Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/ea96bf-fa0d-42f7-8098-3f30ca086872/1/HRZJwQD_tqpFxVuN8U97io_4KjE.roa
File: HRZJwQD_tqpFxVuN8U97io_4KjE.roa (raw, json)
Hash identifier: 2xI4UepQyLaekb5X5ZA61ybBWGlKO421undiZ/31C44=
Subject key identifier: 1D:16:49:C1:00:FF:B6:AA:45:C5:5B:8D:F1:4F:7B:8A:8F:F8:2A:31
Certificate issuer: /CN=796a77ee52dced5273893a71b9dbca3c6e96495f
Certificate serial: 109308BC
Authority key identifier: 79:6A:77:EE:52:DC:ED:52:73:89:3A:71:B9:DB:CA:3C:6E:96:49:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eWp37lLc7VJziTpxudvKPG6WSV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/ea96bf-fa0d-42f7-8098-3f30ca086872/1/HRZJwQD_tqpFxVuN8U97io_4KjE.roa
Signing time: Sat 01 Jan 2022 05:00:13 +0000
ROA not before: Sat 01 Jan 2022 05:00:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47369
IP address blocks: 195.248.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278071484 (0x109308bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=796a77ee52dced5273893a71b9dbca3c6e96495f
Validity
Not Before: Jan 1 05:00:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d1649c100ffb6aa45c55b8df14f7b8a8ff82a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ac:29:82:d5:9a:85:6b:b3:56:08:19:3e:03:
05:f4:51:1b:9f:20:0c:69:78:32:ef:04:c9:02:e9:
7d:5d:d9:e6:e2:fa:d4:c2:c4:6e:c3:a1:53:b8:08:
cc:2d:ea:a1:07:d4:76:22:8f:10:d7:a0:37:87:01:
52:96:2a:bd:06:09:62:82:d9:60:8a:b6:a9:04:8b:
e9:41:db:63:65:4a:fa:92:10:fe:d5:79:25:14:3d:
dc:c5:24:8d:09:41:f0:46:8f:0f:0c:2b:27:52:03:
cd:0a:21:fa:f3:69:93:00:c0:96:27:44:b6:b1:79:
03:45:4a:94:36:61:97:b8:9f:46:a2:54:28:5e:93:
d4:0d:d1:08:d7:bd:97:7a:db:df:21:0c:e2:6f:43:
68:dc:fc:e4:47:2c:c8:96:0d:cf:e9:93:20:bd:44:
53:ea:2d:e5:1c:78:14:e4:f8:9e:4b:c5:e9:a2:41:
3d:f9:8b:44:33:26:d5:42:6b:7e:c7:69:e2:18:98:
42:07:d4:45:fc:3a:08:c2:f9:a6:fa:ff:29:9f:96:
3a:3e:cc:26:7e:98:4f:65:3d:2a:21:13:b6:5d:70:
58:bd:8c:df:8f:dd:56:7f:db:e0:16:7c:39:7b:7e:
47:7c:2f:f4:e1:98:88:65:9d:1e:23:04:16:55:6e:
36:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:16:49:C1:00:FF:B6:AA:45:C5:5B:8D:F1:4F:7B:8A:8F:F8:2A:31
X509v3 Authority Key Identifier:
keyid:79:6A:77:EE:52:DC:ED:52:73:89:3A:71:B9:DB:CA:3C:6E:96:49:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eWp37lLc7VJziTpxudvKPG6WSV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ea96bf-fa0d-42f7-8098-3f30ca086872/1/HRZJwQD_tqpFxVuN8U97io_4KjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ea96bf-fa0d-42f7-8098-3f30ca086872/1/eWp37lLc7VJziTpxudvKPG6WSV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.248.67.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:f1:fc:67:66:9a:c5:9b:9f:c8:08:3b:73:a4:52:98:3a:d4:
