Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DFgvnJQdZrGhLYXaG8CGYpi0cGA.roa
File: DFgvnJQdZrGhLYXaG8CGYpi0cGA.roa (raw, json)
Hash identifier: RHzafZfF5OXG6lj6+Z5IY5ciO7eO+PA91JpgDYWeeOM=
Subject key identifier: 0C:58:2F:9C:94:1D:66:B1:A1:2D:85:DA:1B:C0:86:62:98:B4:70:60
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27A0F455
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DFgvnJQdZrGhLYXaG8CGYpi0cGA.roa
Signing time: Sat 01 Jan 2022 16:08:27 +0000
ROA not before: Sat 01 Jan 2022 16:08:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48172
IP address blocks: 146.120.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 664859733 (0x27a0f455)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c582f9c941d66b1a12d85da1bc0866298b47060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4d:71:19:31:a1:cf:af:82:27:b6:b2:59:35:
bd:6e:0f:37:dd:b9:6f:3a:25:fe:3b:44:2b:9d:b2:
e2:34:01:46:d0:04:e5:cc:6a:6d:ea:aa:35:d1:f2:
67:04:8a:b3:56:8a:38:d0:90:7f:bd:e9:27:02:0e:
39:32:6b:0f:43:aa:5e:20:8d:09:01:80:35:97:58:
04:50:2b:03:ce:d0:dc:0d:fd:5c:e2:49:bf:bb:ae:
5b:32:29:26:7b:bf:f6:12:92:db:b0:ae:d8:70:fa:
12:7d:19:e2:d1:c7:42:bc:01:41:9f:6a:c7:24:50:
1d:31:43:17:3a:b1:39:41:4b:dc:dc:aa:ff:d0:87:
0d:e6:e9:21:84:3a:cf:5f:c3:a8:33:82:4f:1b:91:
3b:40:33:03:2f:f0:ec:2c:e4:9a:75:2f:f7:42:8d:
85:c5:dc:b5:12:63:79:25:80:cd:51:e0:6b:80:0f:
f4:4b:ac:c6:46:7b:c8:2d:88:33:c3:fb:42:1f:8a:
9c:5c:48:9f:ce:c9:f5:98:c9:cf:13:f4:8f:36:d5:
c4:61:99:f6:0b:66:ea:f9:84:e4:ea:98:0e:34:63:
d6:7f:c4:28:53:7e:0d:de:d9:26:a9:54:7f:df:01:
b8:5e:0d:a9:c8:96:e6:80:06:ed:7f:a8:ae:2f:d8:
c2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:58:2F:9C:94:1D:66:B1:A1:2D:85:DA:1B:C0:86:62:98:B4:70:60
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DFgvnJQdZrGhLYXaG8CGYpi0cGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.226.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:e4:8e:f7:0e:b5:93:1c:5a:48:51:ab:7d:0e:88:14:77:00:
93:01:1a:11:5d:14:78:bc:fd:a8:a5:00:1f:a7:ed:17:4c:a7:
ee:58:2b:18:c1:29:5a:7d:2b:10:17:8c:e5:8c:62:e5:75:95:
9f:0e:0d:3c:c3:7b:13:83:5f:58:82:74:32:5f:3a:10:ba:99:
66:7a:c4:99:25:37:be:55:e1:fc:2d:36:09:b7:c4:c2:6a:38:
b2:c9:1f:3e:90:d3:6a:c8:70:4e:2c:22:b8:4d:eb:06:e5:0a:
e3:2d:f7:be:df:29:5b:91:54:73:14:7f:ea:d8:5b:11:28:99:
24:7d:f7:d1:33:66:92:9f:ad:c8:8b:cf:ae:90:27:0e:76:42:
13:3f:ba:fb:56:04:d9:92:31:4e:a7:60:4b:9b:5a:4b:a3:47:
f9:de:c8:86:8f:ac:3d:ce:61:cf:82:d4:3c:99:16:6c:8c:40:
bd:30:54:2e:b4:75:fc:90:87:e6:7c:86:0e:fd:8b:67:23:35:
73:58:c8:e2:64:91:ce:3a:f0:a4:8c:fc:c0:1c:2f:34:46:df:
3e:e4:9b:b6:74:88:57:b5:49:41:9a:0c:fc:ee:01:3d:8b:3a:
27:83:a4:fd:6a:7f:3b:91:91:02:2a:76:4d:fb:49:33:e9:c4:
e1:be:19:bd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJ6D0VTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM1ODJmOWM5NDFk
NjZiMWExMmQ4NWRhMWJjMDg2NjI5OGI0NzA2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI5NcRkxoc+vgie2slk1vW4PN925bzol/jtEK52y4jQBRtAE
5cxqbeqqNdHyZwSKs1aKONCQf73pJwIOOTJrD0OqXiCNCQGANZdYBFArA87Q3A39
XOJJv7uuWzIpJnu/9hKS27Cu2HD6En0Z4tHHQrwBQZ9qxyRQHTFDFzqxOUFL3Nyq
/9CHDebpIYQ6z1/DqDOCTxuRO0AzAy/w7CzkmnUv90KNhcXctRJjeSWAzVHga4AP
9EusxkZ7yC2IM8P7Qh+KnFxIn87J9ZjJzxP0jzbVxGGZ9gtm6vmE5OqYDjRj1n/E
KFN+Dd7ZJqlUf98BuF4NqciW5oAG7X+ori/YwtMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQMWC+clB1msaEthdobwIZimLRwYDAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0RGZ3ZuSlFkWnJHaExZWGFHOENHWXBpMGNHQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJJ44jANBgkqhkiG9w0BAQsFAAOC
AQEAG+SO9w61kxxaSFGrfQ6IFHcAkwEaEV0UeLz9qKUAH6ftF0yn7lgrGMEpWn0r
EBeM5Yxi5XWVnw4NPMN7E4NfWIJ0Ml86ELqZZnrEmSU3vlXh/C02CbfEwmo4sskf
PpDTashwTiwiuE3rBuUK4y33vt8pW5FUcxR/6thbESiZJH330TNmkp+tyIvPrpAn
DnZCEz+6+1YE2ZIxTqdgS5taS6NH+d7Iho+sPc5hz4LUPJkWbIxAvTBULrR1/JCH
5nyGDv2LZyM1c1jI4mSRzjrwpIz8wBwvNEbfPuSbtnSIV7VJQZoM/O4BPYs6J4Ok
/Wp/O5GRAip2TftJM+nE4b4ZvQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:26 2025 by rpki-client