Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/6MsNgw5vKcqN8SaNux8NVmjPwQE.roa
File: 6MsNgw5vKcqN8SaNux8NVmjPwQE.roa (raw, json)
Hash identifier: LvoLfYqZQ3z5ml125dbWF80GfzYljMip+JHX/YKD9Sc=
Subject key identifier: E8:CB:0D:83:0E:6F:29:CA:8D:F1:26:8D:BB:1F:0D:56:68:CF:C1:01
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27806CAF
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/6MsNgw5vKcqN8SaNux8NVmjPwQE.roa
Signing time: Sat 01 Jan 2022 16:08:11 +0000
ROA not before: Sat 01 Jan 2022 16:08:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42518
IP address blocks: 146.120.64.0/20 maxlen: 24
146.120.80.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 662727855 (0x27806caf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8cb0d830e6f29ca8df1268dbb1f0d5668cfc101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e6:11:8d:21:93:15:10:25:31:ab:26:a3:f4:
72:94:14:2b:3b:63:56:5f:87:5d:26:d2:e4:d8:25:
e1:c8:9b:0b:60:f2:d0:59:48:b7:74:8e:4e:7c:7f:
3f:80:24:86:9f:57:d9:40:4b:b1:5f:9c:a4:09:6d:
0a:49:ec:c7:f1:3b:aa:49:16:ae:be:0c:0e:fc:ec:
c8:57:ae:e9:00:01:73:cb:2e:23:66:11:46:87:ca:
30:ea:ed:10:e2:25:02:ff:13:c1:54:27:ca:8d:77:
71:7e:dd:e8:62:a2:58:4e:04:19:35:0d:4f:42:e7:
95:9a:e6:a5:43:dd:a5:eb:6c:99:e1:94:0d:9c:0b:
de:74:a0:74:c8:52:b6:06:42:1f:c4:9a:39:f9:08:
7d:1a:7e:b2:f1:de:4e:e4:d2:a9:10:6f:d0:41:72:
1a:e5:74:f4:18:fc:5e:62:c4:d0:64:0b:96:eb:01:
1a:a9:e5:a9:31:15:79:48:e7:03:ae:b8:70:94:43:
ba:c9:c1:3b:8c:d7:25:74:b2:c5:0f:4a:a1:0f:c6:
53:aa:e2:71:96:6e:92:ab:03:a2:fd:df:0d:59:a2:
cf:dc:22:30:32:e2:a8:30:ed:31:4a:01:6c:58:db:
4a:70:60:f5:42:b8:15:d8:e8:93:ef:12:1c:75:60:
dc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:CB:0D:83:0E:6F:29:CA:8D:F1:26:8D:BB:1F:0D:56:68:CF:C1:01
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/6MsNgw5vKcqN8SaNux8NVmjPwQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.64.0-146.120.87.255
Signature Algorithm: sha256WithRSAEncryption
49:a1:29:3c:97:72:00:f3:fc:c7:05:78:5c:ed:10:c2:f2:16:
0c:f3:a5:55:19:5b:39:f3:77:39:fd:c3:ec:65:c1:75:a2:cf:
f2:df:04:f8:4f:65:92:10:09:b8:9d:d3:61:03:d6:17:b0:51:
0d:3f:1a:2d:1e:f2:97:a4:ce:6d:13:80:5e:0d:30:25:4f:ee:
ae:c2:71:e7:d8:89:d2:9f:56:05:23:7d:ff:46:21:5e:df:b6:
fc:ad:e9:89:41:30:3f:dc:c8:ed:67:1d:b3:2f:f5:e2:f1:cb:
14:56:c9:02:59:91:99:9b:7a:1f:96:a9:b9:0f:60:fc:f5:8c:
83:84:ea:4e:87:21:fd:00:e8:4c:62:16:ce:f7:a5:3e:a3:8b:
b9:00:ba:70:f1:a4:e4:9a:6f:27:7c:b6:2c:92:30:b5:c7:95:
0e:1b:55:66:ca:1b:8f:f3:4b:8e:32:17:72:61:40:cc:a7:44:
77:8c:a4:22:60:26:31:67:e2:9a:40:d9:bc:8a:e9:a4:5a:5d:
6b:b1:1e:af:40:40:fe:ce:1f:94:4b:69:cb:28:39:7d:10:7c:
1a:2e:4c:e3:21:74:46:db:90:f2:e3:90:49:73:86:86:57:66:
31:34:21:7e:aa:05:1c:93:82:d6:60:58:c7:33:1a:4a:a7:88:
ec:2e:c1:01
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEJ4BsrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThjYjBkODMwZTZm
MjljYThkZjEyNjhkYmIxZjBkNTY2OGNmYzEwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbmEY0hkxUQJTGrJqP0cpQUKztjVl+HXSbS5Ngl4cibC2Dy
0FlIt3SOTnx/P4Akhp9X2UBLsV+cpAltCknsx/E7qkkWrr4MDvzsyFeu6QABc8su
I2YRRofKMOrtEOIlAv8TwVQnyo13cX7d6GKiWE4EGTUNT0LnlZrmpUPdpetsmeGU
DZwL3nSgdMhStgZCH8SaOfkIfRp+svHeTuTSqRBv0EFyGuV09Bj8XmLE0GQLlusB
GqnlqTEVeUjnA664cJRDusnBO4zXJXSyxQ9KoQ/GU6ricZZukqsDov3fDVmiz9wi
MDLiqDDtMUoBbFjbSnBg9UK4Fdjok+8SHHVg3A8CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBToyw2DDm8pyo3xJo27Hw1WaM/BATAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
LzZNc05ndzV2S2NxTjhTYU51eDhOVm1qUHdRRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQGknhAAwQDknhQMA0GCSqGSIb3
DQEBCwUAA4IBAQBJoSk8l3IA8/zHBXhc7RDC8hYM86VVGVs583c5/cPsZcF1os/y
3wT4T2WSEAm4ndNhA9YXsFENPxotHvKXpM5tE4BeDTAlT+6uwnHn2InSn1YFI33/
RiFe37b8remJQTA/3MjtZx2zL/Xi8csUVskCWZGZm3oflqm5D2D89YyDhOpOhyH9
AOhMYhbO96U+o4u5ALpw8aTkmm8nfLYskjC1x5UOG1VmyhuP80uOMhdyYUDMp0R3
jKQiYCYxZ+KaQNm8iumkWl1rsR6vQED+zh+US2nLKDl9EHwaLkzjIXRG25Dy45BJ
c4aGV2YxNCF+qgUck4LWYFjHMxpKp4jsLsEB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:41 2023 by rpki-client on console-fra.rpki-client.org