Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/IIA7L7KZ8BlBRHgI4gK6m0iVWeE.roa
File: IIA7L7KZ8BlBRHgI4gK6m0iVWeE.roa (raw, json)
Hash identifier: 4zRt+ew+yKfTsSdWXiHKHY0j+A6yq04MzfLkXbScC2U=
Subject key identifier: 20:80:3B:2F:B2:99:F0:19:41:44:78:08:E2:02:BA:9B:48:95:59:E1
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0187553E856E36A6B79C47B192D9158F97F6
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/IIA7L7KZ8BlBRHgI4gK6m0iVWeE.roa
Signing time: Thu 06 Apr 2023 06:26:13 +0000
ROA not before: Thu 06 Apr 2023 06:26:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42581
IP address blocks: 146.120.212.0/23 maxlen: 24
146.120.230.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:3e:85:6e:36:a6:b7:9c:47:b1:92:d9:15:8f:97:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Apr 6 06:26:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20803b2fb299f01941447808e202ba9b489559e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3d:fe:d7:65:11:71:0c:0d:25:ff:27:b2:f7:
49:55:7b:ac:97:a5:67:64:97:47:46:cd:d3:33:e5:
4e:57:b2:70:7f:19:ac:7a:ca:9a:74:8a:a7:94:96:
8a:54:70:ba:de:85:e9:67:44:10:5f:d3:f1:e5:ae:
da:aa:33:43:fe:82:08:59:08:a2:21:ac:f6:30:b7:
27:70:f8:ae:d7:1f:ba:9f:8f:30:21:53:cd:87:fd:
c1:4a:2c:66:ed:31:bb:ad:c5:6a:94:bd:5b:70:47:
4b:34:4f:ab:51:68:72:ca:1b:16:a2:36:03:de:0c:
17:a5:46:f9:fb:c6:f1:e7:61:62:b4:68:c7:3a:58:
c8:b1:bb:c1:2a:36:f0:8e:cb:c4:a5:0c:ef:88:21:
2d:8e:51:df:e9:ac:76:1c:a3:fe:af:80:d4:c8:82:
de:19:24:22:60:0d:fd:66:9c:b7:cf:ee:3e:2c:23:
3e:e3:d9:df:a7:ab:a0:53:a9:3e:aa:59:ab:58:34:
82:11:f9:3c:68:76:0d:f0:3a:17:87:e1:05:c5:ec:
e8:0e:12:ba:b9:57:53:3b:24:4c:6b:7c:14:4f:22:
5e:44:a8:01:0b:71:68:03:57:a6:8c:14:68:ff:9a:
1a:76:f0:c8:b1:bf:67:b3:9e:c7:32:1e:5f:a3:f9:
f1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:80:3B:2F:B2:99:F0:19:41:44:78:08:E2:02:BA:9B:48:95:59:E1
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/IIA7L7KZ8BlBRHgI4gK6m0iVWeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.212.0/23
146.120.230.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:51:c3:82:90:2c:63:6e:b0:c0:7c:81:93:b5:44:0e:56:43:
45:cd:82:ca:ff:79:b0:b9:b5:de:4f:04:dc:d6:33:d5:80:a7:
ad:85:93:65:50:31:ae:d9:15:80:0f:5f:d7:be:39:98:05:82:
b7:6b:f3:cb:c1:95:08:52:44:fd:27:79:03:c5:25:72:12:99:
a4:93:71:fe:5e:be:02:c5:11:ce:e7:d0:b7:a7:c5:ff:61:14:
78:58:2c:c9:b7:42:23:eb:bf:38:2f:71:d3:f0:d5:fd:33:f1:
52:72:b0:c3:cb:26:30:d7:48:dc:5e:c8:89:a9:fb:eb:6d:f7:
74:76:a9:05:59:66:e9:39:ce:99:69:a2:0d:90:c0:d3:2d:a6:
8d:e0:bb:61:b1:f6:ba:9d:e9:ab:9a:10:bd:0b:15:5c:40:a3:
21:60:5f:73:87:52:81:e5:eb:82:23:9e:0e:d2:60:e0:fb:46:
c1:e4:0c:dc:05:5c:bd:0c:63:a6:6d:f0:79:fe:1b:46:d1:99:
17:6d:80:0b:06:f2:b7:6f:74:a0:fc:80:60:52:7f:96:39:c7:
11:17:35:43:fb:85:ab:c7:34:a8:70:a9:89:85:7d:de:14:98:
3c:b7:01:37:f1:b2:c5:a4:4c:c0:58:e1:ed:df:29:14:2c:7e:
7a:1c:a7:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdVPoVuNqa3nEexktkVj5f2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwNDA2MDYyNjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDgwM2IyZmIyOTlmMDE5NDE0NDc4MDhlMjAyYmE5YjQ4OTU1OWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT3+12URcQwNJf8nsvdJVXusl6Vn
ZJdHRs3TM+VOV7JwfxmsesqadIqnlJaKVHC63oXpZ0QQX9Px5a7aqjND/oIIWQii
Iaz2MLcncPiu1x+6n48wIVPNh/3BSixm7TG7rcVqlL1bcEdLNE+rUWhyyhsWojYD
3gwXpUb5+8bx52FitGjHOljIsbvBKjbwjsvEpQzviCEtjlHf6ax2HKP+r4DUyILe
GSQiYA39Zpy3z+4+LCM+49nfp6ugU6k+qlmrWDSCEfk8aHYN8DoXh+EFxezoDhK6
uVdTOyRMa3wUTyJeRKgBC3FoA1emjBRo/5oadvDIsb9ns57HMh5fo/nxxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCCAOy+ymfAZQUR4COICuptIlVnhMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSUlBN0w3S1o4QmxCUkhnSTRnSzZtMGlWV2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBknjUAwQB
knjmMA0GCSqGSIb3DQEBCwUAA4IBAQBeUcOCkCxjbrDAfIGTtUQOVkNFzYLK/3mw
ubXeTwTc1jPVgKethZNlUDGu2RWAD1/XvjmYBYK3a/PLwZUIUkT9J3kDxSVyEpmk
k3H+Xr4CxRHO59C3p8X/YRR4WCzJt0Ij6784L3HT8NX9M/FScrDDyyYw10jcXsiJ
qfvrbfd0dqkFWWbpOc6ZaaINkMDTLaaN4Lthsfa6nemrmhC9CxVcQKMhYF9zh1KB
5euCI54O0mDg+0bB5AzcBVy9DGOmbfB5/htG0ZkXbYALBvK3b3Sg/IBgUn+WOccR
FzVD+4WrxzSocKmJhX3eFJg8twE38bLFpEzAWOHt3ykULH56HKcf
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:20 2025 by rpki-client