Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HPyotxMDp--CIjmbaO6yyub8DxE.roa
File: HPyotxMDp--CIjmbaO6yyub8DxE.roa (raw, json)
Hash identifier: DfT9Kaef2/vgwyMSVkQZVVkfQuTeVJ54mah/1nL/tU8=
Subject key identifier: 1C:FC:A8:B7:13:03:A7:EF:82:22:39:9B:68:EE:B2:CA:E6:FC:0F:11
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27BA0CDB
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HPyotxMDp--CIjmbaO6yyub8DxE.roa
Signing time: Sat 01 Jan 2022 16:08:42 +0000
ROA not before: Sat 01 Jan 2022 16:08:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50516
IP address blocks: 95.47.242.0/24 maxlen: 24
146.120.234.0/24 maxlen: 24
146.120.234.0/23 maxlen: 24
31.148.96.0/24 maxlen: 24
146.158.12.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 666504411 (0x27ba0cdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1cfca8b71303a7ef8222399b68eeb2cae6fc0f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f1:a4:d2:11:c8:82:24:61:79:0c:6b:9b:b3:
f1:21:6f:1b:c1:02:5d:c5:00:91:6a:9a:07:c6:4a:
c6:ca:fa:ec:e5:32:eb:c8:af:ae:88:78:c9:46:15:
e2:e9:f2:fe:0b:e9:2c:d7:5c:6d:04:c1:e9:28:f3:
53:8f:31:53:80:90:95:52:a5:ba:6c:e7:4e:82:39:
eb:2b:32:6f:dc:ff:dc:6f:d6:3f:6a:35:82:8e:8b:
f1:e0:0b:95:a5:02:3c:27:bc:4c:ea:fe:b3:c5:5b:
d0:4b:03:d6:36:0d:6e:c9:2b:74:ae:53:a3:e6:54:
d8:5c:15:1a:ed:a1:ef:15:a2:4a:4c:fc:5b:f6:eb:
5e:88:8c:54:4f:82:63:d5:cb:32:5c:48:c1:1d:c2:
a0:c6:37:75:ec:6f:6f:c3:cc:67:b6:67:78:d9:0f:
1a:5f:83:3d:5a:4c:31:55:19:66:59:a1:61:b8:e2:
42:6a:4b:c3:43:84:de:9e:e4:f0:12:7d:3a:c1:a8:
07:2e:02:dc:8a:98:a7:62:ba:c8:37:09:ee:f9:b0:
6d:c0:b0:8f:d2:8a:6c:8d:7e:a4:d1:04:e2:28:05:
d5:4b:48:a1:2f:2a:a6:59:df:13:7c:b1:a8:3b:80:
5c:96:41:aa:84:70:2a:fd:54:86:50:8e:7a:0c:c1:
99:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:FC:A8:B7:13:03:A7:EF:82:22:39:9B:68:EE:B2:CA:E6:FC:0F:11
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HPyotxMDp--CIjmbaO6yyub8DxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.96.0/24
95.47.242.0/24
146.120.234.0/23
146.158.12.0/23
Signature Algorithm: sha256WithRSAEncryption
22:38:b9:a4:a3:94:3a:25:8a:b0:ed:ac:2f:3b:d4:de:48:35:
8a:ee:37:f1:f8:89:0d:1e:8c:b7:6b:c6:40:8a:ee:44:31:43:
c3:70:82:18:26:64:82:df:c5:89:6a:1a:3a:33:16:6a:31:85:
b8:1f:f7:10:77:1b:8d:71:07:13:85:1c:a5:59:05:86:20:17:
e4:a7:ae:de:d0:c4:21:c2:0b:14:40:90:fc:4e:d5:c3:c8:fa:
7e:57:bc:bf:09:9c:b9:2d:62:92:46:d3:12:24:88:ee:3d:ee:
9f:bd:ee:1a:47:ec:2e:7a:55:17:8b:9c:16:4f:3f:2e:1c:2d:
57:44:02:95:f7:01:bc:85:9d:ec:32:e8:13:3d:29:14:4a:8d:
7a:ec:6f:a3:a0:0e:07:5b:b2:6c:9f:65:b4:e7:cb:e9:13:00:
6c:10:9c:f5:c1:b8:cf:44:cd:2f:2b:57:74:36:c7:fd:4c:44:
93:9b:fd:dc:19:6f:92:ec:9f:14:51:d3:16:0f:f1:32:8c:7c:
96:1d:a4:7d:8a:1d:a5:4d:27:e1:b6:70:0c:05:b5:2e:00:a5:
aa:1c:0f:b4:8e:6a:f2:8d:3c:bf:92:10:59:76:26:46:fb:77:
f7:9b:18:a9:b7:46:0e:70:9c:f9:19:41:0b:47:d1:fd:6d:6b:
db:5e:35:22
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEJ7oM2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNmY2E4YjcxMzAz
YTdlZjgyMjIzOTliNjhlZWIyY2FlNmZjMGYxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7xpNIRyIIkYXkMa5uz8SFvG8ECXcUAkWqaB8ZKxsr67OUy
68ivroh4yUYV4uny/gvpLNdcbQTB6SjzU48xU4CQlVKlumznToI56ysyb9z/3G/W
P2o1go6L8eALlaUCPCe8TOr+s8Vb0EsD1jYNbskrdK5To+ZU2FwVGu2h7xWiSkz8
W/brXoiMVE+CY9XLMlxIwR3CoMY3dexvb8PMZ7ZneNkPGl+DPVpMMVUZZlmhYbji
QmpLw0OE3p7k8BJ9OsGoBy4C3IqYp2K6yDcJ7vmwbcCwj9KKbI1+pNEE4igF1UtI
oS8qplnfE3yxqDuAXJZBqoRwKv1UhlCOegzBmTUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQc/Ki3EwOn74IiOZto7rLK5vwPETAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0hQeW90eE1EcC0tQ0lqbWJhTzZ5eXViOER4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAB+UYAMEAF8v8gMEAZJ46gMEAZKe
DDANBgkqhkiG9w0BAQsFAAOCAQEAIji5pKOUOiWKsO2sLzvU3kg1iu438fiJDR6M
t2vGQIruRDFDw3CCGCZkgt/FiWoaOjMWajGFuB/3EHcbjXEHE4UcpVkFhiAX5Keu
3tDEIcILFECQ/E7Vw8j6fle8vwmcuS1ikkbTEiSI7j3un73uGkfsLnpVF4ucFk8/
LhwtV0QClfcBvIWd7DLoEz0pFEqNeuxvo6AOB1uybJ9ltOfL6RMAbBCc9cG4z0TN
LytXdDbH/UxEk5v93BlvkuyfFFHTFg/xMox8lh2kfYodpU0n4bZwDAW1LgClqhwP
tI5q8o08v5IQWXYmRvt395sYqbdGDnCc+RlBC0fR/W1r2141Ig==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:08 2025 by rpki-client