Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HIkBufWWQqPZl4ROTkHVndINkmA.roa
File: HIkBufWWQqPZl4ROTkHVndINkmA.roa (raw, json)
Hash identifier: 0eZ8WfRVt4zIEvBSSKADNOMPm8QTNKj0KU5RHBuzQF4=
Subject key identifier: 1C:89:01:B9:F5:96:42:A3:D9:97:84:4E:4E:41:D5:9D:D2:0D:92:60
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0188D52000B175F489D947CB828E5F886A17
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HIkBufWWQqPZl4ROTkHVndINkmA.roa
Signing time: Mon 19 Jun 2023 19:27:04 +0000
ROA not before: Mon 19 Jun 2023 19:27:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:e940::/29 maxlen: 29
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0e:f201:1::/48 maxlen: 48
2a10:67c5:1::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0c:9247:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a12:d540::/29 maxlen: 29
2a0f:1e81:cdae::/48 maxlen: 48
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac40:f::/48 maxlen: 48
2a0c:4880::/29 maxlen: 29
2a0f:a01::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a13:1940::/29 maxlen: 29
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d5:20:00:b1:75:f4:89:d9:47:cb:82:8e:5f:88:6a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 19 19:27:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c8901b9f59642a3d997844e4e41d59dd20d9260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:39:cc:da:ea:2d:5e:6a:7f:09:7d:80:e5:9a:
00:c0:da:3c:73:27:be:b9:e1:a8:1e:23:3c:d5:34:
2f:de:a3:d4:2e:2c:ce:d6:e0:ae:72:f9:32:8e:fa:
db:0c:40:f1:fb:f3:9e:ff:d4:eb:5f:a2:4c:b1:77:
ef:05:b6:3a:3d:9f:fc:4e:2e:5c:49:dc:5c:9f:70:
9a:38:73:f9:30:43:59:c6:8e:23:5e:8b:f3:97:a0:
e5:19:31:2d:0e:c8:95:4a:7b:02:57:f6:8a:aa:ac:
85:54:bf:b8:db:aa:94:97:4c:b0:de:da:aa:6b:1e:
ed:4b:86:47:64:60:92:fe:e2:68:69:cb:3c:65:6f:
18:db:23:4a:14:62:49:42:1b:ca:00:f5:82:35:60:
33:ba:39:11:e5:66:f9:06:8f:bc:1c:06:cd:dd:d2:
7d:e2:36:22:8a:4c:cd:d7:13:ae:23:a3:0c:a7:05:
a7:1f:11:2e:b9:11:13:cd:c9:16:26:b6:b6:00:a5:
99:74:61:8d:33:a2:eb:ee:dc:cd:0a:85:a6:6b:5a:
86:00:9c:53:c0:70:db:73:f3:c4:0e:58:ee:2b:c1:
d9:50:0a:b5:8c:52:14:1a:2e:8f:7e:43:e6:65:fb:
4a:27:ef:83:d1:04:b2:7d:f9:ab:ee:c8:92:9b:99:
30:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:89:01:B9:F5:96:42:A3:D9:97:84:4E:4E:41:D5:9D:D2:0D:92:60
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HIkBufWWQqPZl4ROTkHVndINkmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a0c:4880::/29
2a0c:9247:1::/48
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a01::/32
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:3d80:123::/48
2a0f:3d82::/32
2a0f:e940::/29
2a10:67c5:1::/48
2a10:6d40::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:d540::/29
