Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GQtOL2kcj6Hpq3JgZP8c4Xnl6UE.roa
File: GQtOL2kcj6Hpq3JgZP8c4Xnl6UE.roa (raw, json)
Hash identifier: CJpJSTJ7bc8BweozwArQEWGefz5OU+GxL7MJPbRo8Ag=
Subject key identifier: 19:0B:4E:2F:69:1C:8F:A1:E9:AB:72:60:64:FF:1C:E1:79:E5:E9:41
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018799BB3E52E2B649C4E41ABDEFD9B80C74
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GQtOL2kcj6Hpq3JgZP8c4Xnl6UE.roa
Signing time: Wed 19 Apr 2023 13:36:37 +0000
ROA not before: Wed 19 Apr 2023 13:36:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.128.79.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
45.128.25.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:bb:3e:52:e2:b6:49:c4:e4:1a:bd:ef:d9:b8:0c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 19 13:36:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=190b4e2f691c8fa1e9ab726064ff1ce179e5e941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:91:0d:0f:84:06:ca:8d:a9:44:f4:d2:94:fa:
3d:51:ee:cb:94:c0:27:28:27:5e:56:72:c0:58:e2:
4b:a2:65:9f:50:a5:02:fd:8f:ca:a3:5c:fe:0e:db:
a4:e0:5a:52:9d:e4:97:20:62:1c:3c:4b:78:5a:30:
13:9b:73:7a:a4:ba:a9:f0:b9:e9:76:3a:b3:b4:fd:
98:9d:34:3e:85:a5:f8:b8:3e:9c:e8:33:d9:87:78:
e7:2a:b3:11:79:31:4f:91:fe:c1:b2:a6:1f:56:97:
9c:96:bc:f7:9e:c3:fd:18:cc:81:b5:92:68:08:96:
c3:9c:2e:dc:04:b5:7c:7c:34:b0:84:5c:d6:f1:29:
4c:33:28:3b:75:b9:96:3e:99:7b:0e:f1:05:df:36:
e5:8a:cf:63:74:d8:47:a3:ea:e1:38:ce:8f:c8:22:
1a:68:59:45:eb:f3:8d:89:79:10:0e:bc:81:bc:fd:
78:bb:3e:0d:a3:51:ec:4b:af:bb:ca:6e:a2:ed:79:
3a:7e:31:65:e4:05:11:7b:c4:11:bc:21:2d:48:2c:
17:05:c5:1a:4d:54:09:b7:c7:90:c4:47:74:96:12:
f7:18:66:4c:50:06:65:16:de:6a:79:00:cb:98:09:
7e:73:df:38:e4:b9:24:55:d4:8b:02:3a:21:00:d6:
3b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:0B:4E:2F:69:1C:8F:A1:E9:AB:72:60:64:FF:1C:E1:79:E5:E9:41
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GQtOL2kcj6Hpq3JgZP8c4Xnl6UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.25.0-45.128.26.255
45.128.79.0/24
45.129.127.0/24
45.135.37.0/24
93.190.246.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:09:89:8d:b4:3d:bb:30:1b:2c:84:2e:a7:d8:36:60:94:e5:
d6:55:9d:21:9c:fc:c7:88:35:18:f9:fc:4f:bd:bf:43:01:ca:
1a:a5:64:88:e5:b8:62:85:0c:98:ad:9a:b1:68:ec:b5:93:72:
4c:2f:28:87:52:09:94:e8:bd:85:95:42:65:0b:10:e8:15:4d:
7e:02:91:cc:c0:ea:89:cf:48:38:b7:a3:da:62:44:6d:63:46:
7b:4b:30:d5:2f:ce:e7:08:dc:29:89:67:78:70:fe:bb:ad:61:
ac:11:90:47:ec:76:9a:14:f7:33:76:c2:4c:be:ee:41:90:79:
b9:07:4f:02:30:0f:8f:75:f5:a3:a9:ef:64:64:df:fe:e3:9d:
c1:f5:91:f9:c5:ee:2f:15:97:c0:6f:83:09:54:77:3c:89:a2:
48:cd:cd:66:e4:d6:d8:b5:63:34:55:76:3d:8d:94:cd:7e:ff:
f7:f9:56:b2:cb:4d:26:f2:3d:af:3c:06:b4:f2:96:65:58:b2:
bb:fb:70:5c:6b:8d:a7:df:db:01:e9:c5:74:03:c4:53:c3:fa:
e5:f5:06:18:3e:77:1a:47:b2:ed:9d:c7:41:d6:51:9d:dd:e1:
aa:48:ed:ef:0d:55:49:e5:cf:6b:db:a3:de:60:f2:f8:cd:03:
1c:78:9e:5d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYeZuz5S4rZJxOQave/ZuAx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNDE5MTMzNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTBiNGUyZjY5MWM4ZmExZTlhYjcyNjA2NGZmMWNlMTc5ZTVlOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZEND4QGyo2pRPTSlPo9Ue7LlMAn
KCdeVnLAWOJLomWfUKUC/Y/Ko1z+Dtuk4FpSneSXIGIcPEt4WjATm3N6pLqp8Lnp
djqztP2YnTQ+haX4uD6c6DPZh3jnKrMReTFPkf7BsqYfVpeclrz3nsP9GMyBtZJo
CJbDnC7cBLV8fDSwhFzW8SlMMyg7dbmWPpl7DvEF3zblis9jdNhHo+rhOM6PyCIa
aFlF6/ONiXkQDryBvP14uz4No1HsS6+7ym6i7Xk6fjFl5AURe8QRvCEtSCwXBcUa
TVQJt8eQxEd0lhL3GGZMUAZlFt5qeQDLmAl+c9845LkkVdSLAjohANY7+wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBkLTi9pHI+h6atyYGT/HOF55elBMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvR1F0T0wya2NqNkhwcTNKZ1pQOGM0WG5sNlVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAAtgBkD
BAAtgBoDBAAtgE8DBAAtgX8DBAAthyUDBAFdvvYwDQYJKoZIhvcNAQELBQADggEB
AKsJiY20PbswGyyELqfYNmCU5dZVnSGc/MeINRj5/E+9v0MByhqlZIjluGKFDJit
mrFo7LWTckwvKIdSCZTovYWVQmULEOgVTX4CkczA6onPSDi3o9piRG1jRntLMNUv
zucI3CmJZ3hw/rutYawRkEfsdpoU9zN2wky+7kGQebkHTwIwD4919aOp72Rk3/7j
ncH1kfnF7i8Vl8BvgwlUdzyJokjNzWbk1ti1YzRVdj2NlM1+//f5VrLLTSbyPa88
BrTylmVYsrv7cFxrjaff2wHpxXQDxFPD+uX1Bhg+dxpHsu2dx0HWUZ3d4apI7e8N
VUnlz2vbo95g8vjNAxx4nl0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:21:38 2025 by rpki-client