Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BqJCecRyD4yHiqFp54r-_uISxl0.roa
File: BqJCecRyD4yHiqFp54r-_uISxl0.roa (raw, json)
Hash identifier: uN5fI36qP3NGC/xxp8pzJsMeZYnz84S/NUEr3+OU4b4=
Subject key identifier: 06:A2:42:79:C4:72:0F:8C:87:8A:A1:69:E7:8A:FE:FE:E2:12:C6:5D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0188D7AF51BE2A0759EB714C843AB91C4797
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BqJCecRyD4yHiqFp54r-_uISxl0.roa
Signing time: Tue 20 Jun 2023 07:22:51 +0000
ROA not before: Tue 20 Jun 2023 07:22:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:e940::/29 maxlen: 29
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0e:f201:1::/48 maxlen: 48
2a10:67c5:1::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0c:9247:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a12:d540::/29 maxlen: 29
2a0f:1e81:cdae::/48 maxlen: 48
2a07:f300::/29 maxlen: 29
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac40:f::/48 maxlen: 48
2a0c:4880::/29 maxlen: 29
2a0f:a01::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a13:1940::/29 maxlen: 29
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d7:af:51:be:2a:07:59:eb:71:4c:84:3a:b9:1c:47:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 20 07:22:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06a24279c4720f8c878aa169e78afefee212c65d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:65:38:6b:8a:91:11:50:0a:14:9c:a2:84:29:
51:e5:b4:62:9c:ae:54:8d:96:63:8a:67:f3:46:b0:
99:2f:a8:ca:ee:9d:88:dc:04:6a:a1:ea:15:cd:4f:
9c:06:4e:2a:af:fe:4c:2e:aa:d1:c4:ac:28:27:6f:
7e:2f:40:0a:5c:50:4f:37:8d:af:3b:cd:9c:7f:47:
c2:14:14:3e:ce:6c:2f:f8:26:cf:aa:d8:18:91:49:
6c:38:65:71:e9:39:5d:26:e7:9f:f4:6e:06:18:c4:
3f:e9:fc:02:f7:dc:d5:43:87:ed:77:39:e6:3a:13:
07:2f:64:ff:9a:b5:8a:67:13:cb:4d:da:fc:7a:64:
28:bb:ad:60:84:c5:6d:1f:70:37:ff:01:3f:90:3b:
e9:2d:1a:3a:df:18:4a:c6:ab:74:80:2b:df:e2:82:
75:64:4a:46:b6:d1:3e:df:94:b3:a1:2f:87:8f:b4:
ad:7e:15:30:77:87:a4:3b:e9:82:bf:bf:26:74:23:
8a:d6:e4:28:f6:e4:5e:a8:f5:2f:36:23:73:ad:93:
01:8a:29:00:74:51:fb:2f:d6:bb:e5:a9:7f:76:69:
51:2e:71:e0:ad:65:bc:17:c2:f4:48:6d:cb:d6:fd:
61:8d:0c:84:d1:1f:74:60:74:3f:ef:84:82:de:41:
47:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A2:42:79:C4:72:0F:8C:87:8A:A1:69:E7:8A:FE:FE:E2:12:C6:5D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BqJCecRyD4yHiqFp54r-_uISxl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a07:f300::/29
2a0c:4880::/29
2a0c:9247:1::/48
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a01::/32
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:3d80:123::/48
2a0f:3d82::/32
2a0f:e940::/29
