Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ah7zYArzuDvb60hRNLCUhNGokL8.roa
File: Ah7zYArzuDvb60hRNLCUhNGokL8.roa (raw, json)
Hash identifier: ZoKPB9ZKKNQFSWmrP95lVrp+IenbyJU4jBaFdhYn0SM=
Subject key identifier: 02:1E:F3:60:0A:F3:B8:3B:DB:EB:48:51:34:B0:94:84:D1:A8:90:BF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0186303B117E7CED8ADC34C6070FD569BDBC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ah7zYArzuDvb60hRNLCUhNGokL8.roa
Signing time: Wed 08 Feb 2023 08:53:42 +0000
ROA not before: Wed 08 Feb 2023 08:53:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399989
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.128.79.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
45.135.38.0/24 maxlen: 24
45.128.25.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:30:3b:11:7e:7c:ed:8a:dc:34:c6:07:0f:d5:69:bd:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 8 08:53:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=021ef3600af3b83bdbeb485134b09484d1a890bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ff:4e:d0:1c:4d:01:0c:15:64:a4:6b:95:6b:
ee:5a:0b:83:fa:06:00:23:62:30:2a:28:d1:dc:bf:
29:c3:80:33:0b:77:f7:ea:d0:f6:60:f2:8a:9d:1d:
1c:b2:ca:38:cc:45:7c:d0:7f:20:5f:d4:b7:38:8e:
30:c2:19:07:a5:0f:7a:1e:f6:93:84:c9:cd:b8:b8:
57:47:d1:3c:26:e8:73:df:be:44:47:eb:7c:49:de:
40:44:fb:98:97:5c:ef:b7:c8:c1:4d:18:ec:46:ae:
26:3e:19:09:82:6f:9e:c2:d2:74:31:3c:6c:2b:b9:
b6:77:26:84:90:12:62:56:dc:69:a2:20:df:f5:31:
bf:bf:b8:f0:37:2e:29:28:86:ee:2e:09:ae:61:60:
9e:4f:cd:65:be:21:72:87:2b:7f:fa:07:8f:d0:b3:
e6:85:5e:37:19:23:53:a9:60:38:50:95:05:e2:ed:
11:98:31:39:59:49:b2:7d:7f:90:15:eb:ba:0d:b9:
1d:ee:a9:1a:e0:92:49:c9:ab:52:71:1d:4c:b4:40:
3e:86:30:13:21:a9:3d:e3:17:87:44:38:3d:f1:40:
25:43:3c:82:5d:e1:52:58:83:64:d5:7f:ef:b3:a6:
55:f1:b9:a1:a3:44:65:13:ca:2f:06:8a:c8:27:c6:
3e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:1E:F3:60:0A:F3:B8:3B:DB:EB:48:51:34:B0:94:84:D1:A8:90:BF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ah7zYArzuDvb60hRNLCUhNGokL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.25.0-45.128.26.255
45.128.79.0/24
45.129.127.0/24
45.135.37.0-45.135.38.255
93.190.246.0/23
Signature Algorithm: sha256WithRSAEncryption
37:c7:1f:42:de:35:15:35:a5:40:51:17:6b:60:99:39:9d:db:
e1:e6:d7:75:2d:a7:dc:7f:00:3e:7a:c1:eb:4a:80:f5:fb:82:
8f:31:ad:e8:20:c3:42:7c:7b:e8:f4:9f:81:58:0a:14:d0:f6:
61:fa:1a:5f:e9:b6:88:b1:bb:6a:be:22:3a:01:f2:50:99:4e:
23:90:1c:13:16:fb:46:0c:55:3b:05:ed:57:85:06:0b:ba:06:
0d:fe:53:d7:7c:f6:96:de:2c:40:da:aa:96:73:72:0d:30:f3:
98:62:fc:2e:7c:64:a9:a4:a3:98:10:b2:0e:e3:66:01:40:a5:
7a:45:73:7f:95:82:85:4a:ea:3e:7c:16:d6:bb:65:82:07:3a:
fd:85:1a:34:97:72:42:92:a4:68:99:af:f5:61:ed:c6:1d:36:
e5:48:c9:c9:af:d4:b7:4c:0e:d2:04:9b:01:03:e1:e4:38:a0:
ad:72:f7:6c:87:96:cf:50:2d:1c:26:a0:4b:09:ca:f5:ff:67:
01:30:bb:5a:80:f6:ba:e9:5c:04:07:ba:3f:a5:56:d0:84:52:
63:f9:1a:b6:3a:74:e9:60:10:c2:31:e1:7a:65:29:a2:2e:95:
b7:0f:09:86:67:14:8d:b7:5c:00:6a:02:e6:f6:f3:e4:31:bd:
6d:db:6d:e1
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYYwOxF+fO2K3DTGBw/Vab28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjA4MDg1MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjFlZjM2MDBhZjNiODNiZGJlYjQ4NTEzNGIwOTQ4NGQxYTg5MGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgv9O0BxNAQwVZKRrlWvuWguD+gYA
I2IwKijR3L8pw4AzC3f36tD2YPKKnR0csso4zEV80H8gX9S3OI4wwhkHpQ96HvaT
hMnNuLhXR9E8Juhz375ER+t8Sd5ARPuYl1zvt8jBTRjsRq4mPhkJgm+ewtJ0MTxs
K7m2dyaEkBJiVtxpoiDf9TG/v7jwNy4pKIbuLgmuYWCeT81lviFyhyt/+geP0LPm
hV43GSNTqWA4UJUF4u0RmDE5WUmyfX+QFeu6Dbkd7qka4JJJyatScR1MtEA+hjAT
Iak94xeHRDg98UAlQzyCXeFSWINk1X/vs6ZV8bmho0RlE8ovBorIJ8Y+fQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAIe82AK87g72+tIUTSwlITRqJC/MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQWg3ellBcnp1RHZiNjBoUk5MQ1VoTkdva0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAAtgBkD
BAAtgBoDBAAtgE8DBAAtgX8wDAMEAC2HJQMEAC2HJgMEAV2+9jANBgkqhkiG9w0B
AQsFAAOCAQEAN8cfQt41FTWlQFEXa2CZOZ3b4ebXdS2n3H8APnrB60qA9fuCjzGt
6CDDQnx76PSfgVgKFND2YfoaX+m2iLG7ar4iOgHyUJlOI5AcExb7RgxVOwXtV4UG
C7oGDf5T13z2lt4sQNqqlnNyDTDzmGL8LnxkqaSjmBCyDuNmAUClekVzf5WChUrq
PnwW1rtlggc6/YUaNJdyQpKkaJmv9WHtxh025UjJya/Ut0wO0gSbAQPh5DigrXL3
bIeWz1AtHCagSwnK9f9nATC7WoD2uulcBAe6P6VW0IRSY/katjp06WAQwjHhemUp
oi6Vtw8JhmcUjbdcAGoC5vbz5DG9bdtt4Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:27 2025 by rpki-client