2a13:18c0:1::/48
2a13:1940::/29
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
70:99:46:ad:2d:d3:5c:d9:f5:70:25:6e:2d:ae:6e:f5:f4:58:
78:34:39:82:4c:20:7f:0d:bc:e4:88:8e:61:9e:ff:9b:7a:e9:
9d:06:fb:2b:ee:cd:a5:d6:4f:7b:c4:fe:3c:24:bf:a8:7d:f3:
65:70:87:d6:5b:fe:5f:89:4b:b8:8b:e2:bf:b4:25:1a:d6:e3:
b7:a4:e0:90:cc:1c:46:f5:56:a9:31:66:c4:47:2b:c3:2a:ef:
b9:aa:59:f5:f3:fe:51:14:62:f8:57:de:99:3b:5c:38:c8:3e:
b0:00:e7:a0:11:45:50:3b:43:92:4e:69:8c:a7:1d:a3:43:00:
26:47:8f:8f:26:22:f0:ff:ed:f2:50:82:da:51:04:4d:de:63:
9a:73:7a:89:7e:d9:d8:29:69:e5:8c:50:9d:a7:d3:64:f0:ca:
81:75:45:0c:3c:07:f9:b7:f2:25:6f:76:79:81:9c:45:f9:48:
cf:22:b4:25:68:97:cb:ce:6f:91:dc:d7:6e:dc:13:fa:8c:cc:
67:f5:a3:07:7e:96:cc:3c:8a:d1:df:6d:e7:72:c5:db:34:4c:
4c:6b:28:fc:78:d5:0d:2b:d6:30:ec:ee:45:a1:6d:9a:ab:e6:
5d:e6:bc:b7:cc:05:31:f9:3d:f5:41:07:4b:97:88:fe:fc:17:
5d:91:56:33
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAYjVIACxdfSJ2UfLgo5fiGoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNjE5MTkyNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg5MDFiOWY1OTY0MmEzZDk5Nzg0NGU0ZTQxZDU5ZGQyMGQ5MjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTnM2uotXmp/CX2A5ZoAwNo8cye+
ueGoHiM81TQv3qPULizO1uCucvkyjvrbDEDx+/Oe/9TrX6JMsXfvBbY6PZ/8Ti5c
Sdxcn3CaOHP5MENZxo4jXovzl6DlGTEtDsiVSnsCV/aKqqyFVL+426qUl0yw3tqq
ax7tS4ZHZGCS/uJoacs8ZW8Y2yNKFGJJQhvKAPWCNWAzujkR5Wb5Bo+8HAbN3dJ9
4jYiikzN1xOuI6MMpwWnHxEuuRETzckWJra2AKWZdGGNM6Lr7tzNCoWma1qGAJxT
wHDbc/PEDljuK8HZUAq1jFIUGi6PfkPmZftKJ++D0QSyffmr7siSm5kwVwIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFByJAbn1lkKj2ZeETk5B1Z3SDZJgMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSElrQnVmV1dRcVBabDRST1RrSFZuZElOa21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKgYIKwYBBQUHAQcBAf8EggEZMIIBFTAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIH4BAIAAjCB8QMFAyoMSIADBwAqDJJHAAEDBQAqDhqA
AwUAKg7HgAMHACoO8gEAAQMFACoPCgEDBwAqDx4AASMDBwAqDx4ABFYDBwAqDx4A
CYcDBwAqDx4ACrwDBwAqDx4A3vkDBwAqDx4BAAEDBwAqDx6BAAIDBwAqDx6BEpMD
BwAqDx6BQxkDBwAqDx6BkugDBwAqDx6Bo9ADBwAqDx6Bza4DBwAqDz2AASMDBQAq
Dz2CAwUDKg/pQAMHACoQZ8UAAQMFAyoQbUADBwAqEqxAAAADBwAqEqxAAA8DBQMq
EtVAAwcAKhMYwAABAwUDKhMZQAMFAyoTSQAwDQYJKoZIhvcNAQELBQADggEBAHCZ
Rq0t01zZ9XAlbi2ubvX0WHg0OYJMIH8NvOSIjmGe/5t66Z0G+yvuzaXWT3vE/jwk
v6h982Vwh9Zb/l+JS7iL4r+0JRrW47ek4JDMHEb1VqkxZsRHK8Mq77mqWfXz/lEU
YvhX3pk7XDjIPrAA56ARRVA7Q5JOaYynHaNDACZHj48mIvD/7fJQgtpRBE3eY5pz
eol+2dgpaeWMUJ2n02TwyoF1RQw8B/m38iVvdnmBnEX5SM8itCVol8vOb5Hc127c
E/qMzGf1owd+lsw8itHfbedyxds0TExrKPx41Q0r1jDs7kWhbZqr5l3mvLfMBTH5
PfVBB0uXiP78F12RVjM=
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:06:07 2025 by rpki-client