Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4l2BfyKMyWT_p6vNE2uGA6DWjPo.roa
File: 4l2BfyKMyWT_p6vNE2uGA6DWjPo.roa (raw, json)
Hash identifier: uMfXvmSZ8/AceM0flUeDHcgxPoYJjkVGUifDb8E6y0o=
Subject key identifier: E2:5D:81:7F:22:8C:C9:64:FF:A7:AB:CD:13:6B:86:03:A0:D6:8C:FA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018842224F33764B37BDA0E6588CDD5791C5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4l2BfyKMyWT_p6vNE2uGA6DWjPo.roa
Signing time: Mon 22 May 2023 06:25:24 +0000
ROA not before: Mon 22 May 2023 06:25:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
2a0f:e840::/32 maxlen: 32
2a0c:7880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:22:4f:33:76:4b:37:bd:a0:e6:58:8c:dd:57:91:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 22 06:25:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e25d817f228cc964ffa7abcd136b8603a0d68cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:05:da:27:16:08:a6:55:71:cc:4e:42:ca:26:
67:fb:32:66:07:dd:ae:51:0e:99:a2:5e:c5:64:02:
b7:be:82:86:e0:13:78:d0:e4:66:8f:09:f5:37:5e:
e6:ba:7b:80:91:9c:94:35:ca:8c:b9:55:3d:d4:b5:
4a:bc:b2:27:16:be:a1:3b:e9:13:8d:04:9c:81:43:
f1:5f:9a:7e:00:53:e3:76:38:3b:e9:19:c0:a9:07:
72:ee:e2:7a:c5:63:cc:21:40:1e:24:3f:47:91:4a:
64:0f:0a:2f:5d:21:46:dd:ac:81:17:34:22:fc:e7:
4d:eb:36:ec:9b:45:a4:4d:64:f6:b0:48:64:85:6a:
c7:c2:be:c7:01:6e:94:68:20:fb:7d:65:69:2e:a0:
a1:ca:9f:ae:a3:f0:7a:ca:47:b8:11:3f:40:58:e8:
d3:fa:c0:86:c9:38:36:8c:c0:95:97:37:f0:ff:6f:
56:f9:61:d7:35:ce:fc:2c:d0:44:ce:93:93:44:8e:
cb:fe:61:ce:03:11:fe:e1:fa:50:0a:5d:35:e2:49:
27:e5:09:c5:9f:44:ae:ab:98:8d:a7:25:8a:7e:a1:
a4:4b:e3:75:a3:cd:13:47:dd:4d:0e:4d:d9:b6:6f:
b5:99:78:7a:77:6d:d6:90:27:c0:40:fc:3a:e3:d1:
f0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5D:81:7F:22:8C:C9:64:FF:A7:AB:CD:13:6B:86:03:A0:D6:8C:FA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4l2BfyKMyWT_p6vNE2uGA6DWjPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
45.135.37.0/24
93.190.246.0/23
IPv6:
2a0c:7880::/32
2a0f:e840::/32
Signature Algorithm: sha256WithRSAEncryption
8e:67:33:aa:0d:78:46:bd:a6:1a:ce:2e:73:25:c4:5a:65:ee:
88:9b:f7:74:ba:ac:56:1b:31:23:13:d9:24:71:dd:e6:83:0c:
04:af:75:1e:f1:70:12:de:eb:b1:db:d2:ff:31:9d:86:81:f7:
04:d6:ea:15:74:1a:47:d3:48:77:62:b7:32:59:24:a3:ad:cc:
50:5e:80:cf:f2:6b:a3:54:8c:51:10:2d:dd:c3:48:ed:d8:31:
35:55:85:b4:2d:54:c7:6b:00:87:05:0a:08:be:25:98:57:7f:
13:a8:7a:ee:79:94:eb:1f:2f:8a:eb:5e:98:fc:33:95:70:8a:
1f:1f:08:9e:58:9e:3c:01:b9:d2:ca:18:e9:83:ed:6f:80:94:
9a:0b:69:f4:c3:7c:d4:ed:73:89:18:03:85:e6:36:d5:23:17:
08:15:8a:dd:11:8d:90:e5:46:7a:c9:e8:ad:70:02:1e:84:a8:
21:56:68:c3:97:4a:5d:a6:1c:8f:06:80:c8:59:31:62:86:55:
26:5e:ad:33:77:1a:17:e5:0e:aa:df:4e:f8:66:93:70:89:02:
2e:0f:e3:59:a9:11:d6:e3:6d:a1:2d:26:f5:2d:3f:9b:28:cc:
3c:9d:97:8a:dd:1e:28:58:62:06:8d:ec:97:6a:64:9f:23:a4:
14:2d:db:05
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYhCIk8zdks3vaDmWIzdV5HFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNTIyMDYyNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjVkODE3ZjIyOGNjOTY0ZmZhN2FiY2QxMzZiODYwM2EwZDY4Y2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAXaJxYIplVxzE5CyiZn+zJmB92u
UQ6Zol7FZAK3voKG4BN40ORmjwn1N17munuAkZyUNcqMuVU91LVKvLInFr6hO+kT
jQScgUPxX5p+AFPjdjg76RnAqQdy7uJ6xWPMIUAeJD9HkUpkDwovXSFG3ayBFzQi
/OdN6zbsm0WkTWT2sEhkhWrHwr7HAW6UaCD7fWVpLqChyp+uo/B6yke4ET9AWOjT
+sCGyTg2jMCVlzfw/29W+WHXNc78LNBEzpOTRI7L/mHOAxH+4fpQCl014kkn5QnF
n0Suq5iNpyWKfqGkS+N1o80TR91NDk3Ztm+1mXh6d23WkCfAQPw649HwJwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOJdgX8ijMlk/6erzRNrhgOg1oz6MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNGwyQmZ5S015V1RfcDZ2TkUydUdBNkRXalBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQALYAaAwQA
LYF/AwQALYclAwQBXb72MBQEAgACMA4DBQAqDHiAAwUAKg/oQDANBgkqhkiG9w0B
AQsFAAOCAQEAjmczqg14Rr2mGs4ucyXEWmXuiJv3dLqsVhsxIxPZJHHd5oMMBK91
HvFwEt7rsdvS/zGdhoH3BNbqFXQaR9NId2K3Mlkko63MUF6Az/Jro1SMURAt3cNI
7dgxNVWFtC1Ux2sAhwUKCL4lmFd/E6h67nmU6x8viutemPwzlXCKHx8InliePAG5
0soY6YPtb4CUmgtp9MN81O1ziRgDheY21SMXCBWK3RGNkOVGesnorXACHoSoIVZo
w5dKXaYcjwaAyFkxYoZVJl6tM3caF+UOqt9O+GaTcIkCLg/jWakR1uNtoS0m9S0/
myjMPJ2Xit0eKFhiBo3sl2pknyOkFC3bBQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:00:04 2025 by rpki-client