Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8JpYjaVsVcyLktZmz4ZboFQPNYU.roa
File: 8JpYjaVsVcyLktZmz4ZboFQPNYU.roa (raw, json)
Hash identifier: x/+WcJWPZST5IE3RFlSBEyZOBmJr96y9kmNC++xH4KM=
Subject key identifier: F0:9A:58:8D:A5:6C:55:CC:8B:92:D6:66:CF:86:5B:A0:54:0F:35:85
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAE817A607D604F742D197A1C64985
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8JpYjaVsVcyLktZmz4ZboFQPNYU.roa
Signing time: Sun 01 Jan 2023 14:44:52 +0000
ROA not before: Sun 01 Jan 2023 14:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7979
IP address blocks: 45.152.197.0/24 maxlen: 24
45.130.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e8:17:a6:07:d6:04:f7:42:d1:97:a1:c6:49:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f09a588da56c55cc8b92d666cf865ba0540f3585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2e:37:da:e6:56:c7:83:60:4d:d4:e8:d2:2a:
1a:25:74:2d:89:f6:c4:91:8b:ea:91:1c:44:07:39:
57:0c:03:7b:a7:5e:c3:ac:54:68:25:93:e2:96:a2:
12:e9:4a:e5:e9:a9:7d:f6:01:f9:5f:96:28:f6:43:
70:20:9a:91:ef:e3:6a:fd:98:14:0c:de:27:64:23:
8a:c7:14:2c:24:bd:aa:32:07:14:dc:72:c5:3b:f6:
a5:2e:4f:4e:ee:c2:6c:72:24:42:cf:aa:b5:c0:34:
6b:64:24:6d:fd:a8:10:66:5d:f5:5f:56:35:39:ec:
e6:25:34:65:bb:3e:8f:59:1c:a2:2d:5c:7b:26:e5:
4b:fc:78:fa:16:e2:83:a8:d9:98:8c:bb:c4:98:4c:
c1:ff:6d:91:e9:5f:f8:5b:49:0a:1b:13:6c:c7:cb:
9b:64:99:58:2e:8e:70:86:76:c4:0b:31:72:de:b4:
16:99:7a:ce:5c:96:39:3f:36:e9:fe:d5:72:3a:36:
da:f5:ee:a8:80:56:9e:d8:8b:03:f9:01:e1:af:b7:
43:69:5a:54:38:16:56:5c:c9:ed:b2:72:d1:fb:f9:
c1:a7:0a:f5:83:27:0c:94:8c:b1:97:30:a4:f7:71:
c3:97:ad:d5:3f:18:cb:87:b6:5a:a8:5d:27:fb:1d:
2e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:9A:58:8D:A5:6C:55:CC:8B:92:D6:66:CF:86:5B:A0:54:0F:35:85
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8JpYjaVsVcyLktZmz4ZboFQPNYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.253.0/24
45.152.197.0/24
Signature Algorithm: sha256WithRSAEncryption
61:fc:81:82:ca:e8:eb:71:f4:5c:b8:85:a7:48:5f:01:ae:e1:
c6:ca:e6:c5:66:8b:4f:5e:30:ce:d8:e0:0f:96:d7:2e:02:5b:
c0:71:fd:03:71:2a:c2:4c:09:4b:41:32:72:54:9c:b6:81:85:
08:30:b9:17:c7:c9:61:ba:15:c5:b7:8b:e3:b0:36:6c:6d:83:
1b:ff:10:cf:9d:b0:4e:4a:d0:3a:e3:1e:90:aa:79:c8:de:ec:
ee:7b:cb:c8:2f:69:8f:d8:06:57:fd:3c:fe:3c:8b:f6:fd:96:
c0:b8:0b:9d:5f:7c:d9:11:6b:f1:91:15:ab:52:66:c6:41:4b:
af:f7:bd:64:2a:9c:78:7b:c6:4b:d0:4b:cb:4f:64:26:96:2b:
e9:14:ee:02:6a:96:e6:ef:c5:c2:8e:c0:3d:85:49:99:02:c1:
1c:be:b8:f8:01:7f:d4:cc:d3:02:5d:07:e0:94:1c:09:7f:62:
e1:dd:d5:55:60:91:8a:1d:de:bd:b2:88:26:20:27:e8:87:5e:
3f:b7:65:0b:99:d3:4c:a7:da:a7:3e:23:86:90:9f:f9:f5:f2:
b4:47:59:c4:98:14:e8:b6:7e:3a:8b:75:fe:4c:d8:f7:e7:7c:
de:76:bf:a3:61:ea:ce:e3:6c:69:e0:90:83:d6:10:1d:37:ca:
89:61:c5:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtyugXpgfWBPdC0ZehxkmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDlhNTg4ZGE1NmM1NWNjOGI5MmQ2NjZjZjg2NWJhMDU0MGYzNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS432uZWx4NgTdTo0ioaJXQtifbE
kYvqkRxEBzlXDAN7p17DrFRoJZPilqIS6Url6al99gH5X5Yo9kNwIJqR7+Nq/ZgU
DN4nZCOKxxQsJL2qMgcU3HLFO/alLk9O7sJsciRCz6q1wDRrZCRt/agQZl31X1Y1
OezmJTRluz6PWRyiLVx7JuVL/Hj6FuKDqNmYjLvEmEzB/22R6V/4W0kKGxNsx8ub
ZJlYLo5whnbECzFy3rQWmXrOXJY5Pzbp/tVyOjba9e6ogFae2IsD+QHhr7dDaVpU
OBZWXMntsnLR+/nBpwr1gycMlIyxlzCk93HDl63VPxjLh7ZaqF0n+x0ucQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPCaWI2lbFXMi5LWZs+GW6BUDzWFMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOEpwWWphVnNWY3lMa3RabXo0WmJvRlFQTllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYL9AwQA
LZjFMA0GCSqGSIb3DQEBCwUAA4IBAQBh/IGCyujrcfRcuIWnSF8BruHGyubFZotP
XjDO2OAPltcuAlvAcf0DcSrCTAlLQTJyVJy2gYUIMLkXx8lhuhXFt4vjsDZsbYMb
/xDPnbBOStA64x6QqnnI3uzue8vIL2mP2AZX/Tz+PIv2/ZbAuAudX3zZEWvxkRWr
UmbGQUuv971kKpx4e8ZL0EvLT2QmlivpFO4Capbm78XCjsA9hUmZAsEcvrj4AX/U
zNMCXQfglBwJf2Lh3dVVYJGKHd69sogmICfoh14/t2ULmdNMp9qnPiOGkJ/59fK0
R1nEmBTotn46i3X+TNj353zedr+jYerO42xp4JCD1hAdN8qJYcUu
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:43:23 2025 by rpki-client