Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/OEwvfa4H3CL4gpIYpTOb30dKCkQ.roa
File: OEwvfa4H3CL4gpIYpTOb30dKCkQ.roa (raw, json)
Hash identifier: mtPpLRQBG61O50gZ8CM2dyWN6kMBk3zhcGmkHc5kSnk=
Subject key identifier: 38:4C:2F:7D:AE:07:DC:22:F8:82:92:18:A5:33:9B:DF:47:4A:0A:44
Certificate issuer: /CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Certificate serial: 06C6EA96
Authority key identifier: D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/OEwvfa4H3CL4gpIYpTOb30dKCkQ.roa
Signing time: Sat 01 Jan 2022 09:02:01 +0000
ROA not before: Sat 01 Jan 2022 09:02:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 91.208.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113699478 (0x6c6ea96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Validity
Not Before: Jan 1 09:02:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=384c2f7dae07dc22f8829218a5339bdf474a0a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d0:d2:5c:bd:1f:2b:eb:59:7f:c9:5f:23:2e:
96:ac:91:d2:55:2c:24:99:62:e0:c5:61:0e:73:f8:
84:20:4c:f4:cf:07:3b:12:7d:81:bb:1e:31:73:4b:
7c:63:0b:a7:f1:aa:e7:4f:5d:6d:10:16:12:6b:55:
db:54:42:aa:e8:d3:b2:a1:63:93:d9:92:f5:85:f8:
da:80:65:14:4a:22:af:33:71:f8:53:a7:ec:ee:b2:
37:73:1e:c0:71:2f:8a:d4:3b:77:6a:89:9b:86:2b:
21:20:e0:4f:f1:28:5a:61:28:52:1b:60:05:67:56:
e3:66:3f:ca:6a:2e:02:8d:2f:f0:03:55:f8:27:90:
d0:41:b4:19:d1:6a:81:5f:15:89:d5:23:f2:c4:9a:
96:ba:49:75:02:b0:e1:54:7c:23:0d:83:82:79:29:
ba:df:a4:99:f3:ef:24:89:d0:1e:9e:ee:fc:5a:71:
90:e0:c5:97:bc:e0:29:48:19:88:9a:b5:f5:57:87:
57:9b:d2:65:1a:89:56:d6:27:70:2a:d9:a4:a8:6d:
3c:39:68:9c:e7:38:df:82:65:71:d3:75:4e:af:96:
28:81:da:f7:88:e1:20:40:e6:a8:44:9e:f2:8d:82:
ec:56:ba:df:58:34:68:95:9a:89:f0:e6:d5:87:98:
d2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:4C:2F:7D:AE:07:DC:22:F8:82:92:18:A5:33:9B:DF:47:4A:0A:44
X509v3 Authority Key Identifier:
keyid:D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/OEwvfa4H3CL4gpIYpTOb30dKCkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.21.0/24
Signature Algorithm: sha256WithRSAEncryption
97:9b:1a:44:a1:07:67:df:ba:90:cb:11:64:2a:59:a3:75:f0:
ce:5f:0a:ac:c9:4c:14:52:1d:da:68:5f:a4:a2:b8:72:9c:c6:
02:58:45:a2:3e:af:fc:38:42:c6:ab:28:5e:bf:83:c0:59:fd:
ad:59:e0:ca:e1:67:6a:42:c0:50:94:98:8a:63:c9:df:d0:ac:
e2:1e:af:01:78:22:af:57:73:70:ed:8f:ad:d4:4e:3a:4c:e8:
65:fd:be:02:e6:f7:7b:67:7e:e0:ec:75:ff:af:cc:d6:d0:05:
bb:b1:8f:61:5c:ba:5e:5c:d2:a7:3c:14:05:c7:0e:14:4f:7c:
ca:28:eb:33:9e:8e:6f:ce:fe:a2:14:e8:ff:66:91:61:5a:97:
f0:2d:38:79:63:84:7e:e7:f5:a9:a8:8f:fe:1b:af:42:8f:92:
58:c0:19:66:17:14:40:e1:f7:65:1d:ee:0d:de:25:1c:a2:3f:
07:52:15:0d:06:2a:ae:c7:b5:45:43:dd:d2:bd:b1:0c:e3:61:
dd:4d:08:ba:e9:3e:80:f7:09:ac:55:20:4c:b3:62:81:01:e5:
56:b0:94:58:85:77:b5:53:0f:5b:14:d9:22:22:8d:86:9c:30:
1d:d3:8f:38:36:e7:6d:22:b3:c9:28:fd:32:f3:5e:7d:a0:8a:
d0:fe:b5:ee
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBsbqljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NmRiYWExYjUyZjNhNzMyODlmZjc2OGFjYjdiYWE3ZjM4N2Y5NTVmMB4XDTIyMDEw
MTA5MDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg0YzJmN2RhZTA3
ZGMyMmY4ODI5MjE4YTUzMzliZGY0NzRhMGE0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjQ0ly9HyvrWX/JXyMulqyR0lUsJJli4MVhDnP4hCBM9M8H
OxJ9gbseMXNLfGMLp/Gq509dbRAWEmtV21RCqujTsqFjk9mS9YX42oBlFEoirzNx
+FOn7O6yN3MewHEvitQ7d2qJm4YrISDgT/EoWmEoUhtgBWdW42Y/ymouAo0v8ANV
+CeQ0EG0GdFqgV8VidUj8sSalrpJdQKw4VR8Iw2Dgnkput+kmfPvJInQHp7u/Fpx
kODFl7zgKUgZiJq19VeHV5vSZRqJVtYncCrZpKhtPDlonOc434JlcdN1Tq+WKIHa
94jhIEDmqESe8o2C7Fa631g0aJWaifDm1YeY0nECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4TC99rgfcIviCkhilM5vfR0oKRDAfBgNVHSMEGDAWgBTW26obUvOnMon/
dorLe6p/OH+VXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzF0dXFHMUx6cHpLSl8zYUt5M3VxZnpoX2xWOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvYjBiNmU3LTNlMjMtNDQyNi04Yzg0LWZhYjgzZDQwMzU1OC8x
L09Fd3ZmYTRIM0NMNGdwSVlwVE9iMzBkS0NrUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
YjBiNmU3LTNlMjMtNDQyNi04Yzg0LWZhYjgzZDQwMzU1OC8xLzF0dXFHMUx6cHpL
Sl8zYUt5M3VxZnpoX2xWOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvQFTANBgkqhkiG9w0BAQsFAAOC
AQEAl5saRKEHZ9+6kMsRZCpZo3Xwzl8KrMlMFFId2mhfpKK4cpzGAlhFoj6v/DhC
xqsoXr+DwFn9rVngyuFnakLAUJSYimPJ39Cs4h6vAXgir1dzcO2PrdROOkzoZf2+
Aub3e2d+4Ox1/6/M1tAFu7GPYVy6XlzSpzwUBccOFE98yijrM56Ob87+ohTo/2aR
YVqX8C04eWOEfuf1qaiP/huvQo+SWMAZZhcUQOH3ZR3uDd4lHKI/B1IVDQYqrse1
RUPd0r2xDONh3U0Iuuk+gPcJrFUgTLNigQHlVrCUWIV3tVMPWxTZIiKNhpwwHdOP
ODbnbSKzySj9MvNefaCK0P617g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:14 2023 by rpki-client on console-fra.rpki-client.org