Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/ddf529-1536-44f0-9eda-4dad48a16e42/1/HZkSeJmua96wVQiBZvBzCyxgqdI.roa
File: HZkSeJmua96wVQiBZvBzCyxgqdI.roa (raw, json)
Hash identifier: BpYpJOf3eY3j2ufxNT4oHO1c9wG9nYNEKrHYKcUCiCM=
Subject key identifier: 1D:99:12:78:99:AE:6B:DE:B0:55:08:81:66:F0:73:0B:2C:60:A9:D2
Certificate issuer: /CN=7015ed275005408d2a86a2303701744430eda34a
Certificate serial: 03D6C8C2
Authority key identifier: 70:15:ED:27:50:05:40:8D:2A:86:A2:30:37:01:74:44:30:ED:A3:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cBXtJ1AFQI0qhqIwNwF0RDDto0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/ddf529-1536-44f0-9eda-4dad48a16e42/1/HZkSeJmua96wVQiBZvBzCyxgqdI.roa
Signing time: Sat 01 Jan 2022 11:59:25 +0000
ROA not before: Sat 01 Jan 2022 11:59:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 193.25.50.0/24 maxlen: 24
193.25.49.0/24 maxlen: 24
193.25.48.0/24 maxlen: 24
193.25.51.0/24 maxlen: 24
193.25.57.0/24 maxlen: 24
193.25.56.0/24 maxlen: 24
193.25.55.0/24 maxlen: 24
193.25.54.0/24 maxlen: 24
193.25.58.0/24 maxlen: 24
193.25.53.0/24 maxlen: 24
193.25.52.0/24 maxlen: 24
193.25.60.0/24 maxlen: 24
193.25.59.0/24 maxlen: 24
193.25.63.0/24 maxlen: 24
193.25.62.0/24 maxlen: 24
193.25.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64407746 (0x3d6c8c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7015ed275005408d2a86a2303701744430eda34a
Validity
Not Before: Jan 1 11:59:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d99127899ae6bdeb055088166f0730b2c60a9d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6d:6e:b8:51:6b:6e:1c:35:d3:07:69:0c:01:
79:a8:33:dd:ca:96:b5:a9:11:09:ad:2d:ac:46:0d:
8f:60:1a:b8:8e:ab:2f:de:18:a8:50:00:74:df:77:
6f:4e:c4:52:33:77:43:24:04:74:08:01:34:b0:f5:
b4:eb:9e:f1:cc:0a:ea:1b:19:61:09:09:d4:62:2b:
8c:c3:84:6d:5e:bf:47:14:ec:f8:10:cd:06:02:82:
ad:a9:1c:0c:dc:59:2e:20:7b:97:28:6c:9a:8e:27:
3a:0e:40:28:e5:86:ca:d6:bf:84:77:7e:60:4c:25:
43:dd:77:cc:4f:3c:ed:e0:de:ab:06:3c:c9:3b:78:
0b:2d:0a:38:73:a4:5c:bf:25:b7:ba:f2:35:02:8b:
a5:83:38:25:ff:81:f9:19:09:6b:8e:1c:22:f1:53:
e9:b6:b9:59:3e:70:54:8b:0f:e5:2e:e9:04:11:20:
0e:20:8c:7b:87:67:2d:05:1b:52:5a:d4:1a:67:ab:
22:2b:c0:7b:01:c0:5e:3f:53:b8:fe:d7:a3:0e:2c:
bd:e2:aa:d2:de:32:f6:7b:4f:db:9f:f6:af:58:1e:
e7:46:0d:df:87:05:59:d9:39:e7:8d:4b:0b:28:08:
dc:30:ac:3b:7a:32:cb:a1:b6:33:6f:b9:3d:5f:c7:
c2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:99:12:78:99:AE:6B:DE:B0:55:08:81:66:F0:73:0B:2C:60:A9:D2
X509v3 Authority Key Identifier:
keyid:70:15:ED:27:50:05:40:8D:2A:86:A2:30:37:01:74:44:30:ED:A3:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cBXtJ1AFQI0qhqIwNwF0RDDto0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ddf529-1536-44f0-9eda-4dad48a16e42/1/HZkSeJmua96wVQiBZvBzCyxgqdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ddf529-1536-44f0-9eda-4dad48a16e42/1/cBXtJ1AFQI0qhqIwNwF0RDDto0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.48.0/20
