Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-4y-GD9aW1GeZOq_Usp5rR9zTXk.roa
File: 1-4y-GD9aW1GeZOq_Usp5rR9zTXk.roa (raw, json)
Hash identifier: +ovfrIvoVdYq0z289Emp+yYzc7FKf8VugNg8Ftu5ZcQ=
Subject key identifier: FB:8C:BE:18:3F:5A:5B:51:9E:64:EA:BF:52:CA:79:AD:1F:73:4D:79
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0184D34ADE1CF6F043E646F59AC60855F405
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-4y-GD9aW1GeZOq_Usp5rR9zTXk.roa
Signing time: Fri 02 Dec 2022 14:43:29 +0000
ROA not before: Fri 02 Dec 2022 14:43:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201950
IP address blocks: 45.146.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:4a:de:1c:f6:f0:43:e6:46:f5:9a:c6:08:55:f4:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 2 14:43:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb8cbe183f5a5b519e64eabf52ca79ad1f734d79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c6:7a:1b:36:d3:03:90:67:2d:53:19:72:b4:
b4:59:7d:9f:80:eb:03:06:a6:81:0f:80:02:7c:7c:
76:70:bd:83:e6:96:e7:56:63:00:1a:ac:c8:5b:71:
8f:32:31:46:5f:e9:ac:d2:fd:85:b8:b6:dd:f2:75:
4a:30:c5:01:48:aa:42:bc:92:85:18:46:a3:b2:6e:
aa:69:f4:ce:6a:12:54:37:20:09:3d:f9:86:79:c5:
11:0d:a1:98:b8:c7:a2:d2:60:8b:d0:51:f6:78:9d:
29:74:8f:68:0b:57:31:28:81:25:96:2f:da:22:5b:
48:81:cf:0d:c5:c0:af:5e:5b:39:bf:d4:9a:e3:fb:
61:a1:4b:a6:82:12:53:0e:d8:9b:6e:b6:c0:b5:a7:
5f:a4:84:ba:5e:91:91:eb:2a:d0:93:5e:2c:6c:76:
34:87:d0:be:ba:20:e7:74:f7:7d:63:a7:a9:0b:87:
0a:7c:6d:8b:69:44:e2:e0:ed:83:a7:40:7a:44:d6:
5f:40:5d:02:aa:ae:ad:44:bf:df:58:0e:03:a7:4d:
cc:11:3f:4f:17:51:ae:fd:06:4e:85:34:f2:0b:c9:
ac:92:49:80:ac:e3:17:c0:07:e3:a4:92:56:f2:7a:
97:93:42:db:97:4d:64:41:43:c7:20:08:f1:b8:66:
a9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:8C:BE:18:3F:5A:5B:51:9E:64:EA:BF:52:CA:79:AD:1F:73:4D:79
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-4y-GD9aW1GeZOq_Usp5rR9zTXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.129.0/24
Signature Algorithm: sha256WithRSAEncryption
19:a6:bf:68:05:d6:c0:2f:e7:0e:31:67:f0:cd:90:df:af:e0:
f5:df:f3:d0:65:f6:54:b8:c6:8e:69:7d:e3:a4:28:d3:52:d4:
86:c4:3b:1d:da:dc:b2:cc:a1:4f:28:75:0a:c4:26:77:24:51:
9d:d1:40:a7:d4:a6:09:2f:11:a3:ea:c6:6b:75:83:ae:05:c8:
c9:ef:c4:ff:29:17:75:c1:ab:52:ff:64:9b:aa:ca:aa:10:08:
48:9d:53:29:34:43:d3:0c:4f:ef:72:af:60:9c:63:ad:95:b6:
5f:64:76:06:2b:f3:c3:80:91:70:3c:de:ae:c0:c7:18:a3:0f:
92:ca:ab:5a:f8:61:99:28:a6:db:dc:db:36:9a:75:3b:dd:2f:
d4:ea:e3:37:83:a9:0a:d4:10:49:28:a4:aa:6d:62:df:e0:8d:
13:36:30:0f:54:e8:72:11:9a:20:b8:5b:1e:1d:a0:e8:1a:35:
6a:9b:1b:28:8c:dc:d7:e1:ae:d7:54:fc:dd:4a:71:37:a1:c9:
a3:56:a1:0f:e8:a4:cd:ff:20:1d:17:ad:c4:45:a6:98:a0:1a:
43:e9:d4:3c:b0:2c:0f:83:19:7c:5b:8f:bc:d3:f8:41:4b:6c:
60:2e:ce:75:09:fa:65:bc:41:5f:56:af:65:df:ca:f7:55:bd:
6a:ea:7b:d5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTTSt4c9vBD5kb1msYIVfQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjAyMTQ0MzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjhjYmUxODNmNWE1YjUxOWU2NGVhYmY1MmNhNzlhZDFmNzM0ZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMZ6GzbTA5BnLVMZcrS0WX2fgOsD
BqaBD4ACfHx2cL2D5pbnVmMAGqzIW3GPMjFGX+ms0v2FuLbd8nVKMMUBSKpCvJKF
GEajsm6qafTOahJUNyAJPfmGecURDaGYuMei0mCL0FH2eJ0pdI9oC1cxKIElli/a
IltIgc8NxcCvXls5v9Sa4/thoUumghJTDtibbrbAtadfpIS6XpGR6yrQk14sbHY0
h9C+uiDndPd9Y6epC4cKfG2LaUTi4O2Dp0B6RNZfQF0Cqq6tRL/fWA4Dp03MET9P
F1Gu/QZOhTTyC8mskkmArOMXwAfjpJJW8nqXk0Lbl01kQUPHIAjxuGapQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPuMvhg/WltRnmTqv1LKea0fc015MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMS00eS1HRDlhVzFHZVpPcV9Vc3A1clI5elRYay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRi
Ni8xL2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2SgTAN
BgkqhkiG9w0BAQsFAAOCAQEAGaa/aAXWwC/nDjFn8M2Q36/g9d/z0GX2VLjGjml9
46Qo01LUhsQ7HdrcssyhTyh1CsQmdyRRndFAp9SmCS8Ro+rGa3WDrgXIye/E/ykX
dcGrUv9km6rKqhAISJ1TKTRD0wxP73KvYJxjrZW2X2R2Bivzw4CRcDzersDHGKMP
ksqrWvhhmSim29zbNpp1O90v1OrjN4OpCtQQSSikqm1i3+CNEzYwD1TochGaILhb
Hh2g6Bo1apsbKIzc1+Gu11T83UpxN6HJo1ahD+ikzf8gHRetxEWmmKAaQ+nUPLAs
D4MZfFuPvNP4QUtsYC7OdQn6ZbxBX1avZd/K91W9aup71Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:14 2025 by rpki-client