Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/HZMAgQGWd6B78vzFK4JVJCC8nJ8.roa
File: HZMAgQGWd6B78vzFK4JVJCC8nJ8.roa (raw, json)
Hash identifier: Jy5YPggiB75Dpr3oiYIsiq39fMcvUj3JTNEMqiDulTQ=
Subject key identifier: 1D:93:00:81:01:96:77:A0:7B:F2:FC:C5:2B:82:55:24:20:BC:9C:9F
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 0187C97B6B4F2B88CA78E52D6B11E10E690C
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/HZMAgQGWd6B78vzFK4JVJCC8nJ8.roa
Signing time: Fri 28 Apr 2023 20:08:41 +0000
ROA not before: Fri 28 Apr 2023 20:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 171.22.248.0/23 maxlen: 24
45.146.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c9:7b:6b:4f:2b:88:ca:78:e5:2d:6b:11:e1:0e:69:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Apr 28 20:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d930081019677a07bf2fcc52b82552420bc9c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f2:5a:ac:b8:18:df:c6:43:58:75:ce:96:d6:
e8:ed:e0:f5:44:b1:0d:84:f3:0e:28:9b:43:a0:c2:
49:91:3c:1c:da:44:a2:dc:42:70:ce:20:76:e9:40:
8e:40:4c:7d:ce:1f:73:e4:95:ac:58:8b:ad:dc:ad:
b9:3d:61:d8:82:27:ae:14:c4:db:87:e5:61:a2:14:
2d:bc:11:63:20:00:3e:03:18:3e:df:60:b2:08:74:
fd:ae:dc:dc:65:00:de:64:55:6b:9a:f8:09:ff:6e:
90:0b:59:28:93:b1:a6:88:f5:94:5d:2c:ac:64:11:
45:f1:80:4a:5f:f7:e9:31:e2:49:ed:27:8c:74:66:
b5:d2:2b:13:2e:bf:74:77:8c:52:4e:1b:df:4e:69:
de:fc:97:47:28:1b:ec:ad:62:41:66:f7:be:5a:d6:
42:d0:43:36:cc:6e:00:72:21:fe:d3:db:ac:bb:96:
87:a0:b0:0d:a4:09:d9:9c:7c:a0:4a:12:ff:32:fe:
af:0e:6d:b0:ff:b2:e8:a6:15:65:3c:0c:25:7c:de:
ed:52:2a:60:89:97:1a:42:52:ac:87:20:e1:24:2b:
21:24:d7:c3:37:16:32:a4:c5:2e:4c:91:4e:5d:a7:
62:71:47:de:f1:2e:7f:a5:30:0b:4a:f2:f1:37:be:
ee:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:93:00:81:01:96:77:A0:7B:F2:FC:C5:2B:82:55:24:20:BC:9C:9F
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/HZMAgQGWd6B78vzFK4JVJCC8nJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.204.0/22
171.22.248.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:aa:73:4a:88:e6:52:6b:10:b0:4b:52:de:4d:fe:84:66:c5:
d4:a8:73:9f:60:53:72:11:1e:dc:cd:bb:b6:d8:bd:79:56:6b:
db:25:d1:15:90:c6:c4:93:93:4b:9c:da:69:43:14:da:9b:44:
58:58:45:70:59:41:7b:cc:0a:1b:a2:db:1a:85:6c:5d:e3:b6:
32:66:e3:fc:7b:62:28:75:5c:f4:6b:56:b1:ff:85:ca:ab:ed:
3e:e7:5d:ec:ad:e6:12:cc:10:bc:25:99:c4:ab:77:71:a3:70:
b2:11:3a:f7:af:eb:2b:44:43:5c:20:34:f8:16:48:33:9b:6a:
33:54:fe:fb:ca:c2:38:44:c2:da:cd:80:69:67:24:51:d1:60:
7c:78:5d:54:e0:80:1f:eb:56:cb:fc:12:93:d4:d9:60:65:c3:
d3:1d:87:f7:59:65:36:93:14:ff:46:dd:46:c8:e5:99:84:6a:
23:23:c9:ea:45:0d:07:2c:07:d2:37:e4:9c:c6:ca:96:23:08:
9e:56:49:b1:3f:a4:05:16:24:ca:8a:44:dd:18:3c:41:1f:25:
e8:e8:34:68:4f:10:ca:e8:fa:52:44:2d:73:49:f6:d7:52:a8:
c1:64:4c:24:fe:31:e9:f0:7c:15:7a:4f:51:c5:c1:17:66:8a:
1a:07:fc:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfJe2tPK4jKeOUtaxHhDmkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjMwNDI4MjAwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDkzMDA4MTAxOTY3N2EwN2JmMmZjYzUyYjgyNTUyNDIwYmM5YzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfJarLgY38ZDWHXOltbo7eD1RLEN
hPMOKJtDoMJJkTwc2kSi3EJwziB26UCOQEx9zh9z5JWsWIut3K25PWHYgieuFMTb
h+VhohQtvBFjIAA+Axg+32CyCHT9rtzcZQDeZFVrmvgJ/26QC1kok7GmiPWUXSys
ZBFF8YBKX/fpMeJJ7SeMdGa10isTLr90d4xSThvfTmne/JdHKBvsrWJBZve+WtZC
0EM2zG4AciH+09usu5aHoLANpAnZnHygShL/Mv6vDm2w/7LophVlPAwlfN7tUipg
iZcaQlKshyDhJCshJNfDNxYypMUuTJFOXadicUfe8S5/pTALSvLxN77uSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB2TAIEBlnege/L8xSuCVSQgvJyfMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvSFpNQWdRR1dkNkI3OHZ6Rks0SlZKQ0M4bko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZLMAwQB
qxb4MA0GCSqGSIb3DQEBCwUAA4IBAQC2qnNKiOZSaxCwS1LeTf6EZsXUqHOfYFNy
ER7czbu22L15VmvbJdEVkMbEk5NLnNppQxTam0RYWEVwWUF7zAobotsahWxd47Yy
ZuP8e2IodVz0a1ax/4XKq+0+513sreYSzBC8JZnEq3dxo3CyETr3r+srRENcIDT4
Fkgzm2ozVP77ysI4RMLazYBpZyRR0WB8eF1U4IAf61bL/BKT1NlgZcPTHYf3WWU2
kxT/Rt1GyOWZhGojI8nqRQ0HLAfSN+ScxsqWIwieVkmxP6QFFiTKikTdGDxBHyXo
6DRoTxDK6PpSRC1zSfbXUqjBZEwk/jHp8HwVek9RxcEXZooaB/yg
-----END CERTIFICATE-----
Generated at Sat Jul 26 05:40:08 2025 by rpki-client