Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/OsktLjnH9IFel7R0P904CWQNFZg.roa
File: OsktLjnH9IFel7R0P904CWQNFZg.roa (raw, json)
Hash identifier: 82Ea7mVzXuoGCu03x3Fc7jCf93HMLP13FtUHZFKITsM=
Subject key identifier: 3A:C9:2D:2E:39:C7:F4:81:5E:97:B4:74:3F:DD:38:09:64:0D:15:98
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095A7997068E4D4541A7BF687D00F72
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/OsktLjnH9IFel7R0P904CWQNFZg.roa
Signing time: Mon 02 Jan 2023 03:45:34 +0000
ROA not before: Mon 02 Jan 2023 03:45:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208538
IP address blocks: 146.120.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:a7:99:70:68:e4:d4:54:1a:7b:f6:87:d0:0f:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ac92d2e39c7f4815e97b4743fdd3809640d1598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:13:51:b7:c8:1d:e4:20:d5:fa:b5:72:25:fa:
ea:c2:c7:02:97:86:6b:39:5a:cf:2f:1b:87:f7:f9:
0d:1e:8d:f6:7d:af:f2:15:1d:69:1a:4c:0c:34:13:
37:3e:a1:11:5d:2b:db:3a:1f:a4:4b:68:41:00:7d:
c6:3f:3d:7a:0a:da:aa:6b:0d:b8:af:ba:72:24:a0:
f4:ee:d6:41:91:3a:37:4a:48:62:20:02:33:92:39:
11:fa:9c:73:7d:a2:a6:c4:eb:c2:84:90:8a:67:3c:
88:29:eb:97:bc:49:1a:51:ce:ce:07:64:69:1b:14:
8f:46:2c:8d:1b:7e:ac:5c:bb:8c:68:9a:6f:6d:0b:
46:62:39:e1:c3:54:81:f1:63:27:84:33:f8:a3:5b:
3d:62:aa:16:e2:1a:e1:b5:8a:ef:ab:f7:ed:6e:aa:
74:24:00:e4:5f:fd:58:c5:d6:54:00:3e:c0:93:48:
52:4f:8f:1e:2d:de:43:f6:c1:45:74:23:15:22:c8:
af:66:2b:6d:9f:6c:31:56:76:2e:7f:0a:7a:4d:35:
03:95:e6:b9:28:b4:8a:a3:12:c7:95:2d:3f:5f:49:
66:4c:8a:da:f8:3c:ac:cf:80:09:66:ab:3f:90:36:
92:11:13:b8:35:00:3e:7d:2f:39:69:70:62:25:6c:
af:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C9:2D:2E:39:C7:F4:81:5E:97:B4:74:3F:DD:38:09:64:0D:15:98
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/OsktLjnH9IFel7R0P904CWQNFZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.227.0/24
Signature Algorithm: sha256WithRSAEncryption
61:00:04:43:f2:4a:83:86:88:41:50:9a:f5:dc:9c:c8:71:d9:
18:e9:63:9e:e0:a9:ce:3f:ea:d7:05:c6:94:7c:d1:cd:b1:bb:
40:7a:9a:4d:81:01:09:3e:21:7e:54:01:b2:cf:67:dc:71:fe:
91:40:06:b5:f2:b5:a1:8e:fd:5b:44:bf:65:24:18:57:79:0b:
af:30:2a:e8:a8:00:46:bb:9d:46:c9:04:d9:68:ed:43:89:30:
c6:dc:32:dc:a2:32:c0:33:b1:a4:2d:28:ad:49:44:02:8e:b4:
6f:8d:34:eb:be:94:b3:30:6d:71:4b:e1:3e:b4:29:90:7a:6d:
19:e7:6e:82:c2:ff:c9:0d:a4:f4:db:ac:b6:8b:15:f1:58:48:
93:b3:1a:4a:39:9c:f4:aa:9c:ee:f3:4c:8a:2e:6f:00:4a:da:
d8:2c:96:1e:49:cf:3f:17:06:32:cb:0d:dc:44:37:f4:16:38:
84:8f:70:d8:f7:01:c9:d3:f0:a7:14:23:14:25:3b:c8:3a:5d:
a0:76:93:e8:e3:b3:09:cc:df:a7:10:32:c2:49:4a:50:af:09:
dd:5c:bf:aa:ac:ce:78:5e:ff:4b:69:c0:3e:15:95:9d:11:53:
0f:c4:da:43:ef:32:7f:12:e0:d5:c9:05:1e:f4:8d:52:21:8b:
f2:34:21:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlaeZcGjk1FQae/aH0A9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWM5MmQyZTM5YzdmNDgxNWU5N2I0NzQzZmRkMzgwOTY0MGQxNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBNRt8gd5CDV+rVyJfrqwscCl4Zr
OVrPLxuH9/kNHo32fa/yFR1pGkwMNBM3PqERXSvbOh+kS2hBAH3GPz16Ctqqaw24
r7pyJKD07tZBkTo3SkhiIAIzkjkR+pxzfaKmxOvChJCKZzyIKeuXvEkaUc7OB2Rp
GxSPRiyNG36sXLuMaJpvbQtGYjnhw1SB8WMnhDP4o1s9YqoW4hrhtYrvq/ftbqp0
JADkX/1YxdZUAD7Ak0hST48eLd5D9sFFdCMVIsivZittn2wxVnYufwp6TTUDlea5
KLSKoxLHlS0/X0lmTIra+Dysz4AJZqs/kDaSERO4NQA+fS85aXBiJWyv+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrJLS45x/SBXpe0dD/dOAlkDRWYMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvT3NrdExqbkg5SUZlbDdSMFA5MDRDV1FORlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjjMA0G
CSqGSIb3DQEBCwUAA4IBAQBhAARD8kqDhohBUJr13JzIcdkY6WOe4KnOP+rXBcaU
fNHNsbtAeppNgQEJPiF+VAGyz2fccf6RQAa18rWhjv1bRL9lJBhXeQuvMCroqABG
u51GyQTZaO1DiTDG3DLcojLAM7GkLSitSUQCjrRvjTTrvpSzMG1xS+E+tCmQem0Z
526Cwv/JDaT026y2ixXxWEiTsxpKOZz0qpzu80yKLm8AStrYLJYeSc8/FwYyyw3c
RDf0FjiEj3DY9wHJ0/CnFCMUJTvIOl2gdpPo47MJzN+nEDLCSUpQrwndXL+qrM54
Xv9LacA+FZWdEVMPxNpD7zJ/EuDVyQUe9I1SIYvyNCFb
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:30 2025 by rpki-client