Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vYr_mgXfWWH0juk-ZB22uDN050k.roa
File: vYr_mgXfWWH0juk-ZB22uDN050k.roa (raw, json)
Hash identifier: c5GDSr1FnEBeGFEBD2WdvQZM0psPdDWSV9VAOtvTcTY=
Subject key identifier: BD:8A:FF:9A:05:DF:59:61:F4:8E:E9:3E:64:1D:B6:B8:33:74:E7:49
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27998350
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vYr_mgXfWWH0juk-ZB22uDN050k.roa
Signing time: Sat 01 Jan 2022 16:08:24 +0000
ROA not before: Sat 01 Jan 2022 16:08:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47231
IP address blocks: 146.120.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 664372048 (0x27998350)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd8aff9a05df5961f48ee93e641db6b83374e749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bd:8d:90:4f:f6:df:30:df:6a:c8:23:8d:5d:
26:73:6e:4a:0c:ef:07:5c:ea:56:e4:49:71:8c:e9:
0d:fe:1d:46:3e:74:5b:87:4b:15:6e:5b:1d:fa:3d:
67:35:94:72:f7:3c:43:de:aa:70:9f:a4:68:3f:54:
4a:00:c3:1f:4a:db:c9:a2:fa:60:10:b9:77:6a:d6:
4c:43:46:8f:45:3b:60:b7:5c:d4:a8:7c:75:ae:03:
fb:f2:00:d0:b9:f1:71:77:4e:f5:32:62:49:3e:aa:
61:e7:32:ac:56:be:57:c3:01:35:ee:27:06:f2:7e:
5b:f3:dc:22:bd:c6:bf:eb:9c:3e:21:30:09:ae:38:
19:5c:2d:41:2e:9c:39:1e:f8:23:99:00:fc:82:14:
06:cb:1c:85:c5:a7:34:95:9c:33:7f:eb:f4:44:01:
a9:e8:6b:c0:1c:e8:22:db:2e:6d:cf:c2:12:4c:9d:
d9:83:00:12:41:65:0c:20:a6:fe:d9:04:fb:65:c1:
92:0c:ce:19:1a:ca:89:da:25:4e:e4:2c:cd:1f:e7:
64:c7:7d:00:1f:9d:e5:da:0c:be:b8:44:c1:ca:78:
2b:64:96:94:12:f9:1e:b2:22:96:82:63:16:19:9f:
db:ee:49:a4:fc:80:fa:e0:ff:a9:2c:c3:33:eb:55:
1a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:8A:FF:9A:05:DF:59:61:F4:8E:E9:3E:64:1D:B6:B8:33:74:E7:49
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vYr_mgXfWWH0juk-ZB22uDN050k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.221.0/24
Signature Algorithm: sha256WithRSAEncryption
38:16:33:2f:98:de:5d:c6:a6:13:3b:92:26:6b:6b:90:25:48:
dd:15:20:4c:95:05:00:a0:2e:7f:40:ca:da:18:c5:e0:1a:d1:
63:d2:4c:08:d9:eb:f6:52:b1:0f:a6:fe:02:e2:fe:84:61:33:
19:9b:a7:54:7c:e2:00:c7:54:0b:7e:2f:1d:18:ae:63:14:a3:
be:12:1e:e4:10:61:89:c8:be:ff:17:82:97:3c:64:e1:97:3e:
a8:2d:18:fb:f0:97:3a:16:b3:94:cb:d4:ac:b4:d4:1d:3b:95:
97:5b:ee:c3:66:25:3f:35:03:b5:6f:19:9f:a7:92:d8:67:50:
8b:89:0a:bd:00:32:36:eb:62:bc:13:ca:42:c4:f4:ac:81:f0:
27:23:9e:02:4b:1b:de:bd:06:6d:52:cd:5e:19:00:c4:a0:bb:
87:c0:2d:65:e9:c4:20:ca:c9:e1:2c:f2:73:d0:fb:4b:9c:00:
42:41:3a:07:1b:e4:42:5b:2e:d4:3f:2e:af:c7:2b:c2:4a:c9:
3d:7f:3b:ec:a0:45:ec:8e:fe:df:a7:ab:c3:45:67:18:39:14:
8f:1b:62:ca:b2:cc:7c:6f:b4:ef:38:59:47:e4:24:d2:55:1e:
4c:03:bc:eb:56:82:29:32:dc:02:a9:1f:c7:ec:f5:18:4f:8d:
8f:7c:72:69
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJ5mDUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQ4YWZmOWEwNWRm
NTk2MWY0OGVlOTNlNjQxZGI2YjgzMzc0ZTc0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALK9jZBP9t8w32rII41dJnNuSgzvB1zqVuRJcYzpDf4dRj50
W4dLFW5bHfo9ZzWUcvc8Q96qcJ+kaD9USgDDH0rbyaL6YBC5d2rWTENGj0U7YLdc
1Kh8da4D+/IA0LnxcXdO9TJiST6qYecyrFa+V8MBNe4nBvJ+W/PcIr3Gv+ucPiEw
Ca44GVwtQS6cOR74I5kA/IIUBsschcWnNJWcM3/r9EQBqehrwBzoItsubc/CEkyd
2YMAEkFlDCCm/tkE+2XBkgzOGRrKidolTuQszR/nZMd9AB+d5doMvrhEwcp4K2SW
lBL5HrIiloJjFhmf2+5JpPyA+uD/qSzDM+tVGuECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS9iv+aBd9ZYfSO6T5kHba4M3TnSTAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L3ZZcl9tZ1hmV1dIMGp1ay1aQjIydUROMDUway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJJ43TANBgkqhkiG9w0BAQsFAAOC
AQEAOBYzL5jeXcamEzuSJmtrkCVI3RUgTJUFAKAuf0DK2hjF4BrRY9JMCNnr9lKx
D6b+AuL+hGEzGZunVHziAMdUC34vHRiuYxSjvhIe5BBhici+/xeClzxk4Zc+qC0Y
+/CXOhazlMvUrLTUHTuVl1vuw2YlPzUDtW8Zn6eS2GdQi4kKvQAyNutivBPKQsT0
rIHwJyOeAksb3r0GbVLNXhkAxKC7h8AtZenEIMrJ4Szyc9D7S5wAQkE6BxvkQlsu
1D8ur8crwkrJPX877KBF7I7+36erw0VnGDkUjxtiyrLMfG+07zhZR+Qk0lUeTAO8
61aCKTLcAqkfx+z1GE+Nj3xyaQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:00:38 2025 by rpki-client