Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7GjKdL29LFRQFcyqTiNeLZH68wc.roa
File: 7GjKdL29LFRQFcyqTiNeLZH68wc.roa (raw, json)
Hash identifier: qXr0KRxiQn/fxnRAJ9vxFxIEjQiRfRMuojr7hY6TntE=
Subject key identifier: EC:68:CA:74:BD:BD:2C:54:50:15:CC:AA:4E:23:5E:2D:91:FA:F3:07
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C35483995CA872A94F5D4D7D2B3B46DBB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7GjKdL29LFRQFcyqTiNeLZH68wc.roa
Signing time: Mon 04 Dec 2023 14:42:54 +0000
ROA not before: Mon 04 Dec 2023 14:42:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
2a0f:e840::/32 maxlen: 32
2a13:18c4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:48:39:95:ca:87:2a:94:f5:d4:d7:d2:b3:b4:6d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 4 14:42:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec68ca74bdbd2c545015ccaa4e235e2d91faf307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:11:fb:af:7d:7a:2f:94:d9:98:bf:b4:bf:cb:
3a:5a:08:10:1d:c7:70:0a:0c:fc:f0:68:dc:9f:70:
8c:84:2f:6f:87:af:93:94:57:3d:f9:00:32:8c:dd:
f7:c8:03:1a:b0:2a:f6:b0:a9:93:be:af:74:ee:d5:
80:a7:01:cc:5f:8e:4d:a1:13:06:c5:8f:8b:f8:13:
e8:4e:ad:0e:b9:91:b4:ee:53:3f:d2:7b:55:2a:02:
c4:6c:0b:03:38:3c:4b:d9:06:2b:43:39:ae:0f:c0:
ed:21:1b:25:3c:e4:24:90:eb:56:0f:90:26:fc:fc:
27:54:0a:f9:e7:f0:b5:29:7f:dc:2c:82:59:a7:da:
86:36:3e:67:9f:39:7e:72:c5:7e:ee:fc:fb:09:ef:
d7:0b:ef:d7:23:2c:3a:eb:77:73:ff:f2:40:44:38:
9e:70:59:ef:45:5f:13:9d:14:7d:df:f9:74:f4:fc:
e6:09:36:bc:ca:f1:62:57:ff:7e:9d:21:0c:61:62:
19:55:03:34:e7:ae:41:9c:13:60:14:48:69:e3:84:
91:16:91:db:70:e1:c8:af:b1:8c:74:98:d9:40:c1:
18:e6:ce:e3:27:fa:08:65:65:b7:cb:b5:7c:2c:33:
3f:dc:a0:12:ce:04:de:ed:c5:11:5c:f3:04:b0:b8:
3b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:68:CA:74:BD:BD:2C:54:50:15:CC:AA:4E:23:5E:2D:91:FA:F3:07
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7GjKdL29LFRQFcyqTiNeLZH68wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a0f:e840::/32
2a13:18c4::/32
Signature Algorithm: sha256WithRSAEncryption
b3:07:1c:b5:77:0b:a7:e4:39:06:0e:ff:44:69:02:90:46:1f:
73:0c:d1:18:62:b8:65:90:8e:f4:eb:b7:33:c6:19:52:21:93:
9b:be:71:2a:f2:22:a4:f6:a9:d7:52:c9:f8:23:89:51:97:68:
de:c8:e4:b0:6a:da:f6:08:2a:eb:a3:1b:82:cf:1f:b8:85:c2:
06:10:b6:b4:d6:c0:8c:49:3f:67:ea:eb:26:53:2c:01:ca:d7:
e2:76:48:eb:9a:37:3c:da:a7:6c:ce:eb:4b:de:8c:40:11:ee:
6c:23:77:57:17:ec:22:ad:a1:5c:53:5d:5e:12:59:72:81:2d:
84:02:e6:a3:e3:09:27:5a:54:47:a7:ec:73:cb:ff:86:98:31:
2f:f7:98:4a:cc:bb:45:52:2f:19:ec:7e:0d:ae:9e:00:33:58:
5a:d1:14:01:79:cf:35:65:ce:84:9d:f8:6b:c9:c1:79:23:1b:
36:af:b8:c8:da:db:43:17:d6:18:e5:92:d4:cf:1a:20:bb:85:
cd:74:f0:13:7a:87:97:ab:95:16:1a:4d:83:96:d8:bc:c3:e3:
cb:21:6b:a0:02:c0:df:fc:bd:6f:6e:b0:22:06:2e:8e:89:7b:
d5:9c:87:a0:81:4d:b2:39:eb:7e:30:30:37:53:0e:d3:da:b0:
91:97:b0:0b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYw1SDmVyocqlPXU19KztG27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjA0MTQ0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzY4Y2E3NGJkYmQyYzU0NTAxNWNjYWE0ZTIzNWUyZDkxZmFmMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBH7r316L5TZmL+0v8s6WggQHcdw
Cgz88Gjcn3CMhC9vh6+TlFc9+QAyjN33yAMasCr2sKmTvq907tWApwHMX45NoRMG
xY+L+BPoTq0OuZG07lM/0ntVKgLEbAsDODxL2QYrQzmuD8DtIRslPOQkkOtWD5Am
/PwnVAr55/C1KX/cLIJZp9qGNj5nnzl+csV+7vz7Ce/XC+/XIyw663dz//JARDie
cFnvRV8TnRR93/l09PzmCTa8yvFiV/9+nSEMYWIZVQM0565BnBNgFEhp44SRFpHb
cOHIr7GMdJjZQMEY5s7jJ/oIZWW3y7V8LDM/3KASzgTe7cURXPMEsLg7JQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOxoynS9vSxUUBXMqk4jXi2R+vMHMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvN0dqS2RMMjlMRlJRRmN5cVRpTmVMWkg2OHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MBQEAgACMA4DBQAqD+hAAwUAKhMYxDANBgkqhkiG9w0BAQsFAAOC
AQEAswcctXcLp+Q5Bg7/RGkCkEYfcwzRGGK4ZZCO9Ou3M8YZUiGTm75xKvIipPap
11LJ+COJUZdo3sjksGra9ggq66Mbgs8fuIXCBhC2tNbAjEk/Z+rrJlMsAcrX4nZI
65o3PNqnbM7rS96MQBHubCN3VxfsIq2hXFNdXhJZcoEthALmo+MJJ1pUR6fsc8v/
hpgxL/eYSsy7RVIvGex+Da6eADNYWtEUAXnPNWXOhJ34a8nBeSMbNq+4yNrbQxfW
GOWS1M8aILuFzXTwE3qHl6uVFhpNg5bYvMPjyyFroALA3/y9b26wIgYujol71ZyH
oIFNsjnrfjAwN1MO09qwkZewCw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:00:06 2025 by rpki-client