Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/F3rN4qvLJUEWNPxH3oWMJYhmd38.roa
File: F3rN4qvLJUEWNPxH3oWMJYhmd38.roa (raw, json)
Hash identifier: hLMLNjnCjtc2WfH/Z3SAlx9jTR3aD2VxlKh3a/vscYQ=
Subject key identifier: 17:7A:CD:E2:AB:CB:25:41:16:34:FC:47:DE:85:8C:25:88:66:77:7F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0185956E74D910D6FDE506760F15657FE92C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/F3rN4qvLJUEWNPxH3oWMJYhmd38.roa
Signing time: Mon 09 Jan 2023 07:28:42 +0000
ROA not before: Mon 09 Jan 2023 07:28:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.146.88.0/24 maxlen: 24
45.128.79.0/24 maxlen: 24
45.154.229.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
45.135.38.0/24 maxlen: 24
45.154.247.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
45.128.25.0/24 maxlen: 24
2a0f:e840::/32 maxlen: 32
2a0f:dec0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:6e:74:d9:10:d6:fd:e5:06:76:0f:15:65:7f:e9:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 9 07:28:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=177acde2abcb25411634fc47de858c258866777f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e6:f6:8a:00:37:2f:19:48:53:49:4c:72:77:
18:72:b6:0a:f6:e3:29:86:d4:0f:ff:fa:36:ac:9c:
70:0b:b8:06:7f:3e:c5:2d:92:be:fa:87:b1:df:02:
54:76:0b:58:4b:f2:dc:15:db:c7:c0:38:be:7c:cd:
2a:49:43:76:09:af:ae:58:6d:53:f6:b4:5b:e7:47:
bb:94:2a:2e:a2:eb:5e:cc:5c:6f:06:31:83:f8:62:
45:d0:2b:aa:06:ad:b6:df:ef:01:d8:83:07:d9:ff:
ed:34:8f:6f:0a:fd:ff:80:f9:07:35:49:57:d4:b9:
1d:f9:77:0f:07:d8:aa:97:3a:b9:9a:5d:00:09:51:
24:9a:f9:3e:35:0b:b4:e4:2a:a2:7f:36:62:72:1c:
d0:21:f7:bc:4a:e8:54:91:40:33:19:24:83:b0:30:
40:5b:a0:35:25:fb:d4:15:16:26:04:66:10:a6:58:
1b:d8:52:8d:f3:8f:6e:38:9a:6d:22:a3:bb:8d:14:
3c:1c:4f:a3:81:77:15:b8:96:3a:a1:2e:bd:da:be:
1a:b6:42:f4:32:87:04:0e:73:2f:6f:7c:85:e2:16:
5f:1f:41:cf:db:41:12:a0:8e:ea:4d:8f:ab:fa:79:
c0:56:c3:30:2e:fa:b0:c9:ba:ea:5f:e1:12:0d:1d:
b3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:7A:CD:E2:AB:CB:25:41:16:34:FC:47:DE:85:8C:25:88:66:77:7F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/F3rN4qvLJUEWNPxH3oWMJYhmd38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.25.0-45.128.26.255
45.128.79.0/24
45.129.127.0/24
45.135.37.0-45.135.38.255
45.146.88.0/24
45.154.229.0/24
45.154.247.0/24
93.190.246.0/23
IPv6:
2a0f:dec0::/32
2a0f:e840::/32
Signature Algorithm: sha256WithRSAEncryption
0d:1b:90:d6:2c:02:43:f0:b0:aa:38:94:82:b1:8c:a8:b6:7e:
a9:2e:5b:5b:1e:e7:ef:bf:ba:c1:b2:22:9a:29:fd:e0:18:5b:
a0:f4:2c:59:9a:4d:9a:51:67:93:83:04:46:00:d2:dd:d3:ab:
74:2d:6a:af:ff:e4:4a:01:f6:a1:ca:e2:17:3a:68:86:86:c4:
c9:cd:26:67:a8:88:59:03:0b:3c:47:37:54:5f:ea:78:62:5e:
8c:a0:b3:d6:05:eb:38:3c:15:72:77:f6:62:d0:56:12:54:54:
fd:a9:fb:14:3f:8f:26:f7:7b:43:1f:43:1c:e5:8f:90:15:07:
a5:5d:b3:23:30:35:54:90:e9:a3:c2:6a:b5:6e:51:9a:d3:a1:
b1:06:b6:0a:7b:bd:9f:19:c2:06:f5:e2:c8:c4:2b:71:ab:d7:
ff:92:fe:15:65:ee:fb:5b:66:3d:ac:e2:74:79:16:2c:be:0f:
31:0a:60:dd:93:ad:c0:67:dd:b7:9a:6a:15:c6:77:42:fd:2f:
93:72:31:72:4a:c5:0a:ba:ce:80:9c:8e:46:8b:de:90:d5:66:
ad:7f:0f:e7:b3:ee:b9:08:59:7f:d8:c0:64:36:02:8e:73:dc:
b7:ce:70:18:75:0d:03:83:e2:fc:e0:52:38:17:ee:27:e3:44:
11:7a:09:22
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYWVbnTZENb95QZ2DxVlf+ksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTA5MDcyODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzdhY2RlMmFiY2IyNTQxMTYzNGZjNDdkZTg1OGMyNTg4NjY3NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOb2igA3LxlIU0lMcncYcrYK9uMp
htQP//o2rJxwC7gGfz7FLZK++oex3wJUdgtYS/LcFdvHwDi+fM0qSUN2Ca+uWG1T
9rRb50e7lCououtezFxvBjGD+GJF0CuqBq223+8B2IMH2f/tNI9vCv3/gPkHNUlX
1Lkd+XcPB9iqlzq5ml0ACVEkmvk+NQu05CqifzZichzQIfe8SuhUkUAzGSSDsDBA
W6A1JfvUFRYmBGYQplgb2FKN849uOJptIqO7jRQ8HE+jgXcVuJY6oS692r4atkL0
MocEDnMvb3yF4hZfH0HP20ESoI7qTY+r+nnAVsMwLvqwybrqX+ESDR2zaQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFBd6zeKryyVBFjT8R96FjCWIZnd/MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRjNyTjRxdkxKVUVXTlB4SDNvV01KWWhtZDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBGBAIAATBAMAwDBAAtgBkD
BAAtgBoDBAAtgE8DBAAtgX8wDAMEAC2HJQMEAC2HJgMEAC2SWAMEAC2a5QMEAC2a
9wMEAV2+9jAUBAIAAjAOAwUAKg/ewAMFACoP6EAwDQYJKoZIhvcNAQELBQADggEB
AA0bkNYsAkPwsKo4lIKxjKi2fqkuW1se5++/usGyIpop/eAYW6D0LFmaTZpRZ5OD
BEYA0t3Tq3Qtaq//5EoB9qHK4hc6aIaGxMnNJmeoiFkDCzxHN1Rf6nhiXoygs9YF
6zg8FXJ39mLQVhJUVP2p+xQ/jyb3e0MfQxzlj5AVB6VdsyMwNVSQ6aPCarVuUZrT
obEGtgp7vZ8Zwgb14sjEK3Gr1/+S/hVl7vtbZj2s4nR5Fiy+DzEKYN2TrcBn3bea
ahXGd0L9L5NyMXJKxQq6zoCcjkaL3pDVZq1/D+ez7rkIWX/YwGQ2Ao5z3LfOcBh1
DQOD4vzgUjgX7ifjRBF6CSI=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:23:30 2025 by rpki-client