Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kCgZmV6hQStZidPT_d3ExS8-JqY.roa
File: kCgZmV6hQStZidPT_d3ExS8-JqY.roa (raw, json)
Hash identifier: ofHvtjXN1n0DBCTEDEPcpEo0LZWpZAHAAV5pcj/GHeE=
Subject key identifier: 90:28:19:99:5E:A1:41:2B:59:89:D3:D3:FD:DD:C4:C5:2F:3E:26:A6
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095274E64E05B649F6DABE6204ED0AB
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kCgZmV6hQStZidPT_d3ExS8-JqY.roa
Signing time: Mon 02 Jan 2023 03:45:01 +0000
ROA not before: Mon 02 Jan 2023 03:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43849
IP address blocks: 146.158.0.0/21 maxlen: 24
146.158.8.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:27:4e:64:e0:5b:64:9f:6d:ab:e6:20:4e:d0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=902819995ea1412b5989d3d3fdddc4c52f3e26a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:78:92:c5:56:e0:7b:d4:40:5d:31:42:c9:d9:
06:12:69:7e:23:38:c8:ee:58:82:ed:05:4f:83:9b:
3b:ee:23:b9:02:a9:61:9a:98:92:a7:a6:73:7a:48:
23:e3:f4:ea:10:af:02:8c:27:04:ce:59:61:c1:39:
d1:ef:a1:4e:85:04:3f:61:ae:e9:56:36:30:8f:73:
2d:c4:ca:f4:4b:2f:0a:63:c7:2c:1e:ce:30:65:a5:
4a:b4:18:8c:31:99:a1:81:39:2b:c7:52:11:e4:f8:
74:13:91:0e:3c:9e:82:c8:6f:99:74:10:08:68:d7:
ea:1a:5c:7e:f0:4f:5d:07:2c:a3:ce:ba:23:ef:c8:
a4:d5:07:7b:67:4a:28:b6:83:8e:ab:1b:31:01:4b:
27:1f:f9:16:68:1c:ef:bc:b5:cd:56:e5:ac:e7:f5:
18:55:d6:9c:75:34:a6:b2:42:54:76:f9:9d:84:05:
bd:e2:f4:87:78:33:d0:69:9a:ff:0a:d7:3b:98:2c:
a4:a2:a6:49:40:44:17:4f:e6:94:cc:d2:32:9a:bd:
db:83:a7:b1:21:51:b3:5e:84:69:ec:bc:29:f5:ae:
ec:ca:4f:d3:07:41:22:6f:f6:99:b5:86:ca:f0:9f:
e5:a3:e8:f2:bb:07:f5:d8:5f:41:4d:d1:b3:95:c9:
75:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:28:19:99:5E:A1:41:2B:59:89:D3:D3:FD:DD:C4:C5:2F:3E:26:A6
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kCgZmV6hQStZidPT_d3ExS8-JqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.158.0.0-146.158.9.255
Signature Algorithm: sha256WithRSAEncryption
87:65:15:76:50:d6:a9:02:c6:78:fc:24:13:15:61:d1:ea:50:
75:1e:fd:c6:64:41:68:8b:ad:10:4b:5f:5f:20:ad:9d:f0:1b:
1b:a5:ba:da:8c:58:70:43:81:99:5e:69:36:b3:b3:8d:6c:29:
d0:40:f8:4d:27:d7:06:ea:25:d0:63:1f:5f:4f:81:ca:b5:74:
3a:34:36:4d:14:a4:fb:65:95:b5:34:bd:94:e7:b2:fa:a0:74:
2b:d1:a4:c2:60:d1:77:18:3a:f4:83:8f:29:bc:32:a3:79:1f:
0d:98:3b:ac:f2:26:e7:bd:3c:1c:92:30:39:c6:9d:06:5c:fe:
84:55:b1:7c:b2:c5:d5:a2:f1:ee:05:02:fa:71:d6:24:4a:a8:
f9:ea:61:44:f8:78:f5:7f:08:ed:ab:09:e0:ff:d8:96:71:de:
e8:cd:90:a3:fc:96:0d:c3:44:6a:f0:f1:d5:a3:bb:44:bc:56:
24:e9:ee:3f:b6:66:04:cc:27:87:2c:d0:af:d4:6d:29:6e:60:
2c:07:5d:f1:ad:2d:56:72:0c:3c:6e:bd:07:7f:76:bf:42:3e:
01:a2:ae:75:ab:85:8c:3a:27:d8:60:23:f5:ed:ea:a1:4f:8b:
e0:17:f1:b1:c0:ba:a1:23:df:40:f6:69:4e:67:a0:b5:b1:8a:
ab:e7:dd:4c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVwlSdOZOBbZJ9tq+YgTtCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDI4MTk5OTVlYTE0MTJiNTk4OWQzZDNmZGRkYzRjNTJmM2UyNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHiSxVbge9RAXTFCydkGEml+IzjI
7liC7QVPg5s77iO5AqlhmpiSp6Zzekgj4/TqEK8CjCcEzllhwTnR76FOhQQ/Ya7p
VjYwj3MtxMr0Sy8KY8csHs4wZaVKtBiMMZmhgTkrx1IR5Ph0E5EOPJ6CyG+ZdBAI
aNfqGlx+8E9dByyjzroj78ik1Qd7Z0ootoOOqxsxAUsnH/kWaBzvvLXNVuWs5/UY
VdacdTSmskJUdvmdhAW94vSHeDPQaZr/Ctc7mCykoqZJQEQXT+aUzNIymr3bg6ex
IVGzXoRp7Lwp9a7syk/TB0Eib/aZtYbK8J/lo+jyuwf12F9BTdGzlcl1mwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFJAoGZleoUErWYnT0/3dxMUvPiamMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEva0NnWm1WNmhRU3RaaWRQVF9kM0V4UzgtSnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwGSngME
AZKeCDANBgkqhkiG9w0BAQsFAAOCAQEAh2UVdlDWqQLGePwkExVh0epQdR79xmRB
aIutEEtfXyCtnfAbG6W62oxYcEOBmV5pNrOzjWwp0ED4TSfXBuol0GMfX0+ByrV0
OjQ2TRSk+2WVtTS9lOey+qB0K9GkwmDRdxg69IOPKbwyo3kfDZg7rPIm5708HJIw
OcadBlz+hFWxfLLF1aLx7gUC+nHWJEqo+ephRPh49X8I7asJ4P/YlnHe6M2Qo/yW
DcNEavDx1aO7RLxWJOnuP7ZmBMwnhyzQr9RtKW5gLAdd8a0tVnIMPG69B392v0I+
AaKudauFjDon2GAj9e3qoU+L4BfxscC6oSPfQPZpTmegtbGKq+fdTA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:42 2025 by rpki-client