Signature Algorithm: sha256WithRSAEncryption
1d:11:19:95:cb:fa:10:db:f6:1e:70:82:f8:f5:94:d7:51:60:
14:27:5c:a1:f9:4a:4b:60:b0:d6:68:6f:d6:9d:4a:97:28:b6:
c8:bb:b2:db:c3:c6:10:79:89:6a:80:e3:8c:c1:cc:eb:cb:b1:
9b:14:da:e2:46:93:cb:e4:f4:53:b2:58:57:98:be:b9:20:ed:
22:0b:0e:3a:5f:1f:6f:d5:93:19:8e:43:f8:de:dc:e9:f2:2a:
e8:f9:13:b1:5e:99:ae:71:cf:86:98:38:4e:23:ec:d8:2f:42:
c3:c7:d7:ed:23:ae:ba:59:16:da:b0:04:5a:63:0d:ca:7b:34:
06:bd:2f:1e:92:34:f5:99:d9:f9:91:af:01:cd:86:46:d1:9d:
2d:5d:e0:aa:37:e2:d3:ff:5b:6f:fd:ec:6a:96:e4:cd:ac:44:
94:e2:ca:36:b4:d4:6d:2f:16:3e:4f:b6:94:c9:1a:76:ff:3f:
a9:58:f6:93:91:6e:87:b5:4b:73:88:c4:80:81:9b:d3:d5:55:
e1:46:b2:64:e0:69:ac:04:53:99:79:17:97:ea:40:4b:a1:e9:
7d:d8:e1:14:0b:68:83:d1:76:8d:39:2a:00:36:26:d8:53:eb:
51:8a:30:6e:3d:00:65:b9:ca:9c:55:fb:c5:0d:e5:ab:ae:dc:
fc:cd:dd:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9bIwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDE1ZWQyNzUwMDU0MDhkMmE4NmEyMzAzNzAxNzQ0NDMwZWRhMzRhMB4XDTIyMDEw
MTExNTkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ5OTEyNzg5OWFl
NmJkZWIwNTUwODgxNjZmMDczMGIyYzYwYTlkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMttbrhRa24cNdMHaQwBeagz3cqWtakRCa0trEYNj2AauI6r
L94YqFAAdN93b07EUjN3QyQEdAgBNLD1tOue8cwK6hsZYQkJ1GIrjMOEbV6/RxTs
+BDNBgKCrakcDNxZLiB7lyhsmo4nOg5AKOWGyta/hHd+YEwlQ913zE887eDeqwY8
yTt4Cy0KOHOkXL8lt7ryNQKLpYM4Jf+B+RkJa44cIvFT6ba5WT5wVIsP5S7pBBEg
DiCMe4dnLQUbUlrUGmerIivAewHAXj9TuP7Xow4sveKq0t4y9ntP25/2r1ge50YN
34cFWdk5541LCygI3DCsO3oyy6G2M2+5PV/Hwp8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdmRJ4ma5r3rBVCIFm8HMLLGCp0jAfBgNVHSMEGDAWgBRwFe0nUAVAjSqG
ojA3AXREMO2jSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NCWHRKMUFGUUkwcWhxSXdOd0YwUkREdG8wby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvZGRmNTI5LTE1MzYtNDRmMC05ZWRhLTRkYWQ0OGExNmU0Mi8x
L0haa1NlSm11YTk2d1ZRaUJadkJ6Q3l4Z3FkSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
ZGRmNTI5LTE1MzYtNDRmMC05ZWRhLTRkYWQ0OGExNmU0Mi8xL2NCWHRKMUFGUUkw
cWhxSXdOd0YwUkREdG8wby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMEZMDANBgkqhkiG9w0BAQsFAAOC
AQEAHREZlcv6ENv2HnCC+PWU11FgFCdcoflKS2Cw1mhv1p1Klyi2yLuy28PGEHmJ
aoDjjMHM68uxmxTa4kaTy+T0U7JYV5i+uSDtIgsOOl8fb9WTGY5D+N7c6fIq6PkT
sV6ZrnHPhpg4TiPs2C9Cw8fX7SOuulkW2rAEWmMNyns0Br0vHpI09ZnZ+ZGvAc2G
RtGdLV3gqjfi0/9bb/3sapbkzaxElOLKNrTUbS8WPk+2lMkadv8/qVj2k5Fuh7VL
c4jEgIGb09VV4UayZOBprARTmXkXl+pAS6HpfdjhFAtog9F2jTkqADYm2FPrUYow
bj0AZbnKnFX7xQ3lq67c/M3dPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:53 2024 by rpki-client on console-ams.rpki-client.org