Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4sfwdV9fVsQCYH8cQQZZT4-zS0g.roa
File: 4sfwdV9fVsQCYH8cQQZZT4-zS0g.roa (raw, json)
Hash identifier: izuKkihDFBPQWzOCBWxYQBt8mIv+tmmvAeKTDkmn7V0=
Subject key identifier: E2:C7:F0:75:5F:5F:56:C4:02:60:7F:1C:41:06:59:4F:8F:B3:4B:48
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570953A871994813A7C294E1C869D0580
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4sfwdV9fVsQCYH8cQQZZT4-zS0g.roa
Signing time: Mon 02 Jan 2023 03:45:06 +0000
ROA not before: Mon 02 Jan 2023 03:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48485
IP address blocks: 146.120.104.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:3a:87:19:94:81:3a:7c:29:4e:1c:86:9d:05:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2c7f0755f5f56c402607f1c4106594f8fb34b48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:de:73:45:85:36:61:5c:a9:37:49:3c:11:b0:
8a:60:8c:fd:99:80:ae:59:0b:88:65:29:e9:8a:62:
d0:2d:8c:6a:15:24:9b:17:a1:94:95:ce:96:08:20:
9c:09:13:b9:be:aa:09:e7:f4:6e:4a:d9:4a:7a:32:
7b:de:c9:39:b5:cc:3b:ad:ac:ea:0a:a5:b8:81:87:
74:92:28:ef:6b:3f:fe:90:9e:f9:4e:40:0f:fb:38:
71:ff:52:a1:f0:a0:31:02:fa:15:e0:50:b6:dd:d8:
42:cb:7c:e6:df:59:05:65:ad:99:79:d5:52:ee:8a:
64:4e:3d:ff:7b:f6:03:5b:47:f2:fa:7f:54:c1:4e:
44:d9:14:d8:b7:ed:dd:a6:c7:da:c8:69:cd:6d:84:
f0:88:2b:e2:d1:1e:b8:59:b2:c8:c0:c3:16:ef:a8:
d2:49:e8:58:a4:34:fd:a1:0f:3e:96:2e:79:1c:8b:
50:7b:c2:a1:a5:f4:5c:be:44:e2:f8:1d:16:3f:bf:
1e:c1:a7:bd:30:39:e0:04:a8:14:b7:54:93:a5:9d:
62:5d:fc:48:28:43:fe:4a:20:b9:ef:f1:30:36:3b:
c1:b5:8b:6c:0c:74:f9:86:ef:01:1d:2e:2e:f3:16:
9c:09:c2:82:2c:01:fc:a3:50:cf:01:48:34:96:ee:
a6:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C7:F0:75:5F:5F:56:C4:02:60:7F:1C:41:06:59:4F:8F:B3:4B:48
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4sfwdV9fVsQCYH8cQQZZT4-zS0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.104.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:e7:dd:04:0a:89:ab:ef:d9:5d:4d:b7:9d:6d:91:07:e7:63:
3c:f5:42:bb:b4:7b:c6:13:50:4d:2f:74:21:8f:36:8b:63:81:
24:23:fa:8d:3e:de:71:85:6b:a6:38:31:05:e0:f0:dd:4d:6f:
12:69:4f:b0:4d:2c:fa:6a:81:33:e3:05:37:fd:e8:da:46:55:
0a:66:01:e8:7c:d7:3f:d1:c2:a2:cb:cb:a6:7a:8f:81:cc:0d:
fc:23:c5:ed:90:39:1c:f1:41:33:c9:5a:93:32:b3:48:d0:d0:
00:8b:eb:0e:52:95:8a:54:13:5b:42:1e:7c:19:c1:30:1d:4a:
ee:7c:a5:42:fd:2d:dd:1c:01:fb:60:49:74:dd:d0:c7:16:08:
a0:6e:a5:e6:04:01:10:5c:fc:23:82:87:56:5f:55:0b:6b:84:
d5:7c:d1:a9:ce:59:8f:15:75:9a:63:23:73:57:2f:b7:27:dc:
59:41:2b:51:c4:dc:de:d9:ba:ff:a6:f3:b9:67:d9:19:33:0b:
16:8f:bb:8f:b1:98:f7:01:b0:a5:89:88:6a:9b:96:f6:c5:0a:
e0:52:6f:60:f0:22:87:52:8e:32:98:04:29:82:14:2d:a2:70:
f0:83:40:1e:3f:07:ec:3a:50:21:b1:8c:6f:1a:6d:ef:24:8a:
87:42:a8:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlTqHGZSBOnwpThyGnQWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmM3ZjA3NTVmNWY1NmM0MDI2MDdmMWM0MTA2NTk0ZjhmYjM0YjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid5zRYU2YVypN0k8EbCKYIz9mYCu
WQuIZSnpimLQLYxqFSSbF6GUlc6WCCCcCRO5vqoJ5/RuStlKejJ73sk5tcw7razq
CqW4gYd0kijvaz/+kJ75TkAP+zhx/1Kh8KAxAvoV4FC23dhCy3zm31kFZa2ZedVS
7opkTj3/e/YDW0fy+n9UwU5E2RTYt+3dpsfayGnNbYTwiCvi0R64WbLIwMMW76jS
SehYpDT9oQ8+li55HItQe8KhpfRcvkTi+B0WP78ewae9MDngBKgUt1STpZ1iXfxI
KEP+SiC57/EwNjvBtYtsDHT5hu8BHS4u8xacCcKCLAH8o1DPAUg0lu6mTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOLH8HVfX1bEAmB/HEEGWU+Ps0tIMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvNHNmd2RWOWZWc1FDWUg4Y1FRWlpUNC16UzBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCknhoMA0G
CSqGSIb3DQEBCwUAA4IBAQCp590EComr79ldTbedbZEH52M89UK7tHvGE1BNL3Qh
jzaLY4EkI/qNPt5xhWumODEF4PDdTW8SaU+wTSz6aoEz4wU3/ejaRlUKZgHofNc/
0cKiy8umeo+BzA38I8XtkDkc8UEzyVqTMrNI0NAAi+sOUpWKVBNbQh58GcEwHUru
fKVC/S3dHAH7YEl03dDHFgigbqXmBAEQXPwjgodWX1ULa4TVfNGpzlmPFXWaYyNz
Vy+3J9xZQStRxNze2br/pvO5Z9kZMwsWj7uPsZj3AbCliYhqm5b2xQrgUm9g8CKH
Uo4ymAQpghQtonDwg0AePwfsOlAhsYxvGm3vJIqHQqi1
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:35 2025 by rpki-client