Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/A9imE1wAFSRqdxB85HYsN5Rgx_E.roa
File: A9imE1wAFSRqdxB85HYsN5Rgx_E.roa (raw, json)
Hash identifier: GqzpVfo1Y+UmERrSqoAbMOJOtBJLgZd/DPiPrnZLtfw=
Subject key identifier: 03:D8:A6:13:5C:00:15:24:6A:77:10:7C:E4:76:2C:37:94:60:C7:F1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C536B27D89320D61D0C970C93BEEB8386
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/A9imE1wAFSRqdxB85HYsN5Rgx_E.roa
Signing time: Sun 10 Dec 2023 11:09:40 +0000
ROA not before: Sun 10 Dec 2023 11:09:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
2a12:d6c0::/29 maxlen: 29
2a0f:e840::/32 maxlen: 32
2a13:18c4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:53:6b:27:d8:93:20:d6:1d:0c:97:0c:93:be:eb:83:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 10 11:09:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03d8a6135c0015246a77107ce4762c379460c7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7d:d6:da:be:2e:4d:6d:35:77:ec:44:d2:68:
55:49:b7:18:70:6b:e1:ac:a1:8f:29:34:06:d7:f3:
a4:fd:f9:69:5b:7e:0c:1a:cb:6f:6f:79:e8:b0:5e:
1e:42:49:98:e5:b7:cb:92:ed:fe:5f:7c:ca:87:13:
e2:df:df:dd:73:1c:d8:b3:66:75:d2:81:a3:b4:b4:
dd:4d:f1:a4:48:f0:9a:0f:25:37:b2:9f:bd:27:c8:
ca:dd:f6:81:15:5b:fa:44:9d:ea:c1:c4:b3:66:1e:
c8:48:22:21:2e:89:54:8d:01:fa:1d:f8:89:3b:90:
c1:48:19:76:78:91:a0:a3:0e:1a:03:fc:6c:e2:c3:
fc:36:55:ea:03:6b:5b:0f:75:a6:f9:d5:51:cf:14:
7a:8d:8d:77:bb:45:be:9c:ed:b1:8e:f6:ec:55:1a:
62:02:39:89:1a:f7:27:34:26:62:0c:58:2b:eb:07:
5a:29:57:8e:3d:bf:2d:58:c0:f9:62:51:8e:fe:c2:
9a:33:ef:c3:cf:e1:07:c8:a1:43:52:80:88:6a:28:
ee:ef:d4:04:bb:b5:b6:08:92:5e:36:3a:8d:5c:6d:
f4:f7:9a:67:d6:1e:68:69:d8:29:85:fd:50:0d:e1:
1b:41:a9:b8:83:ec:96:f9:40:00:ca:09:c5:47:48:
fd:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D8:A6:13:5C:00:15:24:6A:77:10:7C:E4:76:2C:37:94:60:C7:F1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/A9imE1wAFSRqdxB85HYsN5Rgx_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a0f:e840::/32
2a12:d6c0::/29
2a13:18c4::/32
Signature Algorithm: sha256WithRSAEncryption
b5:ac:85:eb:77:fd:82:6d:d8:23:67:da:27:0d:07:ce:35:aa:
14:a0:0f:0d:85:51:68:a5:1d:ca:9b:fa:d4:dd:35:fa:77:27:
6e:f1:53:67:63:09:06:bc:18:ce:7f:a8:48:00:d7:66:7b:24:
e3:54:42:11:aa:68:db:f9:69:e2:1a:c1:91:be:e9:8f:d7:4a:
36:45:ce:7b:0b:ac:d4:e7:ea:8e:74:5d:3b:4a:30:a6:95:c6:
6f:a0:5b:5f:d0:ea:6a:85:65:4d:21:5a:01:fc:c2:6d:bc:11:
39:4a:98:ea:5c:2a:93:eb:e4:59:d0:40:43:2e:5a:2e:4b:e5:
f0:ae:54:ee:b6:bd:54:41:b7:45:ae:78:9b:84:bb:6c:c7:67:
e4:ca:32:20:1b:d8:9e:7b:ee:68:7a:f8:36:29:72:ff:0a:c8:
30:72:a9:06:e8:3f:56:1c:08:b1:0c:9b:88:07:8b:05:8b:b1:
c8:9a:11:0f:8a:34:77:56:e3:97:a0:c7:3e:83:91:2b:91:d7:
c2:e0:52:34:9d:15:70:9f:19:29:97:95:7d:9f:d1:22:59:a5:
79:5f:6e:d7:44:7d:32:28:1a:cd:be:78:5c:66:c9:90:c0:9d:
79:7b:a1:cc:78:59:f3:73:a1:0c:58:0b:a0:e6:c1:0f:4c:2a:
ba:4a:aa:2a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYxTayfYkyDWHQyXDJO+64OGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjEwMTEwOTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Q4YTYxMzVjMDAxNTI0NmE3NzEwN2NlNDc2MmMzNzk0NjBjN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnn3W2r4uTW01d+xE0mhVSbcYcGvh
rKGPKTQG1/Ok/flpW34MGstvb3nosF4eQkmY5bfLku3+X3zKhxPi39/dcxzYs2Z1
0oGjtLTdTfGkSPCaDyU3sp+9J8jK3faBFVv6RJ3qwcSzZh7ISCIhLolUjQH6HfiJ
O5DBSBl2eJGgow4aA/xs4sP8NlXqA2tbD3Wm+dVRzxR6jY13u0W+nO2xjvbsVRpi
AjmJGvcnNCZiDFgr6wdaKVeOPb8tWMD5YlGO/sKaM+/Dz+EHyKFDUoCIaiju79QE
u7W2CJJeNjqNXG3095pn1h5oadgphf1QDeEbQam4g+yW+UAAygnFR0j9iwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFAPYphNcABUkancQfOR2LDeUYMfxMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQTlpbUUxd0FGU1JxZHhCODVIWXNONVJneF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MBsEAgACMBUDBQAqD+hAAwUDKhLWwAMFACoTGMQwDQYJKoZIhvcN
AQELBQADggEBALWshet3/YJt2CNn2icNB841qhSgDw2FUWilHcqb+tTdNfp3J27x
U2djCQa8GM5/qEgA12Z7JONUQhGqaNv5aeIawZG+6Y/XSjZFznsLrNTn6o50XTtK
MKaVxm+gW1/Q6mqFZU0hWgH8wm28ETlKmOpcKpPr5FnQQEMuWi5L5fCuVO62vVRB
t0WueJuEu2zHZ+TKMiAb2J577mh6+DYpcv8KyDByqQboP1YcCLEMm4gHiwWLscia
EQ+KNHdW45egxz6DkSuR18LgUjSdFXCfGSmXlX2f0SJZpXlfbtdEfTIoGs2+eFxm
yZDAnXl7ocx4WfNzoQxYC6DmwQ9MKrpKqio=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:17 2025 by rpki-client