Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IETuHMMdZyAztSn1uMEXC-cMH88.roa
File: IETuHMMdZyAztSn1uMEXC-cMH88.roa (raw, json)
Hash identifier: smrxl9hCJJ8hWkWRnK21mCWrP3gGkOjmlDusx9al5E0=
Subject key identifier: 20:44:EE:1C:C3:1D:67:20:33:B5:29:F5:B8:C1:17:0B:E7:0C:1F:CF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0182368BBB4D2ADD22BF8A00989AB32185B5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IETuHMMdZyAztSn1uMEXC-cMH88.roa
Signing time: Mon 25 Jul 2022 18:08:23 +0000
ROA not before: Mon 25 Jul 2022 18:08:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30633
IP address blocks: 45.147.31.0/24 maxlen: 24
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a12:ac40::/29 maxlen: 29
2a0f:1e81:cdae::/48 maxlen: 48
2a07:f300::/29 maxlen: 29
2a0f:1e81:1293::/48 maxlen: 48
2a0c:9240::/29 maxlen: 29
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:a01::/32 maxlen: 32
2a0e:5a80::/29 maxlen: 29
2a0f:1e00:123::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a12:d540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:36:8b:bb:4d:2a:dd:22:bf:8a:00:98:9a:b3:21:85:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 25 18:08:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2044ee1cc31d672033b529f5b8c1170be70c1fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b1:bd:55:61:f9:1c:2a:4c:90:06:79:f4:f5:
1d:fc:98:20:14:a9:80:ba:61:52:02:5b:3d:cd:69:
ec:b7:56:e4:ff:19:37:1f:70:06:eb:da:cf:87:ba:
6e:1a:35:fb:ac:31:c3:7d:6f:7d:89:ef:8a:65:31:
5a:b7:3a:5c:f0:65:e2:ad:f8:10:18:b2:9b:5f:03:
f3:1d:8b:f0:0d:8b:4d:dd:09:c7:da:97:ee:7d:33:
b8:6c:e9:64:a5:74:c8:0e:13:91:51:87:15:f1:88:
bb:bf:a3:ed:8a:f4:34:63:54:d3:18:a0:62:fa:e9:
a4:6f:0b:a3:30:57:bc:07:ba:81:eb:73:70:8e:53:
cc:aa:58:d8:69:bb:b0:5d:e1:a6:dc:19:05:56:c2:
f4:d1:a2:a7:bc:50:05:09:0b:13:59:2e:4f:80:96:
59:fc:49:50:d8:51:8f:50:67:5e:e6:35:14:6c:40:
c3:7c:f7:cd:3e:27:34:6b:7a:01:3c:b3:59:1c:24:
04:85:04:f6:ed:d7:d6:18:4e:32:59:fd:0e:1d:99:
06:cf:5c:a5:df:17:71:f2:d1:c7:51:61:e1:ea:71:
0e:67:1a:6c:40:f3:c6:2f:bc:5f:57:73:53:d9:71:
76:b2:4a:ee:c8:d8:56:0b:e0:ed:61:3f:99:f8:73:
44:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:44:EE:1C:C3:1D:67:20:33:B5:29:F5:B8:C1:17:0B:E7:0C:1F:CF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IETuHMMdZyAztSn1uMEXC-cMH88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.31.0/24
IPv6:
2a07:f300::/29
2a0c:9240::/29
2a0e:5a80::/29
2a0f:a01::/32
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:3d80:123::/48
