Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vrhK5cxJMVft3bSfukmWvTwTkh4.roa
File: vrhK5cxJMVft3bSfukmWvTwTkh4.roa (raw, json)
Hash identifier: QhAILm1rpv64gRzyTLjlNTnlBMukc4a6DM/xSB7uQZk=
Subject key identifier: BE:B8:4A:E5:CC:49:31:57:ED:DD:B4:9F:BA:49:96:BD:3C:13:92:1E
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095177671AC2C9CFA0F82B287D9C845
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vrhK5cxJMVft3bSfukmWvTwTkh4.roa
Signing time: Mon 02 Jan 2023 03:44:57 +0000
ROA not before: Mon 02 Jan 2023 03:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41129
IP address blocks: 146.120.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:17:76:71:ac:2c:9c:fa:0f:82:b2:87:d9:c8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=beb84ae5cc493157edddb49fba4996bd3c13921e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:22:2e:30:c2:4e:54:58:33:a3:db:9b:63:d4:
b8:aa:a4:10:7a:1c:c9:05:f1:d2:ea:c6:27:fe:74:
b3:63:cb:d9:41:b8:7c:51:8d:d2:7d:27:65:68:38:
39:7f:7c:2b:dd:cf:d7:6f:1c:11:e8:e2:6a:65:0a:
7a:37:91:44:19:a9:02:a1:f1:e0:37:06:55:bf:13:
a5:df:d5:ee:c4:05:a1:ee:7b:a3:11:6e:0d:b6:13:
3e:60:17:86:cc:8b:7e:59:22:b3:68:8d:f4:7e:5b:
f8:ea:ea:07:0d:fc:25:08:2c:4e:17:c6:87:f3:4f:
e0:2a:6b:03:4c:ce:e6:5b:3c:2e:cf:e0:96:cd:9c:
67:24:e8:1f:9d:ec:25:68:9c:14:9f:12:23:60:80:
2f:ed:34:b1:05:2c:42:56:3e:7e:d9:8a:45:21:53:
49:72:56:29:ed:05:a3:ba:0f:73:b2:1b:e4:e4:b0:
2c:3b:13:69:bb:92:67:6c:45:71:da:b9:46:c5:4f:
72:d7:51:be:aa:71:e7:98:7b:3e:10:83:a0:20:75:
86:57:c9:2e:24:7e:b0:ce:e3:ba:9c:63:c0:f2:88:
65:06:d0:56:86:8b:37:22:68:70:a9:c7:24:da:e3:
2d:18:a3:26:88:3d:33:df:35:e4:d8:51:75:33:e8:
3b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B8:4A:E5:CC:49:31:57:ED:DD:B4:9F:BA:49:96:BD:3C:13:92:1E
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vrhK5cxJMVft3bSfukmWvTwTkh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.100.0/24
Signature Algorithm: sha256WithRSAEncryption
42:d5:4c:37:d2:ee:4b:8d:3a:9c:6f:ac:f5:51:32:0d:c2:60:
51:1a:f0:0d:5d:27:52:d1:a1:f0:9c:42:29:dd:79:d9:c9:61:
af:ec:44:f1:d9:7e:6f:62:55:f2:95:47:67:63:88:06:d9:c1:
34:3f:15:0a:db:5b:d4:e1:94:69:98:fc:20:20:47:18:58:cd:
bc:fd:6d:93:a1:6a:80:4d:04:42:76:76:70:49:dd:9f:f3:03:
5d:3e:0b:92:75:dd:55:dd:95:12:ef:65:b8:47:18:e0:f5:13:
4c:5d:f8:db:81:25:f5:13:b5:e4:f4:a7:4b:cd:c7:de:c5:27:
53:06:e3:4b:49:14:b0:0e:30:ff:e8:22:5e:08:10:32:98:e4:
5d:09:36:59:5e:36:4c:60:18:92:55:aa:06:e2:b9:42:05:43:
38:f9:ca:3d:02:63:fd:98:24:88:c4:e3:a2:8b:7d:20:22:53:
8b:23:0f:bf:4c:19:a3:da:a5:53:70:d1:fb:d1:d4:03:94:04:
30:a7:6a:65:11:96:1b:ca:ab:87:01:2b:cf:11:3c:7a:a9:0f:
3d:fd:f7:1f:a1:9c:47:d6:b2:5b:b8:20:d9:5b:69:ed:df:01:
70:b7:2c:91:71:f9:f9:c9:13:c5:92:3c:af:8c:7c:17:3b:21:
9a:05:d8:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlRd2cawsnPoPgrKH2chFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWI4NGFlNWNjNDkzMTU3ZWRkZGI0OWZiYTQ5OTZiZDNjMTM5MjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCIuMMJOVFgzo9ubY9S4qqQQehzJ
BfHS6sYn/nSzY8vZQbh8UY3SfSdlaDg5f3wr3c/XbxwR6OJqZQp6N5FEGakCofHg
NwZVvxOl39XuxAWh7nujEW4NthM+YBeGzIt+WSKzaI30flv46uoHDfwlCCxOF8aH
80/gKmsDTM7mWzwuz+CWzZxnJOgfnewlaJwUnxIjYIAv7TSxBSxCVj5+2YpFIVNJ
clYp7QWjug9zshvk5LAsOxNpu5JnbEVx2rlGxU9y11G+qnHnmHs+EIOgIHWGV8ku
JH6wzuO6nGPA8ohlBtBWhos3Imhwqcck2uMtGKMmiD0z3zXk2FF1M+g7XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL64SuXMSTFX7d20n7pJlr08E5IeMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdnJoSzVjeEpNVmZ0M2JTZnVrbVd2VHdUa2g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknhkMA0G
CSqGSIb3DQEBCwUAA4IBAQBC1Uw30u5LjTqcb6z1UTINwmBRGvANXSdS0aHwnEIp
3XnZyWGv7ETx2X5vYlXylUdnY4gG2cE0PxUK21vU4ZRpmPwgIEcYWM28/W2ToWqA
TQRCdnZwSd2f8wNdPguSdd1V3ZUS72W4Rxjg9RNMXfjbgSX1E7Xk9KdLzcfexSdT
BuNLSRSwDjD/6CJeCBAymORdCTZZXjZMYBiSVaoG4rlCBUM4+co9AmP9mCSIxOOi
i30gIlOLIw+/TBmj2qVTcNH70dQDlAQwp2plEZYbyquHASvPETx6qQ89/fcfoZxH
1rJbuCDZW2nt3wFwtyyRcfn5yRPFkjyvjHwXOyGaBdj9
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:53 2025 by rpki-client