2f:a6:da:2b:7d:c9:9c:d4:72:b9:59:ac:94:c5:21:80:97:5c:
2b:4c:d8:c2:56:cf:6f:19:b4:76:d6:ee:31:d6:c1:93:9d:81:
f4:2a:0d:fb:cf:9d:67:3f:b5:16:df:69:e7:e0:fe:e7:c1:26:
69:2e:d8:80:ef:32:ec:ae:71:21:e7:93:0c:75:39:24:b1:be:
db:43:1e:b5:47:b7:45:19:d3:e8:14:50:9e:af:fa:a3:87:3c:
4e:e7:9f:da:58:37:6b:84:7c:a9:79:19:23:1a:0e:ea:09:13:
65:a3:7d:01:92:c1:bd:48:fb:43:3e:64:a4:bf:ef:42:1f:20:
0f:d7:9c:95:64:25:ff:c6:6c:b6:b9:76:3e:9d:a5:3c:fe:7d:
07:c4:25:6e:44:3e:b0:1d:d8:8d:13:e5:e7:84:44:b7:c6:22:
2d:1c:c1:cd:97:b1:0f:e2:c2:8f:c7:e3:46:18:bd:85:bc:ff:
33:6e:02:c5:e5:dc:57:e8:f6:63:ea:90:65:0f:8d:9c:f8:f5:
a8:69:24:98:a0:57:53:42:5e:ab:34:f9:83:e1:60:b7:4a:db:
1e:3d:93:12:1c:24:16:33:5a:a4:b6:11:81:15:e4:f8:ca:19:
75:29:f3:64
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEJMIvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTZhNzdlZTUyZGNlZDUyNzM4OTNhNzFiOWRiY2EzYzZlOTY0OTVmMB4XDTIyMDEw
MTA1MDAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQxNjQ5YzEwMGZm
YjZhYTQ1YzU1YjhkZjE0ZjdiOGE4ZmY4MmEzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCsKYLVmoVrs1YIGT4DBfRRG58gDGl4Mu8EyQLpfV3Z5uL6
1MLEbsOhU7gIzC3qoQfUdiKPENegN4cBUpYqvQYJYoLZYIq2qQSL6UHbY2VK+pIQ
/tV5JRQ93MUkjQlB8EaPDwwrJ1IDzQoh+vNpkwDAlidEtrF5A0VKlDZhl7ifRqJU
KF6T1A3RCNe9l3rb3yEM4m9DaNz85EcsyJYNz+mTIL1EU+ot5Rx4FOT4nkvF6aJB
PfmLRDMm1UJrfsdp4hiYQgfURfw6CML5pvr/KZ+WOj7MJn6YT2U9KiETtl1wWL2M
34/dVn/b4BZ8OXt+R3wv9OGYiGWdHiMEFlVuNjMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdFknBAP+2qkXFW43xT3uKj/gqMTAfBgNVHSMEGDAWgBR5anfuUtztUnOJ
OnG528o8bpZJXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VXcDM3bExjN1ZKemlUcHh1ZHZLUEc2V1NWOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvZWE5NmJmLWZhMGQtNDJmNy04MDk4LTNmMzBjYTA4Njg3Mi8x
L0hSWkp3UURfdHFwRnhWdU44VTk3aW9fNEtqRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
ZWE5NmJmLWZhMGQtNDJmNy04MDk4LTNmMzBjYTA4Njg3Mi8xL2VXcDM3bExjN1ZK
emlUcHh1ZHZLUEc2V1NWOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMP4QzANBgkqhkiG9w0BAQsFAAOC
AQEADvH8Z2aaxZufyAg7c6RSmDrUL6baK33JnNRyuVmslMUhgJdcK0zYwlbPbxm0
dtbuMdbBk52B9CoN+8+dZz+1Ft9p5+D+58EmaS7YgO8y7K5xIeeTDHU5JLG+20Me
tUe3RRnT6BRQnq/6o4c8Tuef2lg3a4R8qXkZIxoO6gkTZaN9AZLBvUj7Qz5kpL/v
Qh8gD9eclWQl/8Zstrl2Pp2lPP59B8QlbkQ+sB3YjRPl54REt8YiLRzBzZexD+LC
j8fjRhi9hbz/M24CxeXcV+j2Y+qQZQ+NnPj1qGkkmKBXU0JeqzT5g+Fgt0rbHj2T
EhwkFjNapLYRgRXk+MoZdSnzZA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:51 2025 by rpki-client