Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/N2oG7QKn2QWS0CJeEj3Ixz-bHsU.roa
File: N2oG7QKn2QWS0CJeEj3Ixz-bHsU.roa (raw, json)
Hash identifier: D3FDVx2JEurIXlB11sJyL8DWt6MnErWRbNSZHsW+soA=
Subject key identifier: 37:6A:06:ED:02:A7:D9:05:92:D0:22:5E:12:3D:C8:C7:3F:9B:1E:C5
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 278D1D51
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/N2oG7QKn2QWS0CJeEj3Ixz-bHsU.roa
Signing time: Sat 01 Jan 2022 16:08:18 +0000
ROA not before: Sat 01 Jan 2022 16:08:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43849
IP address blocks: 146.158.0.0/21 maxlen: 24
146.158.8.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 663559505 (0x278d1d51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=376a06ed02a7d90592d0225e123dc8c73f9b1ec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0e:bb:fa:dd:4d:2d:c1:b1:45:9d:ed:4f:96:
dc:86:00:b2:a0:1e:8d:60:f1:82:13:cc:aa:44:36:
c9:a2:7f:4e:16:dd:aa:4b:a8:6f:31:bc:d2:a9:83:
ad:c0:30:22:bd:92:60:ba:b9:c7:3d:75:df:da:83:
15:5b:a0:36:43:bf:e7:05:45:5a:56:a7:b2:4b:34:
b0:d7:07:1f:ba:fc:84:26:ab:27:49:83:df:18:b4:
34:be:8a:30:48:53:4b:ad:26:5d:08:f8:1d:74:67:
30:a9:ee:cd:26:fa:a9:47:ed:28:ab:84:27:9c:b5:
6d:1b:f5:bf:48:e4:23:2b:0a:33:1f:5b:9f:15:ad:
d6:90:36:0d:71:5e:39:95:7e:8a:b6:a0:b6:b1:a1:
3c:50:6f:fc:00:63:0c:18:ae:17:47:60:22:fe:94:
25:4f:89:fb:dd:d4:29:a9:6c:b7:45:8c:65:91:e1:
0c:c8:ca:6b:11:da:5c:8a:97:19:58:94:99:ca:99:
a4:81:44:35:54:02:43:26:db:d1:fd:45:05:4c:92:
98:0a:d4:30:5f:a7:a2:89:84:25:ec:8f:46:f6:ab:
53:fe:36:02:5b:39:a3:fa:0b:ad:bd:66:33:60:70:
8d:bf:88:c3:b9:31:03:7b:4c:73:50:b6:ed:1e:19:
f3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6A:06:ED:02:A7:D9:05:92:D0:22:5E:12:3D:C8:C7:3F:9B:1E:C5
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/N2oG7QKn2QWS0CJeEj3Ixz-bHsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.158.0.0-146.158.9.255
Signature Algorithm: sha256WithRSAEncryption
9c:c3:c8:36:53:e9:cd:4b:9d:38:c3:83:bd:44:a9:fc:c1:b2:
bc:d7:dc:d9:24:84:fb:50:fa:6a:c5:4a:c6:87:d8:59:24:42:
9e:08:9d:2e:42:d8:9c:ef:c2:d6:67:57:01:0b:0f:91:b1:8d:
fc:f9:7e:f1:59:7d:71:06:5a:dd:4d:49:be:45:4f:63:e4:01:
71:cb:0c:c6:67:35:d1:6e:b4:6f:8d:63:f9:c1:52:86:70:33:
50:50:78:61:28:15:b8:e5:a2:c0:6c:57:91:cf:4e:a0:74:a8:
4a:9d:de:2d:57:d1:25:30:48:40:3b:d7:69:2a:46:29:4c:58:
2e:90:0d:58:ca:83:33:89:f5:85:ab:66:da:ff:47:b1:84:d0:
0b:94:7b:47:fd:31:69:4b:d1:d6:0b:1f:c9:55:99:e3:f9:31:
0e:46:5c:a7:7d:9d:1d:97:b0:a6:6c:c7:2b:1c:73:6d:19:6e:
b4:6a:e7:78:ba:b1:1e:da:48:ad:5d:d9:c4:5a:e9:0a:04:37:
57:aa:36:2e:84:13:3a:a9:ca:26:61:f8:9a:74:a2:41:7f:e4:
0a:ae:e2:4c:fe:a5:7a:7e:78:5e:39:79:b2:5e:a9:4f:2d:11:
8b:30:27:96:f6:0a:ad:8a:fd:33:a9:b8:5e:ca:31:a1:aa:f1:
6e:bd:38:46
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEJ40dUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzc2YTA2ZWQwMmE3
ZDkwNTkyZDAyMjVlMTIzZGM4YzczZjliMWVjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsOu/rdTS3BsUWd7U+W3IYAsqAejWDxghPMqkQ2yaJ/Thbd
qkuobzG80qmDrcAwIr2SYLq5xz1139qDFVugNkO/5wVFWlansks0sNcHH7r8hCar
J0mD3xi0NL6KMEhTS60mXQj4HXRnMKnuzSb6qUftKKuEJ5y1bRv1v0jkIysKMx9b
nxWt1pA2DXFeOZV+iragtrGhPFBv/ABjDBiuF0dgIv6UJU+J+93UKalst0WMZZHh
DMjKaxHaXIqXGViUmcqZpIFENVQCQybb0f1FBUySmArUMF+noomEJeyPRvarU/42
Als5o/oLrb1mM2Bwjb+Iw7kxA3tMc1C27R4Z89UCAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBQ3agbtAqfZBZLQIl4SPcjHP5sexTAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L04yb0c3UUtuMlFXUzBDSmVFajNJeHotYkhzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAm
BggrBgEFBQcBBwEB/wQXMBUwEwQCAAEwDTALAwMBkp4DBAGSnggwDQYJKoZIhvcN
AQELBQADggEBAJzDyDZT6c1LnTjDg71EqfzBsrzX3NkkhPtQ+mrFSsaH2FkkQp4I
nS5C2JzvwtZnVwELD5Gxjfz5fvFZfXEGWt1NSb5FT2PkAXHLDMZnNdFutG+NY/nB
UoZwM1BQeGEoFbjlosBsV5HPTqB0qEqd3i1X0SUwSEA712kqRilMWC6QDVjKgzOJ
9YWrZtr/R7GE0AuUe0f9MWlL0dYLH8lVmeP5MQ5GXKd9nR2XsKZsxyscc20ZbrRq
53i6sR7aSK1d2cRa6QoEN1eqNi6EEzqpyiZh+Jp0okF/5Aqu4kz+pXp+eF45ebJe
qU8tEYswJ5b2Cq2K/TOpuF7KMaGq8W69OEY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:31 2025 by rpki-client