Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/sX0xZ2T4UWhcp1--KSaP1m2TTKY.roa
File: sX0xZ2T4UWhcp1--KSaP1m2TTKY.roa (raw, json)
Hash identifier: w/OcQnHWJjBNzHumgVwsGUwu20LzCIzjq/pc0KdQCrU=
Subject key identifier: B1:7D:31:67:64:F8:51:68:5C:A7:5F:BE:29:26:8F:D6:6D:93:4C:A6
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 277F311F
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/sX0xZ2T4UWhcp1--KSaP1m2TTKY.roa
Signing time: Sat 01 Jan 2022 16:08:10 +0000
ROA not before: Sat 01 Jan 2022 16:08:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42209
IP address blocks: 146.120.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 662647071 (0x277f311f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b17d316764f851685ca75fbe29268fd66d934ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f0:f7:8b:3e:9f:ef:a3:3a:fb:e0:1b:ef:f4:
71:60:7a:6a:69:05:14:12:d1:9b:f9:82:98:76:e6:
00:07:cd:fe:99:56:df:25:f5:8b:fd:19:5e:fe:3a:
11:2d:c0:ea:bf:48:46:31:23:5d:4c:10:08:35:76:
4c:bd:f5:fc:e0:04:1d:66:9e:93:9d:2e:46:ae:f3:
2b:f2:19:e2:07:f5:91:7a:ef:69:b5:fa:9b:e0:e5:
83:f8:5b:a8:8d:af:8b:ba:98:1a:63:0c:d5:07:71:
9a:5f:d0:c3:43:f2:68:a6:77:7f:b9:8d:0e:02:e7:
c5:da:74:23:e1:c5:ac:f3:01:a9:e9:4e:5e:c4:11:
05:66:a5:81:bd:50:71:9b:60:fc:78:43:b9:3a:8b:
8b:25:f9:14:fe:d0:e7:cf:00:01:7b:56:9b:84:2c:
2a:7e:5e:e9:12:07:39:d8:fa:ff:c0:a1:ca:8f:ef:
60:6d:c4:23:03:c9:4b:22:56:06:30:f3:ed:11:4c:
c6:0b:19:8d:18:cb:a7:01:88:01:aa:82:46:45:9b:
87:f8:4b:60:1c:83:11:c7:39:28:2e:96:ba:85:12:
ee:21:c7:1e:33:e1:99:23:53:07:cf:82:e7:c4:4f:
8e:9d:a6:27:b5:ee:cc:d3:93:ea:99:35:59:05:d2:
cb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:7D:31:67:64:F8:51:68:5C:A7:5F:BE:29:26:8F:D6:6D:93:4C:A6
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/sX0xZ2T4UWhcp1--KSaP1m2TTKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.214.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:da:d0:e8:24:76:09:20:0c:2d:40:bc:3b:dd:3f:f3:40:23:
09:28:de:5b:74:83:70:23:b1:db:02:54:9e:43:2a:bf:98:94:
5b:2f:6c:f4:c6:c5:a6:dc:1c:fd:76:75:cf:df:1b:c8:62:50:
de:5b:fb:c7:f7:7a:e4:93:67:50:49:07:16:d3:1c:f4:fe:81:
3c:9d:86:d1:58:be:6b:17:1f:07:a1:da:df:51:60:e7:7a:b9:
8e:fa:d2:5f:5a:ad:77:6a:63:c0:8a:69:f5:67:7d:ec:b9:4b:
3e:e6:8e:c2:b7:61:30:1b:cd:00:1b:20:ba:33:ad:33:de:33:
ed:c4:cd:c4:31:04:e6:45:ef:9b:63:25:d3:19:66:79:65:f2:
5c:c3:5f:24:22:e8:54:d2:22:0d:e1:3f:06:3a:9b:aa:b9:91:
7b:b2:c0:a6:3e:70:e9:f7:c2:94:33:d9:6c:8b:5e:61:78:be:
3c:92:90:61:83:2f:50:a9:d6:7e:b1:5a:b0:3f:e2:83:19:07:
8b:30:ee:8b:3c:bf:42:62:ab:6f:8b:8a:71:0f:e0:7a:59:c4:
d6:8b:71:5c:46:fb:57:04:c1:d8:f5:7d:7e:69:f8:1a:66:af:
c3:21:8d:f8:d9:c8:32:3a:f4:90:8c:b0:72:ed:38:00:6f:35:
e0:2b:c2:cd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJ38xHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjE3ZDMxNjc2NGY4
NTE2ODVjYTc1ZmJlMjkyNjhmZDY2ZDkzNGNhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfw94s+n++jOvvgG+/0cWB6amkFFBLRm/mCmHbmAAfN/plW
3yX1i/0ZXv46ES3A6r9IRjEjXUwQCDV2TL31/OAEHWaek50uRq7zK/IZ4gf1kXrv
abX6m+Dlg/hbqI2vi7qYGmMM1Qdxml/Qw0PyaKZ3f7mNDgLnxdp0I+HFrPMBqelO
XsQRBWalgb1QcZtg/HhDuTqLiyX5FP7Q588AAXtWm4QsKn5e6RIHOdj6/8Chyo/v
YG3EIwPJSyJWBjDz7RFMxgsZjRjLpwGIAaqCRkWbh/hLYByDEcc5KC6WuoUS7iHH
HjPhmSNTB8+C58RPjp2mJ7XuzNOT6pk1WQXSy5kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSxfTFnZPhRaFynX74pJo/WbZNMpjAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L3NYMHhaMlQ0VVdoY3AxLS1LU2FQMW0yVFRLWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJJ41jANBgkqhkiG9w0BAQsFAAOC
AQEAPdrQ6CR2CSAMLUC8O90/80AjCSjeW3SDcCOx2wJUnkMqv5iUWy9s9MbFptwc
/XZ1z98byGJQ3lv7x/d65JNnUEkHFtMc9P6BPJ2G0Vi+axcfB6Ha31Fg53q5jvrS
X1qtd2pjwIpp9Wd97LlLPuaOwrdhMBvNABsgujOtM94z7cTNxDEE5kXvm2Ml0xlm
eWXyXMNfJCLoVNIiDeE/BjqbqrmRe7LApj5w6ffClDPZbIteYXi+PJKQYYMvUKnW
frFasD/igxkHizDuizy/QmKrb4uKcQ/gelnE1otxXEb7VwTB2PV9fmn4GmavwyGN
+NnIMjr0kIywcu04AG814CvCzQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:42 2023 by rpki-client on console-fra.rpki-client.org