Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/9wFmlx9R8nTuJMEiJwqj6CqBkAs.roa
File: 9wFmlx9R8nTuJMEiJwqj6CqBkAs.roa (raw, json)
Hash identifier: 4GzMmKKzlxFH5QM272DccHbvEEa+NemS5ixPhQ6dF6U=
Subject key identifier: F7:01:66:97:1F:51:F2:74:EE:24:C1:22:27:0A:A3:E8:2A:81:90:0B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27D69639
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/9wFmlx9R8nTuJMEiJwqj6CqBkAs.roa
Signing time: Sat 01 Jan 2022 16:08:57 +0000
ROA not before: Sat 01 Jan 2022 16:08:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57901
IP address blocks: 146.120.0.0/21 maxlen: 24
146.120.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 668374585 (0x27d69639)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f70166971f51f274ee24c122270aa3e82a81900b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:cf:97:c0:ab:48:a4:68:db:4e:8b:fe:d3:e6:
d0:20:d7:3a:cf:7a:3f:03:e8:60:6c:d5:08:0c:0c:
a5:b7:c6:48:3c:5b:e2:07:44:ba:d9:29:04:2b:96:
16:5b:03:f5:9c:36:41:5c:9a:0e:b5:95:0f:6c:39:
7a:8f:7c:c2:b3:44:bf:65:01:a2:5d:74:25:3f:b8:
84:7e:00:25:22:73:72:64:bd:90:5f:b3:f1:8a:b3:
12:dc:01:c6:30:4f:95:ad:a0:21:89:dd:c8:21:4f:
a1:a8:8b:94:93:15:01:c6:fe:12:3f:d0:6b:5d:e6:
53:73:30:84:fc:be:ea:23:a1:32:bc:35:5d:07:38:
1a:b6:4a:55:3a:4d:96:f2:21:f5:16:db:be:3f:38:
5b:a4:a2:de:18:43:0e:87:0a:26:84:9a:56:10:9e:
f7:2c:f4:bb:64:a7:6b:89:20:47:da:5b:1a:a8:a3:
b9:aa:78:08:99:c8:af:6a:05:29:78:e9:97:7a:1a:
f5:43:d2:f3:b8:49:45:3b:5f:a9:b2:12:3e:56:e0:
0e:f9:8b:fd:6b:08:a7:64:68:b6:b8:0d:c8:c5:c3:
78:4a:1f:69:a4:53:4e:4e:a6:85:38:6b:77:7b:42:
5e:7f:6e:11:33:51:a9:84:52:67:94:9f:22:9c:e7:
36:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:01:66:97:1F:51:F2:74:EE:24:C1:22:27:0A:A3:E8:2A:81:90:0B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/9wFmlx9R8nTuJMEiJwqj6CqBkAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.0.0/21
146.120.20.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:8a:9f:16:fb:33:d4:be:8a:44:03:a5:6f:ee:9e:9b:3d:65:
ac:16:63:25:ab:88:26:de:49:d7:1a:9c:c4:7d:1b:b9:54:d6:
a7:37:62:c4:ca:2c:5f:4a:91:93:f9:40:9a:c1:08:5e:85:91:
89:14:b8:cb:16:b0:14:23:74:dc:5e:37:26:95:e4:55:77:26:
bf:28:41:3a:7a:a1:3d:4c:b2:99:3c:70:0d:f5:7a:2b:26:5d:
d9:ca:96:1e:f2:91:19:70:56:b0:37:7a:54:89:dd:9b:6d:a8:
4c:bc:69:f2:d1:1d:a3:c3:0b:17:ca:b7:72:6f:5c:70:15:38:
25:c8:95:a1:35:87:eb:c5:d7:c9:f9:ef:2f:4a:fb:b3:4b:4d:
ea:da:86:e1:23:60:0c:a9:39:fa:ee:e9:cb:fa:13:c1:5f:9b:
35:9c:6d:9f:c6:3d:ec:bd:21:30:98:19:f4:93:1a:45:4e:f6:
c6:0c:00:ba:70:00:4e:12:9b:18:4d:34:5c:3e:c5:0e:ad:80:
97:c3:20:13:0d:b8:c9:6f:9c:f1:f0:e7:f6:eb:26:78:5d:03:
21:77:60:90:c4:82:e0:ac:c8:b5:00:06:f2:45:95:91:c5:e0:
f4:2f:24:d2:f8:dd:9d:ff:e9:94:f3:51:09:df:a9:c3:f7:57:
fb:c7:39:25
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEJ9aWOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDg1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjcwMTY2OTcxZjUx
ZjI3NGVlMjRjMTIyMjcwYWEzZTgyYTgxOTAwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPPl8CrSKRo206L/tPm0CDXOs96PwPoYGzVCAwMpbfGSDxb
4gdEutkpBCuWFlsD9Zw2QVyaDrWVD2w5eo98wrNEv2UBol10JT+4hH4AJSJzcmS9
kF+z8YqzEtwBxjBPla2gIYndyCFPoaiLlJMVAcb+Ej/Qa13mU3MwhPy+6iOhMrw1
XQc4GrZKVTpNlvIh9Rbbvj84W6Si3hhDDocKJoSaVhCe9yz0u2Sna4kgR9pbGqij
uap4CJnIr2oFKXjpl3oa9UPS87hJRTtfqbISPlbgDvmL/WsIp2RotrgNyMXDeEof
aaRTTk6mhThrd3tCXn9uETNRqYRSZ5SfIpznNvUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT3AWaXH1HydO4kwSInCqPoKoGQCzAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
Lzl3Rm1seDlSOG5UdUpNRWlKd3FqNkNxQmtBcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA5J4AAMEApJ4FDANBgkqhkiG9w0B
AQsFAAOCAQEAfYqfFvsz1L6KRAOlb+6emz1lrBZjJauIJt5J1xqcxH0buVTWpzdi
xMosX0qRk/lAmsEIXoWRiRS4yxawFCN03F43JpXkVXcmvyhBOnqhPUyymTxwDfV6
KyZd2cqWHvKRGXBWsDd6VIndm22oTLxp8tEdo8MLF8q3cm9ccBU4JciVoTWH68XX
yfnvL0r7s0tN6tqG4SNgDKk5+u7py/oTwV+bNZxtn8Y97L0hMJgZ9JMaRU72xgwA
unAAThKbGE00XD7FDq2Al8MgEw24yW+c8fDn9usmeF0DIXdgkMSC4KzItQAG8kWV
kcXg9C8k0vjdnf/plPNRCd+pw/dX+8c5JQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:33 2025 by rpki-client