Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/e35ac1-05d1-406d-b668-36eaf7948531/1/HfocZoSOn9uA4wkT7QI_lvBOg5o.roa
File: HfocZoSOn9uA4wkT7QI_lvBOg5o.roa (raw, json)
Hash identifier: wGhOnMWxgUBBB1hGTp/XtYmqQTgT0sfz0qum9qN1il4=
Subject key identifier: 1D:FA:1C:66:84:8E:9F:DB:80:E3:09:13:ED:02:3F:96:F0:4E:83:9A
Certificate issuer: /CN=365b4abab716ad1407a902e5176560ecc37c966d
Certificate serial: E9C80A
Authority key identifier: 36:5B:4A:BA:B7:16:AD:14:07:A9:02:E5:17:65:60:EC:C3:7C:96:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NltKurcWrRQHqQLlF2Vg7MN8lm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/e35ac1-05d1-406d-b668-36eaf7948531/1/HfocZoSOn9uA4wkT7QI_lvBOg5o.roa
Signing time: Sat 01 Jan 2022 08:57:17 +0000
ROA not before: Sat 01 Jan 2022 08:57:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24971
IP address blocks: 130.193.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15321098 (0xe9c80a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=365b4abab716ad1407a902e5176560ecc37c966d
Validity
Not Before: Jan 1 08:57:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dfa1c66848e9fdb80e30913ed023f96f04e839a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c4:28:73:de:41:3d:68:ed:98:f0:2c:f1:3b:
5a:1f:a5:c6:76:e3:bb:b8:04:02:57:37:5e:3e:2e:
4e:a9:56:2a:2d:a8:f9:ca:17:ed:d7:db:1a:58:97:
77:38:94:00:2b:38:aa:6b:be:42:e3:ed:aa:ae:09:
6f:8f:de:93:e4:36:6d:9f:0b:40:f6:bb:c5:3c:fb:
c3:85:89:3d:fd:72:4b:18:de:52:21:b4:20:20:90:
00:5f:35:14:e5:a0:22:5b:90:1b:59:c5:37:2f:81:
63:c4:47:21:52:5b:7e:fb:bd:96:b2:44:1c:9f:69:
cf:aa:68:ce:df:d8:df:50:da:93:1c:6e:43:b0:b6:
5f:28:29:24:49:8b:a4:64:0f:b2:5e:c0:ed:56:b9:
da:a9:22:f8:91:5b:57:34:1a:b4:40:be:96:d2:3a:
45:a2:22:86:83:5d:02:bc:e3:04:2e:93:71:c1:b7:
31:42:b4:4e:a2:8d:28:69:05:b3:12:17:a9:9b:07:
b6:89:fb:12:aa:d1:f7:01:d7:68:59:76:59:2d:ab:
3f:67:1d:04:e8:18:4a:a5:81:05:03:c4:91:cb:2c:
0a:52:a8:03:41:00:1d:07:f8:3f:f2:33:c7:2f:08:
3e:3f:0b:29:0b:5d:2f:d7:5e:00:67:5d:08:bf:05:
5c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FA:1C:66:84:8E:9F:DB:80:E3:09:13:ED:02:3F:96:F0:4E:83:9A
X509v3 Authority Key Identifier:
keyid:36:5B:4A:BA:B7:16:AD:14:07:A9:02:E5:17:65:60:EC:C3:7C:96:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NltKurcWrRQHqQLlF2Vg7MN8lm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/e35ac1-05d1-406d-b668-36eaf7948531/1/HfocZoSOn9uA4wkT7QI_lvBOg5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/e35ac1-05d1-406d-b668-36eaf7948531/1/NltKurcWrRQHqQLlF2Vg7MN8lm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.16.0/24
