Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/HjCoInEv0szrrN6Q35kJyvMvBPE.roa
File: HjCoInEv0szrrN6Q35kJyvMvBPE.roa (raw, json)
Hash identifier: IgfOGQMJhrmayKdU7mpCRrizzHlpsgZ0ABnxGTAARVs=
Subject key identifier: 1E:30:A8:22:71:2F:D2:CC:EB:AC:DE:90:DF:99:09:CA:F3:2F:04:F1
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018C1AB9ED60827CDD1581600326AA735D24
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/HjCoInEv0szrrN6Q35kJyvMvBPE.roa
Signing time: Wed 29 Nov 2023 10:57:21 +0000
ROA not before: Wed 29 Nov 2023 10:57:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6660
IP address blocks: 46.190.145.0/24 maxlen: 24
139.47.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:b9:ed:60:82:7c:dd:15:81:60:03:26:aa:73:5d:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 29 10:57:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e30a822712fd2ccebacde90df9909caf32f04f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6e:98:b9:f9:d3:77:a3:ba:e0:cd:fe:7e:c9:
a4:83:13:df:73:29:d7:d2:d9:6a:02:38:6a:5f:d5:
75:b1:ab:be:2b:19:a0:fe:52:57:06:0f:5a:c5:a5:
38:95:5d:bd:9e:0e:e1:03:50:54:4e:89:a5:4a:ca:
8b:24:8f:00:3b:b7:f2:02:d4:e8:8b:27:ad:da:0f:
ac:4a:d9:77:8a:8a:fa:44:e0:33:c8:9f:36:6e:bd:
29:5a:81:ca:bb:33:d8:4c:d2:b7:58:c0:8b:41:02:
cd:cd:38:b7:6e:f0:4a:7f:76:f0:db:2e:42:f6:9d:
07:2b:96:56:fc:6d:66:79:52:ee:98:0a:c1:9f:0f:
08:45:b6:48:2d:23:a6:ae:04:dd:4c:5f:a7:e4:97:
b4:7d:2d:6b:99:f7:a9:ba:77:52:41:23:fc:73:c5:
15:8f:1a:2f:97:30:f2:2f:f2:e7:b7:a7:70:96:f5:
67:13:0b:26:68:1c:5d:73:1e:d6:5c:76:9a:e5:59:
ba:72:4c:46:24:bf:48:20:ea:4c:56:30:40:50:fd:
e1:e6:57:df:57:d9:08:0e:37:5d:33:17:69:08:74:
2c:d8:02:41:9a:95:ba:12:fd:76:04:4f:bb:a9:90:
12:e1:b4:2b:44:3f:8d:08:3e:a4:1b:24:ca:02:ea:
20:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:30:A8:22:71:2F:D2:CC:EB:AC:DE:90:DF:99:09:CA:F3:2F:04:F1
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/HjCoInEv0szrrN6Q35kJyvMvBPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.190.145.0/24
139.47.192.0/18
Signature Algorithm: sha256WithRSAEncryption
1b:45:a3:10:a1:b8:ce:2d:33:72:d3:b2:bb:3f:7c:7b:18:be:
08:b2:d2:b1:6f:eb:15:da:ea:28:1a:dd:1f:e4:ad:17:06:f1:
da:38:d6:3d:61:49:02:44:57:1e:8f:53:f9:fb:14:24:0f:15:
84:59:89:46:af:da:ce:03:aa:19:94:da:f7:3c:db:1e:ce:49:
d7:ec:02:09:cf:06:64:05:fc:1e:01:27:9a:0d:f2:29:92:c1:
dd:9d:7f:c8:a9:54:90:22:1c:d4:2d:31:8a:f9:25:4a:27:4e:
26:ba:fb:17:70:aa:2a:84:6f:97:2f:d6:cc:c5:b2:89:85:1d:
eb:0e:bf:a3:2e:23:a3:78:10:7d:af:78:14:78:2c:52:67:9a:
6c:f7:1f:ba:77:ce:5a:5b:f1:d2:3e:8e:5c:3d:39:0a:b7:9d:
dc:b7:e7:5a:1b:92:c3:48:f5:da:ba:03:0c:19:29:cb:d9:d4:
0e:40:9d:a7:f3:ad:7c:df:d8:95:45:16:1f:d2:66:9b:77:8c:
19:c8:72:f0:e6:16:17:c4:c8:97:9c:f2:c8:09:99:16:a5:4b:
51:5c:5b:ed:04:ab:96:7d:e5:57:1f:78:fc:45:4b:9d:38:cc:
52:da:97:c3:e6:08:e9:af:bc:c8:21:38:e1:02:f4:22:e7:21:
fb:29:26:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwaue1ggnzdFYFgAyaqc10kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTI5MTA1NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTMwYTgyMjcxMmZkMmNjZWJhY2RlOTBkZjk5MDljYWYzMmYwNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgG6YufnTd6O64M3+fsmkgxPfcynX
0tlqAjhqX9V1sau+Kxmg/lJXBg9axaU4lV29ng7hA1BUTomlSsqLJI8AO7fyAtTo
iyet2g+sStl3ior6ROAzyJ82br0pWoHKuzPYTNK3WMCLQQLNzTi3bvBKf3bw2y5C
9p0HK5ZW/G1meVLumArBnw8IRbZILSOmrgTdTF+n5Je0fS1rmfepundSQSP8c8UV
jxovlzDyL/Lnt6dwlvVnEwsmaBxdcx7WXHaa5Vm6ckxGJL9IIOpMVjBAUP3h5lff
V9kIDjddMxdpCHQs2AJBmpW6Ev12BE+7qZAS4bQrRD+NCD6kGyTKAuogtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB4wqCJxL9LM66zekN+ZCcrzLwTxMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvSGpDb0luRXYwc3pyck42UTM1a0p5dk12QlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALr6RAwQG
iy/AMA0GCSqGSIb3DQEBCwUAA4IBAQAbRaMQobjOLTNy07K7P3x7GL4IstKxb+sV
2uooGt0f5K0XBvHaONY9YUkCRFcej1P5+xQkDxWEWYlGr9rOA6oZlNr3PNsezknX
7AIJzwZkBfweASeaDfIpksHdnX/IqVSQIhzULTGK+SVKJ04muvsXcKoqhG+XL9bM
xbKJhR3rDr+jLiOjeBB9r3gUeCxSZ5ps9x+6d85aW/HSPo5cPTkKt53ct+daG5LD
SPXaugMMGSnL2dQOQJ2n861839iVRRYf0mabd4wZyHLw5hYXxMiXnPLICZkWpUtR
XFvtBKuWfeVXH3j8RUudOMxS2pfD5gjpr7zIITjhAvQi5yH7KSZP
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:45:05 2025 by rpki-client