Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KruL2aoMpugeM3Ry9WkDSp6eMp4.roa
File: KruL2aoMpugeM3Ry9WkDSp6eMp4.roa (raw, json)
Hash identifier: idE/oThz6LZl6gXBfcmvYpvpECv5HbWwaE2YhxY/JKk=
Subject key identifier: 2A:BB:8B:D9:AA:0C:A6:E8:1E:33:74:72:F5:69:03:4A:9E:9E:32:9E
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01873730265D20BAA0317E3E50E4EC20772F
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KruL2aoMpugeM3Ry9WkDSp6eMp4.roa
Signing time: Fri 31 Mar 2023 10:21:55 +0000
ROA not before: Fri 31 Mar 2023 10:21:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42581
IP address blocks: 146.158.74.0/23 maxlen: 24
146.120.212.0/23 maxlen: 24
146.120.230.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:37:30:26:5d:20:ba:a0:31:7e:3e:50:e4:ec:20:77:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Mar 31 10:21:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2abb8bd9aa0ca6e81e337472f569034a9e9e329e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:de:bc:52:5a:5e:42:bf:77:f8:b4:da:89:35:
da:c5:51:f1:f7:b5:55:c0:a2:27:1e:4f:a8:01:b7:
d7:75:ca:cf:51:95:c4:35:e9:db:0a:87:39:27:d5:
41:5e:d6:8b:ad:07:df:29:09:a6:e8:3d:ea:1d:53:
16:b2:34:3d:b0:58:ed:38:31:f4:b4:7c:14:5f:df:
eb:78:18:58:9e:01:61:ae:26:c2:28:00:dd:a9:d6:
2a:21:58:fa:8b:67:be:c1:c5:1e:68:42:27:eb:a0:
5f:72:67:c8:d2:9f:c7:33:2e:fd:cb:81:35:b6:f6:
d1:a3:23:51:87:14:a2:4d:3e:3c:72:ac:6d:92:45:
78:a5:87:af:bf:b4:53:5e:1d:d9:ca:f1:c8:85:ed:
89:41:9f:bf:90:ac:87:4b:9e:65:4c:df:1e:6e:09:
f4:68:35:a3:ad:85:19:f0:f5:59:10:1c:68:e1:c6:
3d:e0:fa:7c:a8:32:33:72:9d:23:0d:a6:5f:44:bc:
86:6a:8e:ca:04:65:c9:9e:5c:41:60:cb:73:c8:3d:
db:67:cf:a0:d3:58:22:67:56:3d:c6:e9:3a:48:c0:
e9:da:fb:c6:17:05:af:60:fe:45:a7:8e:ef:2b:b8:
75:3d:fd:86:08:a5:21:43:72:c8:d3:d4:cc:53:65:
f0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BB:8B:D9:AA:0C:A6:E8:1E:33:74:72:F5:69:03:4A:9E:9E:32:9E
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KruL2aoMpugeM3Ry9WkDSp6eMp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.212.0/23
146.120.230.0/23
146.158.74.0/23
Signature Algorithm: sha256WithRSAEncryption
61:13:af:e4:63:8a:4c:c2:66:3f:47:04:4f:03:e5:13:3b:57:
17:84:69:0a:5b:79:15:1b:be:9d:8c:d2:09:30:41:aa:6d:cb:
e1:e2:fb:44:3a:95:73:61:ff:a8:d9:2d:2c:8d:47:cf:fb:35:
90:b4:15:3b:f5:00:57:df:67:e3:ef:67:a5:74:c5:d8:e0:dc:
84:44:2d:62:f0:a8:54:f9:81:10:25:d1:a2:54:4b:02:fd:16:
bb:dc:8e:3e:e8:6f:57:4d:e6:fd:18:cc:68:fc:c9:f8:f4:18:
96:41:a6:23:26:1c:3e:ba:83:ab:22:02:1f:9c:4b:99:6c:95:
40:7a:55:5b:60:87:bf:23:c3:2e:f7:21:23:0c:b0:a2:5b:84:
89:8f:47:fd:67:a8:9e:0a:9f:f4:4b:d1:35:f8:c0:ac:5d:c1:
00:20:09:80:fe:cf:c5:24:e6:e7:89:b0:a9:52:19:5e:b4:5c:
d1:eb:99:e1:dd:41:9e:06:be:2d:35:5d:06:34:f4:2e:8d:31:
21:5d:7f:ac:b1:81:2c:e9:34:72:91:59:58:94:a3:bd:d5:17:
65:0b:1c:9b:cf:b8:5e:2b:2d:05:7b:2d:a1:70:ed:ae:26:a4:
c6:fa:25:1f:db:c0:ab:b3:b4:64:4d:18:64:6c:c1:e4:36:4c:
4b:29:ed:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYc3MCZdILqgMX4+UOTsIHcvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMzMxMTAyMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJiOGJkOWFhMGNhNmU4MWUzMzc0NzJmNTY5MDM0YTllOWUzMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN68UlpeQr93+LTaiTXaxVHx97VV
wKInHk+oAbfXdcrPUZXENenbCoc5J9VBXtaLrQffKQmm6D3qHVMWsjQ9sFjtODH0
tHwUX9/reBhYngFhribCKADdqdYqIVj6i2e+wcUeaEIn66BfcmfI0p/HMy79y4E1
tvbRoyNRhxSiTT48cqxtkkV4pYevv7RTXh3ZyvHIhe2JQZ+/kKyHS55lTN8ebgn0
aDWjrYUZ8PVZEBxo4cY94Pp8qDIzcp0jDaZfRLyGao7KBGXJnlxBYMtzyD3bZ8+g
01giZ1Y9xuk6SMDp2vvGFwWvYP5Fp47vK7h1Pf2GCKUhQ3LI09TMU2XwcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCq7i9mqDKboHjN0cvVpA0qenjKeMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvS3J1TDJhb01wdWdlTTNSeTlXa0RTcDZlTXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBknjUAwQB
knjmAwQBkp5KMA0GCSqGSIb3DQEBCwUAA4IBAQBhE6/kY4pMwmY/RwRPA+UTO1cX
hGkKW3kVG76djNIJMEGqbcvh4vtEOpVzYf+o2S0sjUfP+zWQtBU79QBX32fj72el
dMXY4NyERC1i8KhU+YEQJdGiVEsC/Ra73I4+6G9XTeb9GMxo/Mn49BiWQaYjJhw+
uoOrIgIfnEuZbJVAelVbYIe/I8Mu9yEjDLCiW4SJj0f9Z6ieCp/0S9E1+MCsXcEA
IAmA/s/FJObnibCpUhletFzR65nh3UGeBr4tNV0GNPQujTEhXX+ssYEs6TRykVlY
lKO91RdlCxybz7heKy0Fey2hcO2uJqTG+iUf28Crs7RkTRhkbMHkNkxLKe3S
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:22 2025 by rpki-client