Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HfqVkUu7lKeYPTT86ZHKMyFdFxE.roa
File: HfqVkUu7lKeYPTT86ZHKMyFdFxE.roa (raw, json)
Hash identifier: daDbFGfXow7c7dUBjDf0aG4sigcOaGe0cAiHL7+WHec=
Subject key identifier: 1D:FA:95:91:4B:BB:94:A7:98:3D:34:FC:E9:91:CA:33:21:5D:17:11
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0187EAD83ADAD2C5913C6A2D393FAC429F9E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HfqVkUu7lKeYPTT86ZHKMyFdFxE.roa
Signing time: Fri 05 May 2023 07:37:32 +0000
ROA not before: Fri 05 May 2023 07:37:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:39c1::/32 maxlen: 32
2a0e:c780::/32 maxlen: 32
2a0f:7f00::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:a00::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a0e:5a80::/29 maxlen: 29
2a0f:1e01:1::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a12:d540::/29 maxlen: 29
2a0f:7d04:1::/48 maxlen: 48
2a0f:39c0::/32 maxlen: 32
2a0f:1e81:cdae::/48 maxlen: 48
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:3d87::/32 maxlen: 32
2a13:8200::/29 maxlen: 29
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac40:f::/48 maxlen: 48
2a0f:2100::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a0f:a01::/32 maxlen: 32
2a13:1940:1::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:7f01::/32 maxlen: 32
2a0f:e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ea:d8:3a:da:d2:c5:91:3c:6a:2d:39:3f:ac:42:9f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 5 07:37:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dfa95914bbb94a7983d34fce991ca33215d1711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:04:58:bb:97:27:c1:4a:c2:ff:09:3a:b1:62:
ae:95:33:69:92:d7:8b:a0:a0:ec:b1:98:39:dd:71:
8e:84:02:1d:4f:72:ff:96:31:14:31:c4:a3:9c:c6:
ee:5e:41:7e:23:ed:6c:0e:8b:13:fb:72:42:36:c4:
aa:bf:69:e7:d5:41:b1:f6:7b:67:3c:82:5e:17:49:
1e:1f:f3:9b:2d:60:cf:bc:81:4e:60:cb:94:ba:1e:
61:b6:fe:8a:51:d1:cf:61:f9:67:fa:00:3e:4e:b6:
dc:e0:4c:fe:08:ed:29:5e:7f:45:5b:8b:45:b1:1a:
eb:e2:09:27:f6:75:7f:31:72:3e:16:72:01:6c:58:
bc:dc:bd:eb:63:f9:04:6f:e7:5c:f9:06:b0:3c:7e:
68:8d:b3:93:9e:f0:1a:39:5f:cd:dd:2a:ef:28:7f:
d9:df:5a:c7:19:e5:60:1b:4f:67:7e:14:4a:03:b4:
51:8a:5d:a9:00:60:bf:ca:16:ed:f3:29:50:e9:17:
91:ff:34:0b:38:83:48:64:e6:06:ed:c6:e3:9c:a5:
16:0b:1e:70:ee:7d:a9:33:b5:5e:0a:e5:39:cd:b1:
6a:28:a6:e9:35:3f:c1:22:6b:18:5a:96:0e:81:5f:
78:d7:ec:fa:2e:8e:74:b4:16:60:b7:6e:21:a1:ed:
ae:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FA:95:91:4B:BB:94:A7:98:3D:34:FC:E9:91:CA:33:21:5D:17:11
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HfqVkUu7lKeYPTT86ZHKMyFdFxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a0c:4880::/29
2a0e:1a80::/32
2a0e:5a80::/29
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a00::/31
2a0f:e00::/29
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2100::/29