2a10:67c5:1::/48
2a10:6d40::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:d540::/29
2a13:18c0:1::/48
2a13:1940::/29
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
22:24:67:3c:87:78:ae:50:57:cb:33:5e:49:96:53:cc:b1:08:
89:e5:87:d3:d8:af:66:fe:84:7e:d4:a6:25:a0:50:46:67:e8:
fe:a3:3d:e0:1e:37:be:89:dc:78:70:87:45:34:fd:7c:b8:4b:
b1:b2:f5:51:1b:d9:06:60:72:b2:9b:3a:d4:78:cb:ba:7e:7f:
fd:4c:8f:0e:53:d4:3e:17:fa:5a:b0:69:60:7f:fa:49:95:b5:
61:40:a0:ed:cb:2f:75:f9:1f:be:9d:7e:3a:25:9e:8b:e6:70:
6c:81:ff:7e:f4:cc:bc:a5:23:a3:75:5d:41:e8:06:cd:da:20:
34:20:8d:fc:0f:78:72:1f:51:40:5f:0b:98:75:3c:44:a7:45:
83:56:65:1d:a7:cf:10:ec:78:1b:5b:c2:cb:e4:27:e3:92:04:
73:e5:36:83:c5:1c:4d:da:1b:07:75:e2:77:d8:32:80:ca:cb:
aa:a1:66:e8:db:42:73:3b:cb:b4:ba:c1:fe:d7:2b:bd:23:be:
94:fe:be:7d:dd:7e:48:e6:84:3f:e8:05:72:f0:4f:9a:4f:2c:
b9:8d:b0:56:c1:eb:16:c3:bb:4e:d9:16:ea:76:99:94:4f:5a:
e6:d4:e3:07:0b:1b:e6:ff:87:b7:39:58:82:ee:99:79:29:71:
2d:5f:0f:72
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAYjXr1G+KgdZ63FMhDq5HEeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNjIwMDcyMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmEyNDI3OWM0NzIwZjhjODc4YWExNjllNzhhZmVmZWUyMTJjNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGU4a4qREVAKFJyihClR5bRinK5U
jZZjimfzRrCZL6jK7p2I3ARqoeoVzU+cBk4qr/5MLqrRxKwoJ29+L0AKXFBPN42v
O82cf0fCFBQ+zmwv+CbPqtgYkUlsOGVx6TldJuef9G4GGMQ/6fwC99zVQ4ftdznm
OhMHL2T/mrWKZxPLTdr8emQou61ghMVtH3A3/wE/kDvpLRo63xhKxqt0gCvf4oJ1
ZEpGttE+35SzoS+Hj7StfhUwd4ekO+mCv78mdCOK1uQo9uReqPUvNiNzrZMBiikA
dFH7L9a75al/dmlRLnHgrWW8F8L0SG3L1v1hjQyE0R90YHQ/74SC3kFHlwIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFAaiQnnEcg+Mh4qhaeeK/v7iEsZdMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQnFKQ2VjUnlENHlIaXFGcDU0ci1fdUlTeGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIH/BAIAAjCB+AMFAyoH8wADBQMqDEiAAwcAKgySRwAB
AwUAKg4agAMFACoOx4ADBwAqDvIBAAEDBQAqDwoBAwcAKg8eAAEjAwcAKg8eAARW
AwcAKg8eAAmHAwcAKg8eAAq8AwcAKg8eAN75AwcAKg8eAQABAwcAKg8egQACAwcA
Kg8egRKTAwcAKg8egUMZAwcAKg8egZLoAwcAKg8egaPQAwcAKg8egc2uAwcAKg89
gAEjAwUAKg89ggMFAyoP6UADBwAqEGfFAAEDBQMqEG1AAwcAKhKsQAAAAwcAKhKs
QAAPAwUDKhLVQAMHACoTGMAAAQMFAyoTGUADBQMqE0kAMA0GCSqGSIb3DQEBCwUA
A4IBAQAiJGc8h3iuUFfLM15JllPMsQiJ5YfT2K9m/oR+1KYloFBGZ+j+oz3gHje+
idx4cIdFNP18uEuxsvVRG9kGYHKymzrUeMu6fn/9TI8OU9Q+F/pasGlgf/pJlbVh
QKDtyy91+R++nX46JZ6L5nBsgf9+9My8pSOjdV1B6AbN2iA0II38D3hyH1FAXwuY
dTxEp0WDVmUdp88Q7HgbW8LL5CfjkgRz5TaDxRxN2hsHdeJ32DKAysuqoWbo20Jz
O8u0usH+1yu9I76U/r593X5I5oQ/6AVy8E+aTyy5jbBWwesWw7tO2RbqdpmUT1rm
1OMHCxvm/4e3OViC7pl5KXEtXw9y
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:33:27 2025 by rpki-client