Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HzmTdtCSBXS3G5y2uE2EuYiLcjA.roa
File: HzmTdtCSBXS3G5y2uE2EuYiLcjA.roa (raw, json)
Hash identifier: CWVOMgNkA6d5kana7KvIGgNQ0UZL0hGkQU8pqBMCL+Y=
Subject key identifier: 1F:39:93:76:D0:92:05:74:B7:1B:9C:B6:B8:4D:84:B9:88:8B:72:30
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 2828A747
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HzmTdtCSBXS3G5y2uE2EuYiLcjA.roa
Signing time: Sat 01 Jan 2022 16:09:44 +0000
ROA not before: Sat 01 Jan 2022 16:09:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202353
IP address blocks: 31.148.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 673752903 (0x2828a747)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:09:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f399376d0920574b71b9cb6b84d84b9888b7230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:14:f4:79:23:65:3c:a3:69:a9:d0:ae:1a:73:
96:93:c1:81:67:f8:77:53:ff:f3:81:06:7d:95:34:
8e:98:56:cb:12:ce:bf:88:99:b3:88:e1:38:1d:44:
17:6b:1d:a3:6a:64:f7:8a:17:3a:1d:65:84:50:bf:
f5:63:cd:7d:4c:2d:53:85:fd:3c:8c:ad:c3:95:8e:
5a:b4:38:39:7f:1b:4a:0e:8d:6a:e4:ce:87:ef:55:
42:99:9a:dd:e8:a0:bc:01:98:4b:51:f6:e4:95:f8:
36:d2:f2:3a:e9:2b:bd:1f:5a:d3:2c:02:ef:e5:b8:
3f:5e:28:bc:95:dc:fa:4a:bf:e4:5e:5d:d5:a2:b7:
d3:e6:de:c8:2c:61:07:c2:a3:d5:df:94:7f:fe:55:
55:d5:32:89:c9:eb:6d:cd:71:77:5f:ce:86:b4:f3:
a9:ff:87:29:27:60:2d:49:99:cb:4c:29:ef:b7:dd:
dc:b9:86:e8:cd:73:fd:31:d2:4a:16:60:17:96:52:
2c:f1:32:c4:ab:09:68:b9:f0:12:3c:a8:55:9c:ed:
b5:23:14:82:1c:3d:45:94:cc:a1:9a:13:69:24:c1:
00:b1:94:7c:09:3b:72:90:23:2d:cd:37:9e:7c:86:
8e:0f:3a:e3:a3:ff:24:9a:d2:ec:0b:d8:b7:b7:3a:
5e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:39:93:76:D0:92:05:74:B7:1B:9C:B6:B8:4D:84:B9:88:8B:72:30
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HzmTdtCSBXS3G5y2uE2EuYiLcjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.168.0/24
Signature Algorithm: sha256WithRSAEncryption
50:2b:bb:f0:cc:c9:2c:2c:b4:5c:fe:ff:fd:cd:f9:d7:03:c0:
2b:84:05:f5:a7:97:55:2f:f3:a8:1d:0e:3a:a9:f2:88:c3:01:
bb:df:dc:bb:74:ad:1b:47:2d:23:2b:ee:b3:59:c0:53:73:c4:
2d:5b:cd:b2:30:ee:90:67:30:5c:95:d8:11:c0:97:84:92:f8:
93:9d:f9:5a:40:5c:48:1a:7c:70:12:94:a5:4f:d2:59:a4:7c:
2b:00:bc:34:a7:68:56:75:9f:67:29:35:f7:e2:c1:f0:1f:8d:
19:39:5d:49:e5:bd:fb:5b:11:c1:da:b8:c9:2d:2c:84:64:18:
eb:12:2b:e8:db:12:7f:22:9d:58:36:92:9f:cc:e0:32:bd:1b:
d3:2b:cd:51:0d:c5:f9:0b:b6:5d:c6:b8:ee:c5:da:3d:c5:e2:
90:8c:ba:b0:fe:e0:e0:d0:60:ea:8d:96:27:fc:3e:95:a6:e2:
9c:c1:0d:92:f4:2a:a9:df:8d:7f:f2:29:bc:08:d8:9b:f7:3c:
74:44:56:f2:28:5f:fe:94:04:8c:43:0a:c0:c1:1b:4c:31:a5:
6e:18:11:9b:b4:4e:c2:d6:a7:fa:d4:6b:95:ca:64:e5:ad:b4:
65:b8:3a:ba:2b:2e:ac:c2:81:cc:10:fb:ee:76:fe:41:c3:fa:
be:67:8d:0d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKCinRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWYzOTkzNzZkMDky
MDU3NGI3MWI5Y2I2Yjg0ZDg0Yjk4ODhiNzIzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOAU9HkjZTyjaanQrhpzlpPBgWf4d1P/84EGfZU0jphWyxLO
v4iZs4jhOB1EF2sdo2pk94oXOh1lhFC/9WPNfUwtU4X9PIytw5WOWrQ4OX8bSg6N
auTOh+9VQpma3eigvAGYS1H25JX4NtLyOukrvR9a0ywC7+W4P14ovJXc+kq/5F5d
1aK30+beyCxhB8Kj1d+Uf/5VVdUyicnrbc1xd1/OhrTzqf+HKSdgLUmZy0wp77fd
3LmG6M1z/THSShZgF5ZSLPEyxKsJaLnwEjyoVZzttSMUghw9RZTMoZoTaSTBALGU
fAk7cpAjLc03nnyGjg8646P/JJrS7AvYt7c6Xo0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQfOZN20JIFdLcbnLa4TYS5iItyMDAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0h6bVRkdENTQlhTM0c1eTJ1RTJFdVlpTGNqQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB+UqDANBgkqhkiG9w0BAQsFAAOC
AQEAUCu78MzJLCy0XP7//c351wPAK4QF9aeXVS/zqB0OOqnyiMMBu9/cu3StG0ct
Iyvus1nAU3PELVvNsjDukGcwXJXYEcCXhJL4k535WkBcSBp8cBKUpU/SWaR8KwC8
NKdoVnWfZyk19+LB8B+NGTldSeW9+1sRwdq4yS0shGQY6xIr6NsSfyKdWDaSn8zg
Mr0b0yvNUQ3F+Qu2Xca47sXaPcXikIy6sP7g4NBg6o2WJ/w+labinMENkvQqqd+N
f/IpvAjYm/c8dERW8ihf/pQEjEMKwMEbTDGlbhgRm7ROwtan+tRrlcpk5a20Zbg6
uisurMKBzBD77nb+QcP6vmeNDQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:38:55 2025 by rpki-client