Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/OaGXPDT3kSY0hZ6cZn5vUlyrVOI.roa
File: OaGXPDT3kSY0hZ6cZn5vUlyrVOI.roa (raw, json)
Hash identifier: iOcaxLKSlJpFOvehoJHAnzBHrnhmZR1OgWFLI+221SE=
Subject key identifier: 39:A1:97:3C:34:F7:91:26:34:85:9E:9C:66:7E:6F:52:5C:AB:54:E2
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570959D61A45E8F3CE7288FBAFE009A45
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/OaGXPDT3kSY0hZ6cZn5vUlyrVOI.roa
Signing time: Mon 02 Jan 2023 03:45:31 +0000
ROA not before: Mon 02 Jan 2023 03:45:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204875
IP address blocks: 146.120.248.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:9d:61:a4:5e:8f:3c:e7:28:8f:ba:fe:00:9a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39a1973c34f7912634859e9c667e6f525cab54e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b4:26:f4:dc:bc:00:41:22:80:40:c5:6a:5d:
1b:bb:f1:78:60:18:24:b9:9d:34:c0:0d:c1:3c:f5:
63:83:fd:67:7a:47:3c:94:39:34:aa:9c:90:7d:e1:
07:33:4b:67:b2:9a:39:ee:88:5e:d9:42:9d:c2:6d:
7f:d9:fb:83:cf:0c:c5:13:c4:83:dd:9e:5f:8f:3b:
d8:5f:a0:eb:fa:c9:78:b1:cc:7e:70:53:3c:ed:d1:
41:01:6b:6d:48:d9:c7:6b:7b:83:b2:11:77:ee:e4:
09:83:da:a8:73:46:ae:e4:5e:bc:73:aa:78:3a:87:
89:48:2c:b4:52:8d:e7:e9:d0:4c:6e:dd:f4:43:78:
31:cb:ba:15:75:f7:f7:70:90:4f:d4:16:4e:22:8a:
81:68:07:35:1f:16:be:b3:43:b5:0f:eb:c7:2e:62:
ee:15:11:f8:fd:04:2a:bf:0a:b1:08:2b:77:14:96:
dc:50:6c:09:56:8e:4b:f3:bd:73:d4:98:37:b0:a9:
82:45:88:73:99:5c:1d:a4:ff:9a:44:71:71:ab:0c:
2d:fb:c7:be:1c:bd:b7:9f:03:3c:cc:83:a1:e0:82:
6b:71:fb:35:1a:51:de:03:f9:04:a7:77:8c:fb:16:
92:62:f7:20:b7:e8:0d:3e:60:63:db:a6:74:9a:ea:
17:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:A1:97:3C:34:F7:91:26:34:85:9E:9C:66:7E:6F:52:5C:AB:54:E2
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/OaGXPDT3kSY0hZ6cZn5vUlyrVOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.248.0/22
Signature Algorithm: sha256WithRSAEncryption
74:dc:e7:f3:bb:37:b4:99:31:3c:72:8e:f0:69:48:ad:67:37:
2c:21:72:4f:e3:59:e3:47:e2:4b:3b:12:d8:02:6c:5a:b9:f5:
fd:21:f2:12:d7:7d:fc:a0:fb:4a:0e:24:33:39:2a:8f:6f:d3:
44:45:19:8c:a4:5d:c2:ad:6d:5d:61:ae:79:02:ce:b3:31:9f:
ab:4c:b1:2f:bf:e2:4e:ee:b2:7c:3b:93:c9:c0:29:e1:c9:c2:
d9:4d:05:c6:e7:0d:bd:31:ef:05:e2:f1:b2:e8:01:9f:46:62:
46:e5:46:3f:25:e2:5f:50:0b:c0:88:f1:4a:19:87:92:98:d2:
51:e2:f3:5a:ec:22:06:6f:32:06:14:d7:7b:bc:88:30:d3:bf:
34:f8:67:95:77:1d:76:8b:27:1d:66:ce:e0:a2:b2:53:28:3d:
22:11:fb:f7:fd:eb:48:6d:1b:eb:29:20:5d:c3:5c:fe:96:94:
0d:50:ee:f0:ba:e3:0b:f7:d0:7a:b0:bd:01:35:29:6f:50:79:
25:1b:6e:d5:68:87:10:d7:16:22:e5:1b:db:03:dc:b0:ce:b5:
03:24:b7:b7:9a:ed:36:b8:6f:92:8a:91:ab:23:42:0b:22:f7:
5e:94:ac:c2:a4:eb:76:b3:a9:02:9c:d1:3d:d0:8d:1f:77:3f:
ca:e2:ae:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlZ1hpF6PPOcoj7r+AJpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWExOTczYzM0Zjc5MTI2MzQ4NTllOWM2NjdlNmY1MjVjYWI1NGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbQm9Ny8AEEigEDFal0bu/F4YBgk
uZ00wA3BPPVjg/1nekc8lDk0qpyQfeEHM0tnspo57ohe2UKdwm1/2fuDzwzFE8SD
3Z5fjzvYX6Dr+sl4scx+cFM87dFBAWttSNnHa3uDshF37uQJg9qoc0au5F68c6p4
OoeJSCy0Uo3n6dBMbt30Q3gxy7oVdff3cJBP1BZOIoqBaAc1Hxa+s0O1D+vHLmLu
FRH4/QQqvwqxCCt3FJbcUGwJVo5L871z1Jg3sKmCRYhzmVwdpP+aRHFxqwwt+8e+
HL23nwM8zIOh4IJrcfs1GlHeA/kEp3eM+xaSYvcgt+gNPmBj26Z0muoXGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmhlzw095EmNIWenGZ+b1Jcq1TiMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvT2FHWFBEVDNrU1kwaFo2Y1puNXZVbHlyVk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCknj4MA0G
CSqGSIb3DQEBCwUAA4IBAQB03Ofzuze0mTE8co7waUitZzcsIXJP41njR+JLOxLY
AmxaufX9IfIS1338oPtKDiQzOSqPb9NERRmMpF3CrW1dYa55As6zMZ+rTLEvv+JO
7rJ8O5PJwCnhycLZTQXG5w29Me8F4vGy6AGfRmJG5UY/JeJfUAvAiPFKGYeSmNJR
4vNa7CIGbzIGFNd7vIgw0780+GeVdx12iycdZs7gorJTKD0iEfv3/etIbRvrKSBd
w1z+lpQNUO7wuuML99B6sL0BNSlvUHklG27VaIcQ1xYi5RvbA9ywzrUDJLe3mu02
uG+SipGrI0ILIvdelKzCpOt2s6kCnNE90I0fdz/K4q7h
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:00:36 2025 by rpki-client