Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/WPkwa1wQKN7ouXlg_d2WiMURb2w.roa
File: WPkwa1wQKN7ouXlg_d2WiMURb2w.roa (raw, json)
Hash identifier: XblyS1mpjz8Vq/mKr9QVyC3K5HCMlM+964TYUx/Ho+8=
Subject key identifier: 58:F9:30:6B:5C:10:28:DE:E8:B9:79:60:FD:DD:96:88:C5:11:6F:6C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0187C6320E93798CAE8F90483211B3EFEBF7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/WPkwa1wQKN7ouXlg_d2WiMURb2w.roa
Signing time: Fri 28 Apr 2023 04:49:41 +0000
ROA not before: Fri 28 Apr 2023 04:49:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57975
IP address blocks: 146.120.240.0/24 maxlen: 24
146.158.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c6:32:0e:93:79:8c:ae:8f:90:48:32:11:b3:ef:eb:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Apr 28 04:49:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58f9306b5c1028dee8b97960fddd9688c5116f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e8:e4:0a:62:e9:98:42:23:c1:1b:90:44:2c:
90:eb:11:dd:03:c8:fc:d5:91:41:02:70:b5:b6:27:
4f:2f:74:d4:47:ff:51:f2:1f:27:c3:05:64:b2:2e:
69:e1:35:89:14:2c:f5:3e:eb:d7:78:e4:dd:57:e3:
1b:7f:bf:9e:c8:43:22:0e:0b:84:7e:e5:0e:20:6a:
05:96:2d:58:1f:84:50:60:86:0f:d2:25:3d:82:99:
a2:05:5b:a6:1b:ac:f8:fd:4d:2b:a7:10:f6:30:2f:
ff:94:60:55:d2:2b:eb:65:a6:de:84:56:9f:72:ef:
fa:bf:1d:40:08:28:42:9f:04:6d:21:73:8d:c3:05:
31:06:7f:c8:b1:2c:49:78:91:8b:9a:bb:a0:e6:d8:
2e:b5:75:4b:64:83:56:bd:15:c5:d0:fe:fc:d2:3d:
a5:4a:21:5c:e2:24:8a:0f:f5:7a:59:a4:96:b7:82:
e1:07:76:cc:73:bb:7c:b2:ac:ba:11:03:17:ed:48:
e7:6e:b4:58:c6:fd:c8:bf:11:0a:d6:cc:b1:8f:49:
34:09:a5:88:ca:88:a5:7e:bc:e8:fe:d7:5a:c8:2d:
fe:1a:6c:77:99:37:7c:90:5d:a9:d5:c7:74:19:06:
5f:1c:9f:6c:9d:7c:20:b3:8d:33:e3:a3:a8:03:5c:
4e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F9:30:6B:5C:10:28:DE:E8:B9:79:60:FD:DD:96:88:C5:11:6F:6C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/WPkwa1wQKN7ouXlg_d2WiMURb2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.240.0/24
146.158.15.0/24
Signature Algorithm: sha256WithRSAEncryption
05:31:ce:81:d5:e6:0c:f2:65:39:d1:a5:f8:de:94:4b:d9:80:
e6:34:8a:64:61:7c:87:b5:af:a4:94:8c:34:22:b7:a9:b1:2d:
4b:1b:bb:23:c2:d7:30:c8:40:cf:ad:d0:eb:d2:03:b4:da:c9:
2b:b0:3f:88:56:91:81:bc:51:22:e2:33:47:c2:ee:c2:c2:cd:
73:2f:46:59:90:ec:9e:ce:8d:b3:b0:f2:af:95:85:70:d5:e8:
57:2d:96:90:cc:12:6f:38:eb:cf:b6:91:92:42:41:05:db:d2:
c4:2c:40:ed:e2:e3:d2:cc:7e:52:20:b7:e8:5a:c3:4c:0f:94:
09:42:d0:37:37:98:6f:da:13:7a:e8:98:63:ed:42:b9:1e:56:
1c:f6:d0:c0:4e:0b:21:63:87:02:b6:34:5d:3c:2a:74:49:fc:
c6:4e:8e:2d:79:70:a7:42:21:7e:4e:a6:37:0b:bd:a0:77:70:
aa:0b:79:26:e7:67:22:66:06:ec:2b:39:7f:18:56:81:ba:84:
bf:96:bd:ff:c4:36:09:18:59:c2:c9:fe:ce:16:a8:c1:20:10:
15:61:16:12:0c:d1:25:75:08:6d:d2:3c:0e:c2:01:11:c1:0f:
31:d9:b4:72:ae:ef:18:8e:df:4a:23:e2:d5:5b:33:05:a5:26:
63:21:b5:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfGMg6TeYyuj5BIMhGz7+v3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwNDI4MDQ0OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGY5MzA2YjVjMTAyOGRlZThiOTc5NjBmZGRkOTY4OGM1MTE2ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+jkCmLpmEIjwRuQRCyQ6xHdA8j8
1ZFBAnC1tidPL3TUR/9R8h8nwwVksi5p4TWJFCz1PuvXeOTdV+Mbf7+eyEMiDguE
fuUOIGoFli1YH4RQYIYP0iU9gpmiBVumG6z4/U0rpxD2MC//lGBV0ivrZabehFaf
cu/6vx1ACChCnwRtIXONwwUxBn/IsSxJeJGLmrug5tgutXVLZINWvRXF0P780j2l
SiFc4iSKD/V6WaSWt4LhB3bMc7t8sqy6EQMX7UjnbrRYxv3IvxEK1syxj0k0CaWI
yoilfrzo/tdayC3+Gmx3mTd8kF2p1cd0GQZfHJ9snXwgs40z46OoA1xOIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFj5MGtcECje6Ll5YP3dlojFEW9sMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvV1Brd2Exd1FLTjdvdVhsZ19kMldpTVVSYjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAknjwAwQA
kp4PMA0GCSqGSIb3DQEBCwUAA4IBAQAFMc6B1eYM8mU50aX43pRL2YDmNIpkYXyH
ta+klIw0IrepsS1LG7sjwtcwyEDPrdDr0gO02skrsD+IVpGBvFEi4jNHwu7Cws1z
L0ZZkOyezo2zsPKvlYVw1ehXLZaQzBJvOOvPtpGSQkEF29LELEDt4uPSzH5SILfo
WsNMD5QJQtA3N5hv2hN66Jhj7UK5HlYc9tDATgshY4cCtjRdPCp0SfzGTo4teXCn
QiF+TqY3C72gd3CqC3km52ciZgbsKzl/GFaBuoS/lr3/xDYJGFnCyf7OFqjBIBAV
YRYSDNEldQht0jwOwgERwQ8x2bRyru8Yjt9KI+LVWzMFpSZjIbWg
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:12:52 2025 by rpki-client