Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dAuqXxGfJIUaGKGHTnaxWqz9NlI.roa
File: dAuqXxGfJIUaGKGHTnaxWqz9NlI.roa (raw, json)
Hash identifier: 2AxsN0JJKrHC7VKcf0UotRhzC4Ib0NiL7+Z7L9mgqbE=
Subject key identifier: 74:0B:AA:5F:11:9F:24:85:1A:18:A1:87:4E:76:B1:5A:AC:FD:36:52
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570952319037FE0F3F70005B484F29F69
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dAuqXxGfJIUaGKGHTnaxWqz9NlI.roa
Signing time: Mon 02 Jan 2023 03:45:00 +0000
ROA not before: Mon 02 Jan 2023 03:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42782
IP address blocks: 146.120.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:23:19:03:7f:e0:f3:f7:00:05:b4:84:f2:9f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=740baa5f119f24851a18a1874e76b15aacfd3652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b0:6d:cb:f4:44:55:8d:f1:59:7b:a4:98:c0:
56:47:9d:3f:24:d9:52:d5:86:c9:16:34:3a:8c:06:
d6:06:db:24:21:39:0f:59:a9:f8:96:f4:21:d9:9e:
52:09:7b:de:ee:61:d2:f3:34:f5:7e:d2:eb:4d:f3:
7e:c0:9d:9f:90:c0:1d:c1:ee:58:82:72:c0:69:2f:
a5:81:95:95:99:43:84:61:a4:f1:ac:37:6c:f6:cc:
77:2e:84:12:46:e7:83:08:9c:00:4f:ea:4b:85:c1:
8e:2c:c2:9c:a9:c1:51:e4:e8:bc:b0:47:48:4a:f7:
a7:0f:58:a9:a8:62:6a:d8:42:15:70:d0:44:e0:80:
fc:30:3c:6e:42:92:42:57:2d:b0:20:6e:7e:49:60:
f6:cf:f9:91:c4:6e:ac:7c:9f:b3:77:b0:01:3b:5f:
99:79:6a:2e:8f:4b:1f:26:24:8f:7e:af:ff:87:03:
c5:c1:73:19:7a:a6:4a:dc:ef:63:08:42:a3:49:d6:
ce:45:5b:bb:c3:70:03:6e:9f:55:b2:76:3d:79:ff:
ae:1f:0d:f0:e6:bf:3c:d4:d6:18:c3:36:62:76:64:
86:70:37:69:7d:e2:77:ab:bb:77:93:d0:4f:c5:3b:
35:fa:d6:81:ab:80:eb:6e:f5:8b:6e:2c:a6:4d:99:
92:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:0B:AA:5F:11:9F:24:85:1A:18:A1:87:4E:76:B1:5A:AC:FD:36:52
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dAuqXxGfJIUaGKGHTnaxWqz9NlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.198.0/24
Signature Algorithm: sha256WithRSAEncryption
84:09:cf:5e:76:db:31:8d:8c:fb:81:7b:58:26:9f:2d:30:7c:
9f:fa:51:71:7b:12:20:2f:c7:a4:12:0a:ea:13:3c:f3:89:2d:
db:97:74:90:79:76:ea:94:e4:9b:2b:84:21:55:0c:c8:e7:04:
5a:f7:99:67:4c:26:ff:ad:b8:23:fc:0f:60:0c:07:52:a7:76:
d6:b3:5c:c8:d4:63:89:d6:d9:77:9f:f2:8d:2a:1d:d7:7c:32:
e4:7c:28:26:4a:b2:f1:ef:c7:e7:78:b8:a8:d6:2a:ff:a2:64:
e1:52:54:9c:7b:79:8e:59:0b:f3:39:a8:07:30:b7:dd:7e:f5:
0e:a2:80:37:8f:a5:56:43:7a:c3:62:c4:af:7d:38:b2:1f:2d:
a1:80:70:2a:53:76:60:01:8a:9c:e9:25:d5:b4:21:c2:5d:8a:
e4:01:63:0d:ff:8d:fa:7f:ab:58:13:f0:36:4b:77:ad:2d:5a:
5b:40:99:7d:20:43:0a:e2:2f:67:b9:76:5c:ff:10:7e:0a:ed:
2c:f3:ce:4f:69:9a:6d:84:84:71:90:a9:0f:c5:c2:9d:b9:32:
25:0f:4c:27:6d:65:17:f3:1d:29:bc:01:e0:99:da:f2:22:92:
47:e3:16:8c:20:d7:f0:b8:dd:17:b2:46:14:c3:c0:c1:e7:c4:
7e:c4:37:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlSMZA3/g8/cABbSE8p9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDBiYWE1ZjExOWYyNDg1MWExOGExODc0ZTc2YjE1YWFjZmQzNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrBty/REVY3xWXukmMBWR50/JNlS
1YbJFjQ6jAbWBtskITkPWan4lvQh2Z5SCXve7mHS8zT1ftLrTfN+wJ2fkMAdwe5Y
gnLAaS+lgZWVmUOEYaTxrDds9sx3LoQSRueDCJwAT+pLhcGOLMKcqcFR5Oi8sEdI
SvenD1ipqGJq2EIVcNBE4ID8MDxuQpJCVy2wIG5+SWD2z/mRxG6sfJ+zd7ABO1+Z
eWouj0sfJiSPfq//hwPFwXMZeqZK3O9jCEKjSdbORVu7w3ADbp9VsnY9ef+uHw3w
5r881NYYwzZidmSGcDdpfeJ3q7t3k9BPxTs1+taBq4DrbvWLbiymTZmSfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQLql8RnySFGhihh052sVqs/TZSMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZEF1cVh4R2ZKSVVhR0tHSFRuYXhXcXo5TmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjGMA0G
CSqGSIb3DQEBCwUAA4IBAQCECc9edtsxjYz7gXtYJp8tMHyf+lFxexIgL8ekEgrq
EzzziS3bl3SQeXbqlOSbK4QhVQzI5wRa95lnTCb/rbgj/A9gDAdSp3bWs1zI1GOJ
1tl3n/KNKh3XfDLkfCgmSrLx78fneLio1ir/omThUlSce3mOWQvzOagHMLfdfvUO
ooA3j6VWQ3rDYsSvfTiyHy2hgHAqU3ZgAYqc6SXVtCHCXYrkAWMN/436f6tYE/A2
S3etLVpbQJl9IEMK4i9nuXZc/xB+Cu0s885PaZpthIRxkKkPxcKduTIlD0wnbWUX
8x0pvAHgmdryIpJH4xaMINfwuN0XskYUw8DB58R+xDd7
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:30 2025 by rpki-client