Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/qzgT3fzeL_tgfShFdDb8ANBKUVA.roa
File: qzgT3fzeL_tgfShFdDb8ANBKUVA.roa (raw, json)
Hash identifier: RpgjFeCs6qXlR+JY/LwtoKRmLRBkNop7cem8sfbaZr8=
Subject key identifier: AB:38:13:DD:FC:DE:2F:FB:60:7D:28:45:74:36:FC:00:D0:4A:51:50
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01879A6FAAFF183DDD620D28A2CA02ED234C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/qzgT3fzeL_tgfShFdDb8ANBKUVA.roa
Signing time: Wed 19 Apr 2023 16:53:42 +0000
ROA not before: Wed 19 Apr 2023 16:53:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200787
IP address blocks: 146.120.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9a:6f:aa:ff:18:3d:dd:62:0d:28:a2:ca:02:ed:23:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Apr 19 16:53:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab3813ddfcde2ffb607d28457436fc00d04a5150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2b:f4:56:6a:93:fa:f0:2f:2d:0a:0f:a6:24:
71:a0:e8:12:34:8f:ea:8e:16:11:90:6f:7c:3c:32:
6c:76:f4:ff:18:5f:01:d9:f6:24:77:72:5b:48:af:
70:65:d0:2a:64:0f:25:4b:eb:e5:a8:36:f0:f0:d9:
b1:20:82:ad:7b:df:1e:f8:4a:d2:f4:3a:47:1d:8b:
8e:11:94:c9:6b:68:9a:5a:a8:40:34:33:f0:aa:99:
a8:9e:70:14:d8:49:8d:ef:02:56:1b:b7:0f:ed:fc:
bd:83:e1:92:21:7e:e7:ca:4a:5f:bc:52:3e:45:51:
ea:d6:7e:09:15:59:78:5b:81:fb:d6:91:8a:6a:85:
be:be:aa:12:a7:5c:56:35:ca:b6:e6:ae:64:4a:7e:
ef:7d:72:38:e4:3b:90:ab:b1:fa:25:ae:e9:0c:dc:
50:a2:14:29:46:a0:aa:a9:f5:2a:1e:91:72:3d:b4:
a9:c1:b2:b5:b0:80:19:5f:7b:19:08:6f:45:94:ed:
26:9c:24:fc:85:53:1b:32:6b:08:c1:d0:78:bc:6a:
53:6a:48:69:79:18:1e:95:ff:39:08:cd:0a:1b:33:
19:ae:95:cc:9b:78:00:ae:46:f0:42:a0:5f:7f:90:
8c:c2:80:fe:d7:6f:ce:38:69:42:6e:ff:8e:de:e5:
e0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:38:13:DD:FC:DE:2F:FB:60:7D:28:45:74:36:FC:00:D0:4A:51:50
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/qzgT3fzeL_tgfShFdDb8ANBKUVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.95.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:1a:14:cb:62:58:8b:fa:c3:b0:71:2f:45:02:b9:d5:16:a3:
16:77:73:b2:8b:c2:ac:e8:38:c7:c6:11:9c:a5:b9:73:56:0e:
bc:32:fe:ed:06:0a:9f:e0:19:39:7c:5c:14:b4:ca:61:b1:2e:
94:b3:e1:76:98:0a:a5:df:c5:39:08:67:15:f2:25:e1:4b:25:
5b:30:6d:71:ce:54:0b:9c:fe:82:c7:83:67:01:6a:55:2e:40:
d8:8b:1d:74:59:a6:0f:b3:08:08:74:23:19:5d:6e:e9:e0:44:
1d:fb:3b:22:81:63:4e:2f:b8:ed:e2:64:66:da:20:27:e4:ec:
fe:4d:44:92:8b:76:3b:0e:90:73:d4:ea:ef:d4:da:94:5e:99:
d6:29:f7:87:4e:30:9d:35:9a:9a:4b:45:f9:88:03:ea:67:3a:
a2:46:b7:c8:24:72:74:8f:69:75:78:79:ab:89:ee:db:37:3f:
eb:32:89:1c:ca:9c:ff:00:d5:18:4c:8d:5e:c8:99:0b:43:7e:
5f:70:72:db:f5:1c:36:7b:13:ce:5a:c7:b3:10:bf:d3:a5:ba:
99:23:5b:ef:47:3c:bd:57:6b:71:ef:00:35:80:e8:ea:44:18:
34:fb:fb:00:6a:86:5f:38:bb:10:42:2b:33:8c:61:e4:8e:19:
98:64:f3:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeab6r/GD3dYg0oosoC7SNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwNDE5MTY1MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjM4MTNkZGZjZGUyZmZiNjA3ZDI4NDU3NDM2ZmMwMGQwNGE1MTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSv0VmqT+vAvLQoPpiRxoOgSNI/q
jhYRkG98PDJsdvT/GF8B2fYkd3JbSK9wZdAqZA8lS+vlqDbw8NmxIIKte98e+ErS
9DpHHYuOEZTJa2iaWqhANDPwqpmonnAU2EmN7wJWG7cP7fy9g+GSIX7nykpfvFI+
RVHq1n4JFVl4W4H71pGKaoW+vqoSp1xWNcq25q5kSn7vfXI45DuQq7H6Ja7pDNxQ
ohQpRqCqqfUqHpFyPbSpwbK1sIAZX3sZCG9FlO0mnCT8hVMbMmsIwdB4vGpTakhp
eRgelf85CM0KGzMZrpXMm3gArkbwQqBff5CMwoD+12/OOGlCbv+O3uXgzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKs4E9383i/7YH0oRXQ2/ADQSlFQMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvcXpnVDNmemVMX3RnZlNoRmREYjhBTkJLVVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknhfMA0G
CSqGSIb3DQEBCwUAA4IBAQCLGhTLYliL+sOwcS9FArnVFqMWd3Oyi8Ks6DjHxhGc
pblzVg68Mv7tBgqf4Bk5fFwUtMphsS6Us+F2mAql38U5CGcV8iXhSyVbMG1xzlQL
nP6Cx4NnAWpVLkDYix10WaYPswgIdCMZXW7p4EQd+zsigWNOL7jt4mRm2iAn5Oz+
TUSSi3Y7DpBz1Orv1NqUXpnWKfeHTjCdNZqaS0X5iAPqZzqiRrfIJHJ0j2l1eHmr
ie7bNz/rMokcypz/ANUYTI1eyJkLQ35fcHLb9Rw2exPOWsezEL/TpbqZI1vvRzy9
V2tx7wA1gOjqRBg0+/sAaoZfOLsQQiszjGHkjhmYZPME
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:23 2025 by rpki-client