Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/U6ZneDKy4qYsVl1yClowBsoja8U.roa
File: U6ZneDKy4qYsVl1yClowBsoja8U.roa (raw, json)
Hash identifier: +O+f8KgamOXBJWiLYJQPsL9e8+I4HaOPSCUgRrnrGTI=
Subject key identifier: 53:A6:67:78:32:B2:E2:A6:2C:56:5D:72:0A:5A:30:06:CA:23:6B:C5
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 278506F8
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/U6ZneDKy4qYsVl1yClowBsoja8U.roa
Signing time: Sat 01 Jan 2022 16:08:12 +0000
ROA not before: Sat 01 Jan 2022 16:08:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42782
IP address blocks: 146.120.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 663029496 (0x278506f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53a6677832b2e2a62c565d720a5a3006ca236bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b6:41:24:37:ac:17:18:27:4f:f7:5f:b3:9b:
5c:c9:4c:d2:f9:ff:fb:20:0c:b6:59:f1:02:f3:72:
a0:3d:53:bd:51:f1:86:a2:f4:4a:9b:5a:b4:9a:67:
5a:08:61:93:ff:6e:df:c1:7e:ff:3c:f3:a4:7b:2d:
78:ba:05:ae:e3:c4:16:37:eb:a6:0f:07:4d:2f:93:
da:49:97:19:52:20:e2:25:93:61:48:f3:f9:5a:1c:
a5:72:b6:3f:9e:85:d1:6f:55:7d:dc:f8:bd:07:3f:
57:66:4b:68:09:8b:cb:9f:da:4d:df:93:bc:e7:b6:
fa:6f:4f:e9:65:c7:fd:47:2d:9c:5d:06:ce:05:44:
dc:3d:24:2f:2e:e9:b8:7a:32:76:1b:18:1b:25:34:
81:49:c1:84:2a:b1:30:7c:41:ba:6e:20:b3:fd:2f:
6b:f7:bf:ad:3d:f2:d0:61:48:cf:08:28:54:ea:43:
f4:a6:89:60:89:a5:aa:ba:06:03:d4:a9:54:35:3c:
d0:93:80:3a:90:50:cc:88:74:21:20:7c:b2:81:65:
9b:cc:da:ee:6a:82:76:94:97:be:9f:b6:77:a5:cd:
f2:b6:e6:f1:50:66:13:85:6b:15:83:49:9d:c5:cf:
d7:b2:ad:b1:17:fe:59:98:a4:2a:11:24:ed:67:ee:
01:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A6:67:78:32:B2:E2:A6:2C:56:5D:72:0A:5A:30:06:CA:23:6B:C5
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/U6ZneDKy4qYsVl1yClowBsoja8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.198.0/24
Signature Algorithm: sha256WithRSAEncryption
51:34:49:86:96:3f:b7:86:4c:99:2b:8d:00:64:8b:0e:97:2f:
95:17:4b:04:bb:4f:06:12:42:2f:00:6b:dd:3a:dd:b8:d1:22:
ef:77:a5:3a:3a:53:bb:35:f6:bc:44:4c:ea:a3:21:ed:75:f1:
69:64:3a:76:6a:8b:b9:54:14:a9:d8:47:aa:5d:cd:90:c4:b0:
06:f1:a7:18:14:21:9c:95:ad:54:bf:9f:47:22:b0:30:df:9b:
1d:c1:48:0d:15:35:66:2a:37:e7:ac:7f:ac:26:36:7d:5d:a7:
fe:29:0e:f1:92:15:58:e0:86:8c:b7:2b:ab:cd:eb:73:cb:9b:
04:60:10:7d:dc:b3:10:7e:f3:27:97:7f:4d:f4:e1:0c:29:7f:
95:5a:8e:7f:a2:e6:51:ad:41:ad:cd:8d:61:5c:cc:f2:c7:33:
3a:98:ba:78:77:74:cb:52:b1:3c:7b:0d:0c:ff:4b:ef:f1:c6:
c5:a0:05:c6:53:32:ef:9a:f7:46:3a:9c:22:aa:f0:15:fa:f3:
01:87:81:58:31:e9:6f:93:74:5b:e0:65:29:47:ec:e0:46:97:
e6:eb:31:78:c6:ab:4a:30:b7:a6:64:30:f2:36:87:00:e8:c1:
b0:44:73:1a:de:1c:e5:55:0d:e3:84:6a:68:b0:5b:07:4f:7a:
b6:92:57:8f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJ4UG+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNhNjY3NzgzMmIy
ZTJhNjJjNTY1ZDcyMGE1YTMwMDZjYTIzNmJjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+2QSQ3rBcYJ0/3X7ObXMlM0vn/+yAMtlnxAvNyoD1TvVHx
hqL0SptatJpnWghhk/9u38F+/zzzpHsteLoFruPEFjfrpg8HTS+T2kmXGVIg4iWT
YUjz+VocpXK2P56F0W9Vfdz4vQc/V2ZLaAmLy5/aTd+TvOe2+m9P6WXH/UctnF0G
zgVE3D0kLy7puHoydhsYGyU0gUnBhCqxMHxBum4gs/0va/e/rT3y0GFIzwgoVOpD
9KaJYImlqroGA9SpVDU80JOAOpBQzIh0ISB8soFlm8za7mqCdpSXvp+2d6XN8rbm
8VBmE4VrFYNJncXP17KtsRf+WZikKhEk7WfuAWUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRTpmd4MrLipixWXXIKWjAGyiNrxTAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L1U2Wm5lREt5NHFZc1ZsMXlDbG93QnNvamE4VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJJ4xjANBgkqhkiG9w0BAQsFAAOC
AQEAUTRJhpY/t4ZMmSuNAGSLDpcvlRdLBLtPBhJCLwBr3TrduNEi73elOjpTuzX2
vERM6qMh7XXxaWQ6dmqLuVQUqdhHql3NkMSwBvGnGBQhnJWtVL+fRyKwMN+bHcFI
DRU1Zio356x/rCY2fV2n/ikO8ZIVWOCGjLcrq83rc8ubBGAQfdyzEH7zJ5d/TfTh
DCl/lVqOf6LmUa1Brc2NYVzM8sczOpi6eHd0y1KxPHsNDP9L7/HGxaAFxlMy75r3
RjqcIqrwFfrzAYeBWDHpb5N0W+BlKUfs4EaX5usxeMarSjC3pmQw8jaHAOjBsERz
Gt4c5VUN44RqaLBbB096tpJXjw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:42 2023 by rpki-client on console-fra.rpki-client.org