2a0f:39c0::/31
2a0f:3d80:123::/48
2a0f:3d82::/32
2a0f:3d84::/32
2a0f:3d87::/32
2a0f:7d04:1::/48
2a0f:7f00::/31
2a10:6d40::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:d540::/29
2a13:1940:1::/48
2a13:4900::/29
2a13:8200::/29
Signature Algorithm: sha256WithRSAEncryption
89:a5:77:23:7f:6e:ce:4f:7f:0d:f0:32:c1:c5:a0:d5:f3:4a:
0a:65:07:a0:48:72:3d:f9:71:60:ff:59:45:d6:30:83:9d:54:
a7:c1:81:48:08:86:f1:56:5b:7f:f5:dd:04:ee:83:4f:6b:14:
3f:95:db:7c:67:80:66:e9:87:c6:88:71:2c:b5:93:f7:d7:a9:
74:2c:cb:e2:87:b4:ce:da:99:b8:e9:01:76:fe:33:4e:69:b2:
21:05:7a:e5:76:10:70:ed:e3:67:6e:d8:d6:d8:8e:6b:23:f4:
04:53:09:97:6e:fe:79:21:7f:3b:8c:20:0a:eb:5e:8b:ef:88:
b9:09:c6:69:63:5a:92:27:a3:3d:77:17:9e:b0:fe:57:44:0c:
a8:fd:d1:0b:99:2c:56:eb:0e:1a:80:8d:fe:b1:fb:1a:56:3c:
77:80:2f:5a:af:7c:17:49:1f:63:fa:e1:09:9d:ef:00:a4:d4:
1e:78:01:fe:1f:4d:e0:b5:eb:ab:31:43:82:17:e4:9d:05:8a:
03:f0:64:80:90:67:22:d1:ba:26:b2:43:ff:b6:19:c3:24:df:
c1:2b:62:3b:4d:66:f4:65:db:e3:a1:ab:82:7a:0c:24:32:0e:
7e:de:d9:75:39:e2:0d:c9:b2:32:eb:84:c4:97:a5:e8:ab:46:
6f:db:91:22
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgISAYfq2Dra0sWRPGotOT+sQp+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNTA1MDczNzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGZhOTU5MTRiYmI5NGE3OTgzZDM0ZmNlOTkxY2EzMzIxNWQxNzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQRYu5cnwUrC/wk6sWKulTNpkteL
oKDssZg53XGOhAIdT3L/ljEUMcSjnMbuXkF+I+1sDosT+3JCNsSqv2nn1UGx9ntn
PIJeF0keH/ObLWDPvIFOYMuUuh5htv6KUdHPYfln+gA+Trbc4Ez+CO0pXn9FW4tF
sRrr4gkn9nV/MXI+FnIBbFi83L3rY/kEb+dc+QawPH5ojbOTnvAaOV/N3SrvKH/Z
31rHGeVgG09nfhRKA7RRil2pAGC/yhbt8ylQ6ReR/zQLOINIZOYG7cbjnKUWCx5w
7n2pM7VeCuU5zbFqKKbpNT/BImsYWpYOgV941+z6Lo50tBZgt24hoe2unwIDAQAB
o4IDOTCCAzUwHQYDVR0OBBYEFB36lZFLu5SnmD00/OmRyjMhXRcRMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSGZxVmtVdTdsS2VZUFRUODZaSEtNeUZkRnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTQYIKwYBBQUHAQcBAf8EggE8MIIBODAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBGgQCAAIwggESAwUDKgxIgAMFACoOGoADBQMqDlqA
AwUAKg7HgAMHACoO8gEAAQMFASoPCgADBQMqDw4AAwcAKg8eAAEjAwcAKg8eAARW
AwcAKg8eAAmHAwcAKg8eAAq8AwcAKg8eAN75AwcAKg8eAQABAwcAKg8egQACAwcA
Kg8egRKTAwcAKg8egUMZAwcAKg8egZLoAwcAKg8egaPQAwcAKg8egc2uAwUDKg8h
AAMFASoPOcADBwAqDz2AASMDBQAqDz2CAwUAKg89hAMFACoPPYcDBwAqD30EAAED
BQEqD38AAwUDKhBtQAMHACoSrEAAAAMHACoSrEAADwMFAyoS1UADBwAqExlAAAED
BQMqE0kAAwUDKhOCADANBgkqhkiG9w0BAQsFAAOCAQEAiaV3I39uzk9/DfAywcWg
1fNKCmUHoEhyPflxYP9ZRdYwg51Up8GBSAiG8VZbf/XdBO6DT2sUP5XbfGeAZumH
xohxLLWT99epdCzL4oe0ztqZuOkBdv4zTmmyIQV65XYQcO3jZ27Y1tiOayP0BFMJ
l27+eSF/O4wgCutei++IuQnGaWNakiejPXcXnrD+V0QMqP3RC5ksVusOGoCN/rH7
GlY8d4AvWq98F0kfY/rhCZ3vAKTUHngB/h9N4LXrqzFDghfknQWKA/BkgJBnItG6
JrJD/7YZwyTfwStiO01m9GXb46GrgnoMJDIOft7ZdTniDcmyMuuExJel6KtGb9uR
Ig==
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:04:28 2025 by rpki-client