Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-71hPF8mxDaQOD7Pk9TtV1ykpAc.roa
File: 1-71hPF8mxDaQOD7Pk9TtV1ykpAc.roa (raw, json)
Hash identifier: zPKFcVnNi1hO9X/Yq+V+/RHWn4FB6edr3B4TYbdibDk=
Subject key identifier: FB:BD:61:3C:5F:26:C4:36:90:38:3E:CF:93:D4:ED:57:5C:A4:A4:07
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01865B3CD17A73AEFC4DAF154686D00C0051
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-71hPF8mxDaQOD7Pk9TtV1ykpAc.roa
Signing time: Thu 16 Feb 2023 17:19:17 +0000
ROA not before: Thu 16 Feb 2023 17:19:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.128.79.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
45.135.38.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
45.128.25.0/24 maxlen: 24
2a0f:e840::/32 maxlen: 32
2a0c:4880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5b:3c:d1:7a:73:ae:fc:4d:af:15:46:86:d0:0c:00:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 16 17:19:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbbd613c5f26c43690383ecf93d4ed575ca4a407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b6:50:6c:3d:20:6a:6e:0d:51:09:8c:af:04:
a1:82:6b:00:9a:7b:fc:36:a4:95:a2:35:d4:89:c6:
aa:c5:56:95:eb:96:6d:5f:8a:c9:af:10:b8:f6:99:
c4:ba:e7:68:05:28:e8:f0:50:2c:d0:ab:ff:f4:d2:
82:42:f9:71:1f:90:83:33:40:c9:6a:40:ff:ce:ee:
8d:9e:dc:3c:3d:5c:79:d2:5a:e9:ec:3d:cc:72:3d:
f9:4b:e8:69:65:ad:25:30:7c:17:49:ee:40:59:10:
63:01:7c:c8:d5:c5:0a:f0:5e:c0:b3:b9:70:2a:f7:
a3:3d:a4:7b:e0:54:c3:55:88:53:5d:31:fa:e1:42:
39:6d:03:d1:cd:57:8a:d4:18:aa:bd:11:90:b3:2a:
b7:32:46:e8:62:21:e8:51:c7:74:85:b4:17:3e:ef:
ae:14:87:60:0d:41:ba:44:6f:48:69:7b:51:7a:7d:
ce:30:6e:21:a2:83:fd:4a:65:b4:ac:7a:b8:ce:f8:
18:31:f4:77:3c:5c:1a:37:19:2c:77:5a:a1:7c:34:
b5:41:ba:cc:c7:9c:b8:b8:17:a9:03:fb:e9:aa:34:
5c:dc:53:46:9d:20:1f:22:49:a4:0e:c2:ca:94:8c:
d9:c4:07:78:3e:91:d0:3b:73:83:cb:6f:29:b4:65:
cc:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:BD:61:3C:5F:26:C4:36:90:38:3E:CF:93:D4:ED:57:5C:A4:A4:07
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-71hPF8mxDaQOD7Pk9TtV1ykpAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.25.0-45.128.26.255
45.128.79.0/24
45.129.127.0/24
45.135.37.0-45.135.38.255
93.190.246.0/23
IPv6:
2a0c:4880::/32
2a0f:e840::/32
Signature Algorithm: sha256WithRSAEncryption
9f:66:ea:3c:5f:20:2c:bb:c0:ed:d7:69:4d:b3:13:9f:fe:72:
a7:e6:03:10:3d:21:60:de:4b:3d:25:fc:fa:fd:73:7d:a3:bc:
24:e6:41:83:68:88:0d:3f:09:99:a0:c1:59:ba:12:3c:9e:2e:
b2:0e:c5:ef:bf:6b:dc:43:86:12:0e:30:11:27:61:a6:29:c9:
3c:32:76:82:98:29:f4:21:20:af:83:23:82:67:c3:5f:f3:64:
e2:d5:f6:f0:4f:cb:bb:ec:a2:69:d6:d9:41:75:ee:a8:0b:95:
ae:62:e3:44:95:c1:af:e3:59:d0:07:fa:a7:fd:04:be:53:58:
26:b8:88:01:b6:e5:fc:ef:a0:ce:46:05:67:1a:b7:2b:b5:70:
ae:76:7b:d5:dd:cd:39:25:37:86:78:6d:57:f4:a7:f3:79:e1:
64:95:a5:9a:bf:65:50:4b:42:8e:54:f6:c2:22:63:f0:3c:5d:
78:99:1f:64:d3:fa:65:49:4c:b4:ad:c0:fc:9b:60:c2:2a:ba:
a7:f6:25:4e:ad:cf:4d:86:cd:69:e8:6f:d9:79:5f:48:cb:dc:
4b:03:0e:8b:ee:10:d3:02:ac:a9:ec:88:eb:8d:bb:ad:26:7b:
8c:dd:8e:e0:13:87:90:a8:02:23:94:72:eb:3c:7b:96:2f:02:
8b:06:40:b1
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYZbPNF6c678Ta8VRobQDABRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjE2MTcxOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmJkNjEzYzVmMjZjNDM2OTAzODNlY2Y5M2Q0ZWQ1NzVjYTRhNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrZQbD0gam4NUQmMrwShgmsAmnv8
NqSVojXUicaqxVaV65ZtX4rJrxC49pnEuudoBSjo8FAs0Kv/9NKCQvlxH5CDM0DJ
akD/zu6Nntw8PVx50lrp7D3Mcj35S+hpZa0lMHwXSe5AWRBjAXzI1cUK8F7As7lw
KvejPaR74FTDVYhTXTH64UI5bQPRzVeK1BiqvRGQsyq3MkboYiHoUcd0hbQXPu+u
FIdgDUG6RG9IaXtRen3OMG4hooP9SmW0rHq4zvgYMfR3PFwaNxksd1qhfDS1QbrM
x5y4uBepA/vpqjRc3FNGnSAfIkmkDsLKlIzZxAd4PpHQO3ODy28ptGXM/QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFPu9YTxfJsQ2kDg+z5PU7VdcpKQHMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMS03MWhQRjhteERhUU9EN1BrOVR0VjF5a3BBYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRi
Ni8xL2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBdBggrBgEFBQcBBwEB/wROMEwwNAQCAAEwLjAMAwQALYAZ
AwQALYAaAwQALYBPAwQALYF/MAwDBAAthyUDBAAthyYDBAFdvvYwFAQCAAIwDgMF
ACoMSIADBQAqD+hAMA0GCSqGSIb3DQEBCwUAA4IBAQCfZuo8XyAsu8Dt12lNsxOf
/nKn5gMQPSFg3ks9Jfz6/XN9o7wk5kGDaIgNPwmZoMFZuhI8ni6yDsXvv2vcQ4YS
DjARJ2GmKck8MnaCmCn0ISCvgyOCZ8Nf82Ti1fbwT8u77KJp1tlBde6oC5WuYuNE
lcGv41nQB/qn/QS+U1gmuIgBtuX876DORgVnGrcrtXCudnvV3c05JTeGeG1X9Kfz
eeFklaWav2VQS0KOVPbCImPwPF14mR9k0/plSUy0rcD8m2DCKrqn9iVOrc9Nhs1p
6G/ZeV9Iy9xLAw6L7hDTAqyp7IjrjbutJnuM3Y7gE4eQqAIjlHLrPHuWLwKLBkCx
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:28 2025 by rpki-client