Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lt7YONDX_VfGrs3V-lS1IFcUYz8.roa
File: lt7YONDX_VfGrs3V-lS1IFcUYz8.roa (raw, json)
Hash identifier: t+N9G+FQFfRYIwenTAKBXOLkZZ4ZwTJ1+R7WkBufSUs=
Subject key identifier: 96:DE:D8:38:D0:D7:FD:57:C6:AE:CD:D5:FA:54:B5:20:57:14:63:3F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570954084131D9F1C0C76C9AF226C5B9B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lt7YONDX_VfGrs3V-lS1IFcUYz8.roa
Signing time: Mon 02 Jan 2023 03:45:07 +0000
ROA not before: Mon 02 Jan 2023 03:45:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49376
IP address blocks: 146.120.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:40:84:13:1d:9f:1c:0c:76:c9:af:22:6c:5b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96ded838d0d7fd57c6aecdd5fa54b5205714633f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:36:88:56:84:45:bf:7e:5d:68:ad:fc:57:ff:
de:f8:45:68:6c:98:39:ee:3d:72:ca:f3:8b:71:0a:
9d:ce:6c:fb:10:75:c3:52:8c:58:91:e4:40:08:1a:
ad:85:5d:c6:58:d4:51:4f:11:38:b8:2c:f8:f6:51:
02:f0:d1:f5:a0:fc:9c:d7:7d:3f:7a:42:ab:0b:82:
ec:f8:b9:5c:25:32:b5:6a:35:04:a4:4d:57:de:60:
2b:a5:2b:47:b1:92:bd:ac:84:0d:f0:9e:fb:b7:70:
e0:21:5d:78:9a:fa:58:22:ca:dd:ad:ff:f5:0d:90:
bf:81:de:be:5f:bc:9a:05:5f:b7:b7:c5:9c:15:b9:
1c:7a:10:88:b5:2e:3d:71:e0:f5:7b:a7:4b:31:20:
c3:4e:51:da:b7:ee:18:cb:91:1d:fb:46:48:25:db:
83:15:9d:be:37:93:39:7f:65:28:cb:d3:ba:92:2c:
36:11:5b:1f:a6:97:7e:cf:3d:df:d3:1d:ea:e9:9d:
ab:00:5c:6c:a4:c2:95:3f:57:ec:2e:85:aa:e3:22:
01:20:33:00:f7:bf:bb:e9:52:0b:db:39:d0:ed:26:
ea:e6:b7:33:a8:4f:20:42:a3:60:bd:4e:3a:7a:d0:
b1:8c:a0:05:bf:15:0b:74:74:fe:81:57:a4:0f:0b:
b4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DE:D8:38:D0:D7:FD:57:C6:AE:CD:D5:FA:54:B5:20:57:14:63:3F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lt7YONDX_VfGrs3V-lS1IFcUYz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.207.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:c9:ae:07:24:b3:e6:73:42:f4:08:05:30:76:f3:3f:82:b7:
e1:f6:0c:1a:d4:16:b4:02:32:d9:92:28:b4:73:50:58:c4:98:
37:6b:4d:c1:25:c5:10:02:0f:af:a5:ab:23:cd:54:85:99:b9:
7b:f8:4b:b8:fd:8e:bc:c5:70:b4:3e:03:44:0c:85:ce:5b:83:
33:3b:39:f4:fa:94:43:a2:1d:dc:f2:37:a3:40:03:f2:8b:bc:
0b:88:f3:6e:79:5f:90:91:93:f9:e1:71:3b:e7:a0:1a:b9:7c:
f8:6c:b1:f7:c0:82:18:5d:60:56:26:37:28:47:bb:e9:30:dd:
21:8c:6a:5b:8b:7b:64:82:41:69:80:5d:7b:8d:3f:90:53:8e:
1a:e2:b6:e7:6e:f4:92:25:26:f4:0e:97:d5:f5:d8:6e:d4:e3:
13:ea:96:24:ab:35:d6:49:fb:dc:19:58:41:fe:3f:a6:7c:62:
01:3a:23:35:ec:c0:55:4a:92:e5:79:45:bb:7b:76:6b:86:00:
77:81:fe:ac:e2:f4:d5:b1:49:9c:10:0d:2d:c8:0e:10:8a:36:
5c:ea:5d:0a:44:2f:fc:8e:5d:6e:f9:28:30:35:ac:51:1d:21:
da:4c:41:05:f6:d6:9d:5b:1e:cf:b5:91:ac:ff:68:0c:33:4b:
50:12:d1:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlUCEEx2fHAx2ya8ibFubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmRlZDgzOGQwZDdmZDU3YzZhZWNkZDVmYTU0YjUyMDU3MTQ2MzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszaIVoRFv35daK38V//e+EVobJg5
7j1yyvOLcQqdzmz7EHXDUoxYkeRACBqthV3GWNRRTxE4uCz49lEC8NH1oPyc130/
ekKrC4Ls+LlcJTK1ajUEpE1X3mArpStHsZK9rIQN8J77t3DgIV14mvpYIsrdrf/1
DZC/gd6+X7yaBV+3t8WcFbkcehCItS49ceD1e6dLMSDDTlHat+4Yy5Ed+0ZIJduD
FZ2+N5M5f2Uoy9O6kiw2EVsfppd+zz3f0x3q6Z2rAFxspMKVP1fsLoWq4yIBIDMA
97+76VIL2znQ7Sbq5rczqE8gQqNgvU46etCxjKAFvxULdHT+gVekDwu0uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbe2DjQ1/1Xxq7N1fpUtSBXFGM/MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbHQ3WU9ORFhfVmZHcnMzVi1sUzFJRmNVWXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjPMA0G
CSqGSIb3DQEBCwUAA4IBAQALya4HJLPmc0L0CAUwdvM/grfh9gwa1Ba0AjLZkii0
c1BYxJg3a03BJcUQAg+vpasjzVSFmbl7+Eu4/Y68xXC0PgNEDIXOW4MzOzn0+pRD
oh3c8jejQAPyi7wLiPNueV+QkZP54XE756AauXz4bLH3wIIYXWBWJjcoR7vpMN0h
jGpbi3tkgkFpgF17jT+QU44a4rbnbvSSJSb0DpfV9dhu1OMT6pYkqzXWSfvcGVhB
/j+mfGIBOiM17MBVSpLleUW7e3ZrhgB3gf6s4vTVsUmcEA0tyA4QijZc6l0KRC/8
jl1u+SgwNaxRHSHaTEEF9tadWx7PtZGs/2gMM0tQEtFD
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:06 2025 by rpki-client