Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u2SWCzO4goK7AO0gtk9CRccBe_Y.roa
File: u2SWCzO4goK7AO0gtk9CRccBe_Y.roa (raw, json)
Hash identifier: 8KehyuZWHOo1ZievJcoCYjjuc9Xl0YYopB4UcYrdhNE=
Subject key identifier: BB:64:96:0B:33:B8:82:82:BB:00:ED:20:B6:4F:42:45:C7:01:7B:F6
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018ACB0DDC2F4F3493DF421A0E795313788A
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u2SWCzO4goK7AO0gtk9CRccBe_Y.roa
Signing time: Mon 25 Sep 2023 06:36:37 +0000
ROA not before: Mon 25 Sep 2023 06:36:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216261
IP address blocks: 146.158.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:0d:dc:2f:4f:34:93:df:42:1a:0e:79:53:13:78:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Sep 25 06:36:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb64960b33b88282bb00ed20b64f4245c7017bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0f:5c:6c:6f:90:91:8b:30:4c:bc:5f:a2:f2:
fa:e2:06:3f:d1:0b:d4:f9:dd:09:92:28:b2:0a:6b:
f4:47:e0:8e:ad:46:e3:51:dc:0b:e6:90:b4:9e:c1:
4d:f9:86:8e:7d:7a:0c:fb:ac:a7:54:13:e5:6e:97:
09:12:f5:06:5e:79:8f:87:49:5b:a8:26:20:2c:a1:
dd:dd:32:e6:3c:55:94:9a:ef:73:84:2f:84:46:d1:
28:9c:63:ae:ac:34:31:71:71:70:91:d9:52:7c:33:
7c:0d:a3:69:a2:f5:c5:e7:41:2f:77:a3:d5:1c:9d:
91:78:02:c5:f7:7b:67:0d:34:66:6f:90:23:43:d6:
6f:e4:e4:c5:c4:ac:e9:08:15:24:2a:a7:9a:f8:2f:
7f:4d:2d:b4:10:6b:21:6c:15:c2:83:5d:de:e4:80:
5d:6f:02:b3:1e:95:51:19:8f:47:83:8e:b1:b0:4b:
07:f8:8a:7d:06:53:4c:1b:c1:74:6e:7f:7f:d7:49:
e7:d7:fd:5c:1d:92:1a:21:91:12:6a:a7:6d:d7:84:
4d:01:71:16:93:d7:a3:a9:e8:db:29:a6:b4:e8:7e:
87:99:2e:b6:3f:d1:35:81:42:11:17:c6:da:e3:5c:
0f:cc:bc:a9:9e:70:0e:46:0d:a6:5f:1f:38:4b:c5:
e9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:64:96:0B:33:B8:82:82:BB:00:ED:20:B6:4F:42:45:C7:01:7B:F6
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u2SWCzO4goK7AO0gtk9CRccBe_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.158.94.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:55:9a:d2:28:48:47:ce:8c:98:50:80:f0:35:87:36:69:0a:
1f:b3:03:93:10:d1:22:46:3e:a5:ba:b6:49:70:1f:d4:ed:9f:
1f:d9:c6:07:4d:e5:8a:b5:d4:81:f5:4f:5b:65:ae:9a:c8:c8:
54:8f:a3:e9:e2:85:4d:21:90:70:d2:48:d3:7a:e0:d2:eb:82:
ff:d3:59:ae:0d:19:64:de:0b:0b:cd:f5:6d:6a:45:39:aa:ac:
03:6f:ed:90:d5:9e:5a:32:d1:f0:07:4e:0e:5b:71:93:d9:eb:
55:2b:13:98:2b:70:0f:af:5a:51:d3:b7:6a:3c:e0:e9:b2:77:
19:17:ca:97:45:45:33:73:65:57:ce:57:fd:b5:7d:2b:02:39:
a4:1b:b4:9e:90:7c:73:14:8c:69:1a:7b:ba:40:89:ea:18:0c:
c0:75:f9:82:06:76:f0:ee:6f:fb:be:a7:73:2e:b2:e4:c3:f9:
bf:bd:bc:c2:76:26:4a:85:e1:b7:af:00:ff:1a:e4:56:16:bd:
a4:31:2c:e4:de:1b:4c:de:4f:a7:7c:98:34:b2:92:a8:f6:20:
8e:b5:d1:fe:cd:f7:01:77:3e:98:29:51:2f:3d:55:4c:43:8f:
0f:5e:29:91:7d:1e:80:24:d3:c8:4f:76:9d:b0:61:ec:75:c9:
24:02:fa:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrLDdwvTzST30IaDnlTE3iKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwOTI1MDYzNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY0OTYwYjMzYjg4MjgyYmIwMGVkMjBiNjRmNDI0NWM3MDE3YmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw9cbG+QkYswTLxfovL64gY/0QvU
+d0JkiiyCmv0R+COrUbjUdwL5pC0nsFN+YaOfXoM+6ynVBPlbpcJEvUGXnmPh0lb
qCYgLKHd3TLmPFWUmu9zhC+ERtEonGOurDQxcXFwkdlSfDN8DaNpovXF50Evd6PV
HJ2ReALF93tnDTRmb5AjQ9Zv5OTFxKzpCBUkKqea+C9/TS20EGshbBXCg13e5IBd
bwKzHpVRGY9Hg46xsEsH+Ip9BlNMG8F0bn9/10nn1/1cHZIaIZESaqdt14RNAXEW
k9ejqejbKaa06H6HmS62P9E1gUIRF8ba41wPzLypnnAORg2mXx84S8Xp+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtklgszuIKCuwDtILZPQkXHAXv2MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdTJTV0N6TzRnb0s3QU8wZ3RrOUNSY2NCZV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkp5eMA0G
CSqGSIb3DQEBCwUAA4IBAQBKVZrSKEhHzoyYUIDwNYc2aQofswOTENEiRj6lurZJ
cB/U7Z8f2cYHTeWKtdSB9U9bZa6ayMhUj6Pp4oVNIZBw0kjTeuDS64L/01muDRlk
3gsLzfVtakU5qqwDb+2Q1Z5aMtHwB04OW3GT2etVKxOYK3APr1pR07dqPODpsncZ
F8qXRUUzc2VXzlf9tX0rAjmkG7SekHxzFIxpGnu6QInqGAzAdfmCBnbw7m/7vqdz
LrLkw/m/vbzCdiZKheG3rwD/GuRWFr2kMSzk3htM3k+nfJg0spKo9iCOtdH+zfcB
dz6YKVEvPVVMQ48PXimRfR6AJNPIT3adsGHsdckkAvpu
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:43:55 2025 by rpki-client