2a0f:3d82::/32
2a12:ac40::/29
2a12:d540::/29
Signature Algorithm: sha256WithRSAEncryption
b0:23:74:f4:53:8f:60:53:84:4d:17:0b:6f:9e:94:4a:2f:07:
05:c7:4a:a5:ee:e1:3d:65:ab:9c:40:0f:d2:de:aa:98:5a:99:
02:fc:23:6e:0d:bd:9b:17:45:43:32:a0:2a:2b:1c:e5:ca:7c:
92:8b:7a:e4:74:5a:99:f7:4c:4c:2f:ff:c5:e6:b5:75:f4:d2:
27:37:8b:b0:cc:9c:33:8f:62:e0:36:e5:2b:d7:0a:aa:9a:66:
ef:5c:8d:24:05:1a:80:d8:61:72:30:e3:39:6e:de:25:74:46:
c6:2c:8c:49:c2:a5:60:69:a4:f2:da:bf:b2:27:49:e6:62:7e:
df:92:ef:e9:5c:3d:d5:17:9f:d2:51:0e:57:c7:26:3f:e9:59:
57:19:ef:fb:a3:b2:eb:3f:97:1d:5c:71:1d:8a:2f:68:03:b4:
de:1a:11:aa:50:3d:65:80:32:9c:65:c7:59:c8:51:cf:27:87:
f6:bc:2e:86:19:c0:3c:a5:de:7d:53:0b:07:66:c7:20:7a:70:
7d:97:11:25:26:54:65:0d:06:b8:39:fd:bb:19:9a:8e:81:8f:
05:57:c2:c8:81:24:94:a9:81:ca:2f:f9:3a:12:f6:cd:22:5f:
81:58:9b:7e:ed:db:ad:99:88:88:5e:49:85:8c:be:72:9c:ad:
1c:44:d6:7f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYI2i7tNKt0iv4oAmJqzIYW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwNzI1MTgwODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQ0ZWUxY2MzMWQ2NzIwMzNiNTI5ZjViOGMxMTcwYmU3MGMxZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrG9VWH5HCpMkAZ59PUd/JggFKmA
umFSAls9zWnst1bk/xk3H3AG69rPh7puGjX7rDHDfW99ie+KZTFatzpc8GXirfgQ
GLKbXwPzHYvwDYtN3QnH2pfufTO4bOlkpXTIDhORUYcV8Yi7v6PtivQ0Y1TTGKBi
+umkbwujMFe8B7qB63NwjlPMqljYabuwXeGm3BkFVsL00aKnvFAFCQsTWS5PgJZZ
/ElQ2FGPUGde5jUUbEDDfPfNPic0a3oBPLNZHCQEhQT27dfWGE4yWf0OHZkGz1yl
3xdx8tHHUWHh6nEOZxpsQPPGL7xfV3NT2XF2skruyNhWC+DtYT+Z+HNEVwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFCBE7hzDHWcgM7Up9bjBFwvnDB/PMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSUVUdUhNTWRaeUF6dFNuMXVNRVhDLWNNSDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDAMBAIAATAGAwQALZMf
MIGbBAIAAjCBlAMFAyoH8wADBQMqDJJAAwUDKg5agAMFACoPCgEDBwAqDx4AASMD
BwAqDx4ABFYDBwAqDx4ACYcDBwAqDx4ACrwDBwAqDx4A3vkDBwAqDx6BEpMDBwAq
Dx6BQxkDBwAqDx6BkugDBwAqDx6Bo9ADBwAqDx6Bza4DBwAqDz2AASMDBQAqDz2C
AwUDKhKsQAMFAyoS1UAwDQYJKoZIhvcNAQELBQADggEBALAjdPRTj2BThE0XC2+e
lEovBwXHSqXu4T1lq5xAD9LeqphamQL8I24NvZsXRUMyoCorHOXKfJKLeuR0Wpn3
TEwv/8XmtXX00ic3i7DMnDOPYuA25SvXCqqaZu9cjSQFGoDYYXIw4zlu3iV0RsYs
jEnCpWBppPLav7InSeZift+S7+lcPdUXn9JRDlfHJj/pWVcZ7/ujsus/lx1ccR2K
L2gDtN4aEapQPWWAMpxlx1nIUc8nh/a8LoYZwDyl3n1TCwdmxyB6cH2XESUmVGUN
Brg5/bsZmo6BjwVXwsiBJJSpgcov+ToS9s0iX4FYm37t262ZiIheSYWMvnKcrRxE
1n8=
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:24:00 2025 by rpki-client