Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1Whz-NMDd7hMQP2TwKHOp5364-E.roa
File: 1Whz-NMDd7hMQP2TwKHOp5364-E.roa (raw, json)
Hash identifier: U0XuFqKUmyZmmwptMzaGne4RP1X1+wE/LUH67nXCtfQ=
Subject key identifier: D5:68:73:F8:D3:03:77:B8:4C:40:FD:93:C0:A1:CE:A7:9D:FA:E3:E1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0183670647E2FD6A967993FAF08FF808286C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1Whz-NMDd7hMQP2TwKHOp5364-E.roa
Signing time: Thu 22 Sep 2022 21:06:48 +0000
ROA not before: Thu 22 Sep 2022 21:06:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51765
IP address blocks: 45.95.98.0/24 maxlen: 24
45.118.249.0/24 maxlen: 24
45.137.82.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:67:06:47:e2:fd:6a:96:79:93:fa:f0:8f:f8:08:28:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 22 21:06:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d56873f8d30377b84c40fd93c0a1cea79dfae3e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e4:df:06:72:ee:f2:9c:0d:fe:a5:f3:b9:75:
bf:e3:8e:96:49:41:f7:69:24:f3:e1:22:a3:0b:9a:
bf:5f:d2:de:5e:73:e4:1d:4f:01:35:52:99:ad:36:
f3:63:ea:8d:44:c1:a5:88:80:97:d8:47:b8:6b:c6:
3a:f8:fa:06:61:8b:a0:b7:2a:7d:dc:35:38:c2:b1:
9f:3c:47:f4:62:e6:9e:00:72:32:e3:c5:ec:15:17:
ab:8c:fd:fe:18:2b:de:db:bd:42:2f:eb:23:f3:70:
a7:aa:32:b8:4e:71:39:5b:f4:01:0c:b0:c8:61:84:
9b:91:0f:9f:11:e2:1a:bf:a1:58:73:bc:35:cc:4c:
1e:13:74:54:d9:52:12:22:ae:c0:bf:3e:eb:90:c4:
a0:c6:e8:12:47:df:7b:2e:0e:f8:46:20:4c:85:32:
93:ce:77:58:3f:fe:aa:f0:e4:27:43:6e:8d:02:de:
7c:dc:78:bc:aa:da:f0:7e:15:74:32:7e:30:2a:d3:
33:e1:3a:eb:37:c4:90:80:8a:a8:3a:db:38:51:03:
46:24:c6:2f:c4:08:88:3c:03:d2:ba:8b:a9:8c:01:
ea:0f:d6:63:62:d3:c6:6c:1d:53:7b:fa:e6:a4:00:
52:33:0f:5a:06:6f:b5:8a:7c:7c:25:1c:fb:d0:69:
55:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:68:73:F8:D3:03:77:B8:4C:40:FD:93:C0:A1:CE:A7:9D:FA:E3:E1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1Whz-NMDd7hMQP2TwKHOp5364-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.98.0/24
45.118.249.0/24
45.137.82.0/24
Signature Algorithm: sha256WithRSAEncryption
18:7a:9f:de:9f:01:a7:09:1f:05:43:44:5c:7a:dd:57:f2:98:
6d:ba:29:38:e1:35:77:5c:ed:0a:3b:cb:ab:e7:91:1f:0a:3d:
e4:2b:c9:7c:29:b5:05:0c:ff:f9:b4:5d:a9:69:b0:cc:1c:4d:
b3:54:89:db:bb:3d:07:6b:ce:3d:f2:c9:15:e9:1a:fd:62:89:
7f:85:56:ea:aa:7c:17:08:1b:33:27:5e:76:3e:36:2d:20:c7:
d4:7f:81:aa:a6:28:13:2a:29:47:63:bc:5a:10:5b:8d:ff:9d:
18:6b:cd:92:ee:6c:74:e8:2b:5b:05:ba:3b:8f:78:c0:1b:2e:
c9:30:29:81:7c:ef:d4:3d:41:aa:da:56:aa:13:9f:f6:d9:d6:
de:ca:74:4e:db:7e:aa:2c:a8:fa:42:f9:fa:5f:ca:7f:3b:b1:
d9:83:f4:2e:e6:43:d5:bf:14:e0:f3:04:41:1a:0b:a3:49:d4:
8b:ab:35:6d:3e:36:3b:24:81:d5:1d:22:5e:63:3b:29:75:34:
f8:74:8f:07:ee:33:bc:4b:68:c6:83:73:91:ce:d1:0a:95:2c:
5d:36:0f:67:7f:a4:87:bc:8b:a2:5e:bd:ce:01:46:8c:65:82:
70:fb:b8:04:a9:7d:ec:ac:7a:e6:bb:4b:06:eb:ca:41:91:ce:
0a:4e:c8:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYNnBkfi/WqWeZP68I/4CChsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwOTIyMjEwNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTY4NzNmOGQzMDM3N2I4NGM0MGZkOTNjMGExY2VhNzlkZmFlM2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOTfBnLu8pwN/qXzuXW/446WSUH3
aSTz4SKjC5q/X9LeXnPkHU8BNVKZrTbzY+qNRMGliICX2Ee4a8Y6+PoGYYugtyp9
3DU4wrGfPEf0YuaeAHIy48XsFRerjP3+GCve271CL+sj83CnqjK4TnE5W/QBDLDI
YYSbkQ+fEeIav6FYc7w1zEweE3RU2VISIq7Avz7rkMSgxugSR997Lg74RiBMhTKT
zndYP/6q8OQnQ26NAt583Hi8qtrwfhV0Mn4wKtMz4TrrN8SQgIqoOts4UQNGJMYv
xAiIPAPSuoupjAHqD9ZjYtPGbB1Te/rmpABSMw9aBm+1inx8JRz70GlVBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNVoc/jTA3e4TED9k8Chzqed+uPhMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMVdoei1OTURkN2hNUVAyVHdLSE9wNTM2NC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV9iAwQA
LXb5AwQALYlSMA0GCSqGSIb3DQEBCwUAA4IBAQAYep/enwGnCR8FQ0Rcet1X8pht
uik44TV3XO0KO8ur55EfCj3kK8l8KbUFDP/5tF2pabDMHE2zVInbuz0Ha8498skV
6Rr9Yol/hVbqqnwXCBszJ152PjYtIMfUf4GqpigTKilHY7xaEFuN/50Ya82S7mx0
6CtbBbo7j3jAGy7JMCmBfO/UPUGq2laqE5/22dbeynRO236qLKj6Qvn6X8p/O7HZ
g/Qu5kPVvxTg8wRBGgujSdSLqzVtPjY7JIHVHSJeYzspdTT4dI8H7jO8S2jGg3OR
ztEKlSxdNg9nf6SHvIuiXr3OAUaMZYJw+7gEqX3srHrmu0sG68pBkc4KTsgk
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:11 2025 by rpki-client