Signature Algorithm: sha256WithRSAEncryption
57:98:83:7e:e5:1e:78:24:0b:e7:f6:6c:6d:54:18:c5:6d:a4:
77:5d:9b:80:3a:e8:c6:7f:6e:d9:82:05:78:98:fb:0b:f9:dc:
7b:af:1e:64:c7:ab:74:91:23:c3:b7:af:e3:b7:58:37:53:55:
25:06:75:0d:5d:13:83:55:08:51:5b:3f:23:b5:54:3b:12:3b:
55:4e:26:8a:71:a1:f1:40:e0:07:55:ec:27:da:75:9c:89:df:
b1:44:93:34:ea:a1:47:d3:ae:d9:de:76:d6:ca:c7:97:6b:a2:
31:ec:1f:b7:59:bc:d8:38:66:77:1a:4b:f7:73:93:8b:8a:ec:
c9:bb:16:02:53:8e:2a:54:24:09:80:73:b8:7a:75:62:0b:d4:
6e:99:4d:f9:02:d1:fa:a3:58:8d:65:b2:a7:b7:04:0a:d5:29:
ea:0a:58:c6:89:34:32:35:55:1b:ec:a5:ec:73:3f:a3:10:1d:
a6:b2:56:2d:fa:37:1c:aa:6c:4a:67:59:ba:51:47:cf:38:2e:
a0:9e:05:57:51:da:7b:b5:bf:a9:2e:f3:fc:bb:bc:44:10:b6:
a4:a3:23:0a:97:6d:9a:28:c6:49:3a:00:bb:4a:e2:56:81:63:
4f:2e:22:9b:52:33:e6:cd:dc:a8:fd:24:64:2d:87:66:5c:bc:
74:96:6e:5b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOnICjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjViNGFiYWI3MTZhZDE0MDdhOTAyZTUxNzY1NjBlY2MzN2M5NjZkMB4XDTIyMDEw
MTA4NTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRmYTFjNjY4NDhl
OWZkYjgwZTMwOTEzZWQwMjNmOTZmMDRlODM5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIrEKHPeQT1o7ZjwLPE7Wh+lxnbju7gEAlc3Xj4uTqlWKi2o
+coX7dfbGliXdziUACs4qmu+QuPtqq4Jb4/ek+Q2bZ8LQPa7xTz7w4WJPf1ySxje
UiG0ICCQAF81FOWgIluQG1nFNy+BY8RHIVJbfvu9lrJEHJ9pz6pozt/Y31Dakxxu
Q7C2XygpJEmLpGQPsl7A7Va52qki+JFbVzQatEC+ltI6RaIihoNdArzjBC6TccG3
MUK0TqKNKGkFsxIXqZsHton7EqrR9wHXaFl2WS2rP2cdBOgYSqWBBQPEkcssClKo
A0EAHQf4P/Izxy8IPj8LKQtdL9deAGddCL8FXG0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQd+hxmhI6f24DjCRPtAj+W8E6DmjAfBgNVHSMEGDAWgBQ2W0q6txatFAep
AuUXZWDsw3yWbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05sdEt1cmNXclJRSHFRTGxGMlZnN01OOGxtMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvZTM1YWMxLTA1ZDEtNDA2ZC1iNjY4LTM2ZWFmNzk0ODUzMS8x
L0hmb2Nab1NPbjl1QTR3a1Q3UUlfbHZCT2c1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
ZTM1YWMxLTA1ZDEtNDA2ZC1iNjY4LTM2ZWFmNzk0ODUzMS8xL05sdEt1cmNXclJR
SHFRTGxGMlZnN01OOGxtMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAILBEDANBgkqhkiG9w0BAQsFAAOC
AQEAV5iDfuUeeCQL5/ZsbVQYxW2kd12bgDroxn9u2YIFeJj7C/nce68eZMerdJEj
w7ev47dYN1NVJQZ1DV0Tg1UIUVs/I7VUOxI7VU4minGh8UDgB1XsJ9p1nInfsUST
NOqhR9Ou2d521srHl2uiMewft1m82DhmdxpL93OTi4rsybsWAlOOKlQkCYBzuHp1
YgvUbplN+QLR+qNYjWWyp7cECtUp6gpYxok0MjVVG+yl7HM/oxAdprJWLfo3HKps
SmdZulFHzzguoJ4FV1Hae7W/qS7z/Lu8RBC2pKMjCpdtmijGSToAu0riVoFjTy4i
m1Iz5s3cqP0kZC2HZly8dJZuWw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:54:27 2025 by rpki-client