b:c3:d3:49:5d:52:
0d:9b:a7:69:7b:d4:50:07:b6:ac:b9:4f:0b:29:59:40:44:65:
6c:5c:c7:2b:d5:a6:e8:21:38:f1:e6:90:89:5d:b3:0c:a6:e2:
ab:01:92:93:1e:3d:d9:2f:1e:c5:52:f9:14:46:ff:81:0e:fc:
51:5e:f6:3c:c4:22:b9:5f:c6:37:74:f5:d8:91:45:f9:46:39:
6e:26:49:2d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAJwunzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWUwZTRjOWFjYmY3MDFmOTMwMTQ5YjMyNWNlMDQyY2Y5ZjkyYTU5MB4XDTIyMDEy
NTIxMjA0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzhmMGJjNWNjNmJj
ZTk0M2NhYWNmZmU4OGE2MDRiY2JmNzE1MzIwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2kMAH6oGkFQ4BXuZR5iFSocuXVxC6F3ppsNDLf2O2/U/vf
7Q9xQeALCe1Ch8Ke3D9XMU/K7wBy05qjf5VmuFsaRKxUCkx31GixGAntVYHzHVro
pfemUsDBOtcDDZo+kPqm+R5ahfW2NBkIpyhA54AO0Z3oOeyNrdw0zmRDkb+4ZLgo
cZpFbH1fyWqNX74xIZ0kSpyljPsT3FiPTH/7AhGNfpb6y5+qYa2yMB485+cosI4k
WhT+faH+SS1p3npW6zQAeTkPtEMAITgElXmZdrXD3ACuvKyh0osdb7Xkc4QtpZ+4
50dEgOwLLJrnbyO3GSkdJZtNWPnCuBsEVSnwALMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ48LxcxrzpQ8qs/+iKYEvL9xUyCDAfBgNVHSMEGDAWgBTJ4OTJrL9wH5MB
SbMlzgQs+fkqWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3llRGt5YXlfY0ItVEFVbXpKYzRFTFBuNUtsay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvZmRiNjQxLWQxYTMtNGRkYS1iZjkxLWJlN2M4MjhjMzY5My8x
L09QQzhYTWE4NlVQS3JQX29pbUJMeV9jVk1nZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
ZmRiNjQxLWQxYTMtNGRkYS1iZjkxLWJlN2M4MjhjMzY5My8xL3llRGt5YXlfY0It
VEFVbXpKYzRFTFBuNUtsay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvVfjANBAIAAjAHAwUDKhJygDAN
BgkqhkiG9w0BAQsFAAOCAQEAsAcuXK1tubUYVOexel89zoiJubYXwPC8QloFaExA
mgQNzQDezGhbsz42saAh3S05LpWTIClQOlwX044G3wPnE98Gma4rG/sb2E3U8Lx5
OzOEEUaTnmq0d8i68jeNG/AYvUqXzhNtTBIoqOpLpORxxxJoM0S47gfCCa3qBtoS
974OEv0UJ9VC3KmS7U+kMZC/A2GLNdix2n3NyvU+dAseuhdpSUrqKgegsVf5bj8F
C8PTSV1SDZunaXvUUAe2rLlPCylZQERlbFzHK9Wm6CE48eaQiV2zDKbiqwGSkx49
2S8exVL5FEb/gQ78UV72PMQiuV/GN3T12JFF+UY5biZJLQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:08 2023 by rpki-client on console-fra.rpki-client.org