Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Jquf6Fo52Ht8Lm6J1RQFHLOZJt0.roa
File: Jquf6Fo52Ht8Lm6J1RQFHLOZJt0.roa (raw, json)
Hash identifier: hAb5NbOBHXHqY0tbxMbNLacyy3qQetz2ChAMmt9qwQ8=
Subject key identifier: 26:AB:9F:E8:5A:39:D8:7B:7C:2E:6E:89:D5:14:05:1C:B3:99:26:DD
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570952A6BE58823860AF0542BE1EFBA1E
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Jquf6Fo52Ht8Lm6J1RQFHLOZJt0.roa
Signing time: Mon 02 Jan 2023 03:45:01 +0000
ROA not before: Mon 02 Jan 2023 03:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44321
IP address blocks: 146.120.56.0/21 maxlen: 24
146.120.97.0/24 maxlen: 24
146.120.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:2a:6b:e5:88:23:86:0a:f0:54:2b:e1:ef:ba:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26ab9fe85a39d87b7c2e6e89d514051cb39926dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ef:a9:e7:19:cf:96:2b:7e:70:1f:80:22:75:
78:82:f7:de:4a:df:c5:41:cf:9c:6c:35:03:1a:ba:
7c:1b:74:2c:ef:72:74:07:83:22:3d:02:ea:f0:da:
33:60:7f:f7:25:2f:15:54:d1:f7:c4:45:d0:83:a6:
7e:84:3e:e9:a2:25:15:22:71:b9:4e:55:c8:0f:f2:
7e:7c:ef:d7:06:1f:d8:01:52:00:9c:e2:ff:74:03:
ad:98:dc:45:99:5b:7e:36:65:07:95:57:1f:08:9e:
de:58:d6:9f:65:a0:11:c0:63:c1:4b:69:9a:28:f2:
e0:3a:69:ff:a3:23:df:65:42:a3:d0:10:a5:e3:0b:
9f:fb:ab:85:a1:15:0e:37:ef:74:ef:63:a9:43:85:
73:2f:a5:e0:e3:fe:dd:f6:a7:40:0f:86:46:c3:4e:
01:21:ea:81:b0:32:fe:2a:2b:77:f1:3e:0b:b8:eb:
fe:85:b9:22:a0:22:a3:cb:bf:17:42:92:e3:eb:5c:
e1:a7:c3:a3:bf:d7:53:18:17:47:42:8b:48:d7:e8:
ca:a1:99:8d:c6:f2:8f:5d:7b:b3:82:d0:1a:a1:fa:
20:1e:e9:ce:bf:cc:85:1e:49:c7:8c:71:51:fb:81:
64:be:d7:5b:08:94:dd:ce:6e:75:35:39:85:8f:34:
11:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:AB:9F:E8:5A:39:D8:7B:7C:2E:6E:89:D5:14:05:1C:B3:99:26:DD
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Jquf6Fo52Ht8Lm6J1RQFHLOZJt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.12.0/24
146.120.56.0/21
146.120.97.0/24
Signature Algorithm: sha256WithRSAEncryption
22:ce:6a:f1:43:74:48:f6:61:77:5c:45:ae:65:c5:67:42:8e:
6d:76:75:23:48:eb:79:c4:19:b2:f6:8b:18:0c:8d:ad:87:f4:
68:95:dd:6e:bb:ef:58:e8:46:b2:87:4e:0e:db:4e:19:2f:6e:
8f:2c:55:a1:bb:af:c3:3f:ff:c9:d2:bd:d8:76:0c:2a:1c:45:
71:af:c5:0f:21:11:44:dc:ff:e2:22:7e:e5:a3:f7:d5:e2:51:
59:8d:eb:ba:32:f6:18:3c:2f:64:de:69:31:53:50:8c:82:47:
45:df:e0:07:71:7a:18:48:de:98:af:9d:5b:57:b9:07:1a:c8:
19:18:51:20:16:aa:3f:9e:7f:22:8c:5a:67:e7:58:60:e1:99:
70:ab:aa:a6:44:e3:2a:e8:55:26:e2:64:e8:81:50:e7:49:23:
5d:33:52:99:13:63:61:8a:98:22:de:60:9e:13:d8:fa:aa:19:
67:8f:36:28:c3:b9:7e:d7:43:35:72:24:d8:1c:24:79:f7:69:
3d:81:e5:67:3d:65:4c:d4:1c:80:19:37:4f:75:58:b5:f9:49:
34:00:40:a6:6e:15:93:09:1f:e2:6e:d0:57:ef:89:f9:21:65:
48:dd:cf:41:8f:b7:ee:f6:1e:7b:ea:eb:5e:5b:45:5e:b2:d4:
7c:b3:99:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwlSpr5YgjhgrwVCvh77oeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmFiOWZlODVhMzlkODdiN2MyZTZlODlkNTE0MDUxY2IzOTkyNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe+p5xnPlit+cB+AInV4gvfeSt/F
Qc+cbDUDGrp8G3Qs73J0B4MiPQLq8NozYH/3JS8VVNH3xEXQg6Z+hD7poiUVInG5
TlXID/J+fO/XBh/YAVIAnOL/dAOtmNxFmVt+NmUHlVcfCJ7eWNafZaARwGPBS2ma
KPLgOmn/oyPfZUKj0BCl4wuf+6uFoRUON+9072OpQ4VzL6Xg4/7d9qdAD4ZGw04B
IeqBsDL+Kit38T4LuOv+hbkioCKjy78XQpLj61zhp8Ojv9dTGBdHQotI1+jKoZmN
xvKPXXuzgtAaofogHunOv8yFHknHjHFR+4FkvtdbCJTdzm51NTmFjzQRIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCarn+haOdh7fC5uidUUBRyzmSbdMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSnF1ZjZGbzUySHQ4TG02SjFSUUZITE9aSnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkngMAwQD
kng4AwQAknhhMA0GCSqGSIb3DQEBCwUAA4IBAQAizmrxQ3RI9mF3XEWuZcVnQo5t
dnUjSOt5xBmy9osYDI2th/Rold1uu+9Y6Eayh04O204ZL26PLFWhu6/DP//J0r3Y
dgwqHEVxr8UPIRFE3P/iIn7lo/fV4lFZjeu6MvYYPC9k3mkxU1CMgkdF3+AHcXoY
SN6Yr51bV7kHGsgZGFEgFqo/nn8ijFpn51hg4Zlwq6qmROMq6FUm4mTogVDnSSNd
M1KZE2Nhipgi3mCeE9j6qhlnjzYow7l+10M1ciTYHCR592k9geVnPWVM1ByAGTdP
dVi1+Uk0AECmbhWTCR/ibtBX74n5IWVI3c9Bj7fu9h576uteW0VestR8s5nu
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:45 2025 by rpki-client