Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/M1s2ueDkwNtKKk1kz6A8Vckbyng.roa
File: M1s2ueDkwNtKKk1kz6A8Vckbyng.roa (raw, json)
Hash identifier: ICebQUGg8jpgaZaVpJ0MQ5T38tvjwy8uzuzuy7UqNZY=
Subject key identifier: 33:5B:36:B9:E0:E4:C0:DB:4A:2A:4D:64:CF:A0:3C:55:C9:1B:CA:78
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 2796D952
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/M1s2ueDkwNtKKk1kz6A8Vckbyng.roa
Signing time: Sat 01 Jan 2022 16:08:22 +0000
ROA not before: Sat 01 Jan 2022 16:08:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44927
IP address blocks: 146.120.89.0/24 maxlen: 24
146.120.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 664197458 (0x2796d952)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=335b36b9e0e4c0db4a2a4d64cfa03c55c91bca78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c9:0d:20:63:00:ef:ab:52:7e:5c:98:4d:b6:
23:86:11:81:81:94:14:83:b7:ad:85:33:00:09:bd:
35:c1:fe:34:50:24:63:aa:e7:09:27:26:6f:a1:0d:
1d:3b:e3:66:d3:26:2e:a1:05:82:0d:b3:5b:77:5f:
14:1f:45:28:d7:ae:3f:ee:1a:1c:f9:80:5b:04:6d:
ef:4b:16:5a:18:38:0f:b2:f5:40:6c:30:a2:73:2e:
14:f7:1f:5b:4d:76:7d:9b:ba:a9:e9:24:bd:de:6a:
7a:03:84:b6:56:cb:41:eb:f4:0d:70:d8:2a:1f:2d:
88:b5:53:30:c7:fe:19:eb:f6:ce:79:7c:51:79:e1:
b1:cf:00:b2:1d:04:8d:43:e5:03:45:cc:52:69:1a:
f3:c2:36:b9:4b:2a:8b:fe:7e:5a:d7:9a:d3:65:95:
57:51:9b:a2:ce:d0:d7:c6:d7:01:f2:f6:6f:1a:d7:
85:27:77:fc:74:99:bc:ad:3f:e4:93:1a:60:c5:68:
c1:b2:bd:db:7a:ad:b9:97:e3:d3:ce:f1:53:ec:7e:
b2:37:f0:84:26:d0:f7:6a:f7:aa:7e:4c:87:0b:b2:
67:48:b7:ea:c3:f9:0f:78:e8:9c:ed:ab:10:f4:f0:
80:7d:31:59:b5:af:5f:f2:28:ad:87:ed:f0:4d:b1:
ec:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:5B:36:B9:E0:E4:C0:DB:4A:2A:4D:64:CF:A0:3C:55:C9:1B:CA:78
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/M1s2ueDkwNtKKk1kz6A8Vckbyng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.89.0/24
146.120.96.0/24
Signature Algorithm: sha256WithRSAEncryption
69:b4:6a:0b:e1:e7:dd:ae:29:b6:05:a3:9b:8b:53:24:da:51:
f3:6d:cc:40:c8:d4:aa:56:ba:00:30:85:d2:f1:37:f3:35:88:
f4:f8:ba:db:05:1f:98:92:71:05:f7:96:b4:4e:a3:69:77:60:
25:f9:11:0a:2f:de:b9:93:36:fe:c3:53:ca:ed:c5:fc:89:3f:
6b:2a:71:6b:11:85:7d:e2:64:10:f4:6b:28:eb:eb:6d:3d:f5:
6f:1a:c0:2a:ec:e1:2d:83:b1:31:df:5c:a2:ea:02:84:6f:ba:
1e:77:db:8e:19:9d:ec:39:29:99:d0:19:5f:02:c6:9c:83:c3:
54:ea:80:e0:01:2c:2e:97:2d:00:f3:2f:69:b4:f6:ac:b2:ec:
d1:43:c5:f4:36:d9:fe:5a:b3:e4:04:fc:7f:cf:8f:d7:c7:13:
af:0e:86:02:23:07:2e:28:4a:0b:c8:0b:68:ff:0a:1d:ce:e3:
11:f7:cf:0c:da:5c:ca:05:13:0e:00:02:59:12:3a:6a:a2:fb:
61:df:a3:2e:48:f3:0f:57:da:8f:ee:8b:04:01:99:19:1d:ca:
de:b3:c2:73:b7:af:2a:65:c9:27:d5:3e:ad:cc:4c:14:b9:1e:
5d:5d:d1:dc:41:88:1b:11:85:42:13:13:7d:23:90:18:63:cd:
2c:5b:7a:6c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEJ5bZUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzM1YjM2YjllMGU0
YzBkYjRhMmE0ZDY0Y2ZhMDNjNTVjOTFiY2E3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzJDSBjAO+rUn5cmE22I4YRgYGUFIO3rYUzAAm9NcH+NFAk
Y6rnCScmb6ENHTvjZtMmLqEFgg2zW3dfFB9FKNeuP+4aHPmAWwRt70sWWhg4D7L1
QGwwonMuFPcfW012fZu6qekkvd5qegOEtlbLQev0DXDYKh8tiLVTMMf+Gev2znl8
UXnhsc8Ash0EjUPlA0XMUmka88I2uUsqi/5+Wtea02WVV1Gbos7Q18bXAfL2bxrX
hSd3/HSZvK0/5JMaYMVowbK923qtuZfj087xU+x+sjfwhCbQ92r3qn5MhwuyZ0i3
6sP5D3jonO2rEPTwgH0xWbWvX/IorYft8E2x7K0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQzWza54OTA20oqTWTPoDxVyRvKeDAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L00xczJ1ZURrd050S0trMWt6NkE4VmNrYnluZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAJJ4WQMEAJJ4YDANBgkqhkiG9w0B
AQsFAAOCAQEAabRqC+Hn3a4ptgWjm4tTJNpR823MQMjUqla6ADCF0vE38zWI9Pi6
2wUfmJJxBfeWtE6jaXdgJfkRCi/euZM2/sNTyu3F/Ik/aypxaxGFfeJkEPRrKOvr
bT31bxrAKuzhLYOxMd9couoChG+6Hnfbjhmd7DkpmdAZXwLGnIPDVOqA4AEsLpct
APMvabT2rLLs0UPF9DbZ/lqz5AT8f8+P18cTrw6GAiMHLihKC8gLaP8KHc7jEffP
DNpcygUTDgACWRI6aqL7Yd+jLkjzD1faj+6LBAGZGR3K3rPCc7evKmXJJ9U+rcxM
FLkeXV3R3EGIGxGFQhMTfSOQGGPNLFt6bA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:50 2025 by rpki-client