Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9QZaCiZWRfw27eExCFiiP4WKvto.roa
File: 9QZaCiZWRfw27eExCFiiP4WKvto.roa (raw, json)
Hash identifier: Fr4KwUbAd4cccW+Fyr8EzrMAO+aOfVk3e/zFDcXZVJo=
Subject key identifier: F5:06:5A:0A:26:56:45:FC:36:ED:E1:31:08:58:A2:3F:85:8A:BE:DA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0186A7C7B8AA54DA7CAB41C3DAB7AA59B4B9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9QZaCiZWRfw27eExCFiiP4WKvto.roa
Signing time: Fri 03 Mar 2023 14:02:09 +0000
ROA not before: Fri 03 Mar 2023 14:02:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.128.79.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
45.135.38.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
45.128.25.0/24 maxlen: 24
2a0f:e840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a7:c7:b8:aa:54:da:7c:ab:41:c3:da:b7:aa:59:b4:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 3 14:02:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5065a0a265645fc36ede1310858a23f858abeda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:56:2f:33:db:7f:d9:a7:93:7e:ab:f6:0a:87:
f7:9d:b5:d7:6f:fc:28:85:0a:97:44:d1:f8:82:0f:
53:27:05:91:07:16:48:d5:a9:98:33:d0:9c:90:61:
4d:f1:2b:c2:87:f6:f9:d3:8d:13:6f:d3:a5:0b:b6:
62:5c:4c:d3:a0:7b:f6:a4:7f:af:38:d5:9e:1c:ae:
06:b6:10:18:99:a3:9b:42:3c:1b:d5:01:10:c0:63:
ea:68:e4:fd:94:a5:71:e1:4d:7c:33:22:60:b5:f0:
e9:39:87:48:43:f7:39:48:8f:aa:02:44:c4:8b:35:
44:e3:2f:2b:ec:77:fb:15:a6:37:55:d6:13:a1:98:
65:7e:33:a8:ea:97:90:7f:a0:1e:dd:c7:95:20:c5:
38:ae:f3:c2:eb:9b:b2:2c:a9:34:7b:09:7e:7b:ae:
59:d2:1e:1f:a3:50:35:7d:bf:dd:55:df:52:78:35:
77:3a:76:e0:1e:c7:85:b0:7a:d6:61:83:d6:e7:89:
d2:81:88:54:4c:31:f5:75:b1:65:68:93:96:45:0c:
38:ef:f5:0e:97:64:ed:11:0c:ff:bf:c1:02:a2:35:
0d:9a:7e:2a:3f:09:55:bb:15:aa:09:52:19:23:a5:
ee:ae:c0:5d:4a:9f:0e:a5:c7:ef:a7:61:0a:bb:f9:
cd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:06:5A:0A:26:56:45:FC:36:ED:E1:31:08:58:A2:3F:85:8A:BE:DA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9QZaCiZWRfw27eExCFiiP4WKvto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.25.0-45.128.26.255
45.128.79.0/24
45.129.127.0/24
45.135.37.0-45.135.38.255
93.190.246.0/23
IPv6:
2a0f:e840::/32
Signature Algorithm: sha256WithRSAEncryption
9d:21:b9:d1:c4:d4:aa:e8:ef:ec:c7:ab:c2:53:34:98:45:12:
ef:1c:d2:a2:39:6f:3a:47:d8:87:18:6c:b0:3e:e8:ce:7d:b3:
0c:9e:84:9b:8f:e6:d0:a3:08:c8:e7:d1:f7:8a:39:60:8a:9b:
6c:10:bd:af:28:28:9e:c2:0b:64:5d:ed:e5:cf:0c:b5:73:e4:
5f:ed:7b:54:a6:e2:64:89:55:97:07:a5:c5:2e:37:7d:da:5c:
7b:1d:cc:c8:65:ff:a6:7f:7d:4b:ef:b7:39:32:98:1c:ac:74:
8a:5f:78:08:1f:b4:d9:5a:53:83:25:e3:18:b8:86:1a:03:7d:
70:4f:27:47:64:63:ce:bb:7b:97:d3:6f:00:d5:63:67:be:a7:
ea:e6:18:d9:10:51:26:95:c7:2b:7f:fc:79:06:2d:dd:a2:b3:
fa:68:5c:76:1b:bc:6a:08:6a:48:5e:41:70:68:a4:45:4a:ed:
63:f0:4a:9e:d0:1b:ba:eb:47:06:8a:68:f0:15:b3:08:fe:81:
3c:3c:a3:15:94:d5:3e:d9:dd:44:09:73:25:6a:df:76:72:cb:
57:6e:14:18:06:03:eb:00:5c:fd:e3:c3:9f:d3:81:b5:e1:ce:
c0:ad:9d:02:a7:8e:41:36:72:93:8e:be:92:00:3b:cb:a9:d4:
83:42:d8:af
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYanx7iqVNp8q0HD2reqWbS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMzAzMTQwMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTA2NWEwYTI2NTY0NWZjMzZlZGUxMzEwODU4YTIzZjg1OGFiZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1YvM9t/2aeTfqv2Cof3nbXXb/wo
hQqXRNH4gg9TJwWRBxZI1amYM9CckGFN8SvCh/b5040Tb9OlC7ZiXEzToHv2pH+v
ONWeHK4GthAYmaObQjwb1QEQwGPqaOT9lKVx4U18MyJgtfDpOYdIQ/c5SI+qAkTE
izVE4y8r7Hf7FaY3VdYToZhlfjOo6peQf6Ae3ceVIMU4rvPC65uyLKk0ewl+e65Z
0h4fo1A1fb/dVd9SeDV3OnbgHseFsHrWYYPW54nSgYhUTDH1dbFlaJOWRQw47/UO
l2TtEQz/v8ECojUNmn4qPwlVuxWqCVIZI6XursBdSp8Opcfvp2EKu/nNswIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFPUGWgomVkX8Nu3hMQhYoj+Fir7aMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOVFaYUNpWldSZncyN2VFeENGaWlQNFdLdnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTA0BAIAATAuMAwDBAAtgBkD
BAAtgBoDBAAtgE8DBAAtgX8wDAMEAC2HJQMEAC2HJgMEAV2+9jANBAIAAjAHAwUA
Kg/oQDANBgkqhkiG9w0BAQsFAAOCAQEAnSG50cTUqujv7MerwlM0mEUS7xzSojlv
OkfYhxhssD7ozn2zDJ6Em4/m0KMIyOfR94o5YIqbbBC9rygonsILZF3t5c8MtXPk
X+17VKbiZIlVlwelxS43fdpcex3MyGX/pn99S++3OTKYHKx0il94CB+02VpTgyXj
GLiGGgN9cE8nR2Rjzrt7l9NvANVjZ76n6uYY2RBRJpXHK3/8eQYt3aKz+mhcdhu8
aghqSF5BcGikRUrtY/BKntAbuutHBopo8BWzCP6BPDyjFZTVPtndRAlzJWrfdnLL
V24UGAYD6wBc/ePDn9OBteHOwK2dAqeOQTZyk46+kgA7y6nUg0LYrw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:06 2025 by rpki-client