Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/V8ax7HSv-lUitHTQot0wrEk-cxs.roa
File: V8ax7HSv-lUitHTQot0wrEk-cxs.roa (raw, json)
Hash identifier: qR4n76KThJcQaIzxpSZMpmNrll718fyhJwxiYUxF8qs=
Subject key identifier: 57:C6:B1:EC:74:AF:FA:55:22:B4:74:D0:A2:DD:30:AC:49:3E:73:1B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0184F6D407FDB646548A3B37163534F36E77
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/V8ax7HSv-lUitHTQot0wrEk-cxs.roa
Signing time: Fri 09 Dec 2022 12:20:01 +0000
ROA not before: Fri 09 Dec 2022 12:20:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.146.88.0/24 maxlen: 24
45.128.79.0/24 maxlen: 24
45.154.229.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
45.135.38.0/24 maxlen: 24
45.154.247.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
45.128.25.0/24 maxlen: 24
2a0f:e840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:d4:07:fd:b6:46:54:8a:3b:37:16:35:34:f3:6e:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 9 12:20:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57c6b1ec74affa5522b474d0a2dd30ac493e731b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c8:59:d9:29:47:fb:d5:70:46:b3:32:74:e4:
49:8f:b8:0e:ce:8d:36:f4:70:69:a1:3a:8d:08:44:
cb:e0:7f:ba:e8:4e:aa:87:af:7d:46:92:21:28:c0:
6a:80:3d:61:f9:a7:7c:19:a6:99:df:a3:78:51:49:
06:95:84:f4:70:e4:c9:25:de:f8:89:60:aa:ff:a6:
b3:3b:9c:f8:14:8b:ed:ef:61:bc:57:71:58:f3:8e:
cb:1c:e3:fe:11:13:3b:ca:01:1c:fd:19:f5:d8:8a:
7d:ae:9b:78:ae:f4:88:07:ff:71:c5:7b:eb:cb:e6:
90:3d:1c:b9:48:da:20:e7:e8:2b:56:dd:db:9a:cf:
e6:ca:00:5b:0e:98:2e:2f:9d:c3:2e:dd:4d:25:c9:
79:b1:46:f4:82:03:73:4c:b9:27:41:1b:9e:d7:54:
ed:03:0f:25:ee:78:01:13:ba:3a:90:ef:20:8c:2d:
d8:b4:7d:6a:ef:bd:16:0f:df:0e:39:75:91:3b:9e:
5d:9f:b5:11:2a:3b:9d:1f:c7:d6:26:92:25:5e:ab:
e6:4d:e4:c7:68:84:b8:16:3c:90:e8:d3:bb:d3:d2:
43:19:fc:49:e4:d6:f2:43:ec:9e:e6:ec:b8:a8:ef:
aa:fd:40:5b:2d:01:b0:9c:c8:20:84:51:c0:b0:2e:
bf:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:C6:B1:EC:74:AF:FA:55:22:B4:74:D0:A2:DD:30:AC:49:3E:73:1B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/V8ax7HSv-lUitHTQot0wrEk-cxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.25.0-45.128.26.255
45.128.79.0/24
45.129.127.0/24
45.135.37.0-45.135.38.255
45.146.88.0/24
45.154.229.0/24
45.154.247.0/24
93.190.246.0/23
IPv6:
2a0f:e840::/32
Signature Algorithm: sha256WithRSAEncryption
25:d8:8e:46:12:4c:96:0f:83:52:3d:70:1a:d7:82:be:9d:56:
5e:40:75:60:4c:52:e3:7c:e1:ed:07:64:61:77:05:db:10:45:
12:5a:7c:13:f8:63:63:95:54:56:cf:8c:72:72:f7:a2:8e:94:
dd:d3:d1:f5:5f:31:33:ee:63:cb:f7:ac:10:7e:5a:35:e9:62:
4d:d2:15:a1:9a:28:0f:f3:55:91:1f:4f:10:03:47:30:47:38:
9c:25:55:1b:6c:9d:c9:8b:40:72:45:05:03:60:fc:00:ce:16:
eb:fe:30:92:d1:95:c3:40:03:9a:a7:e1:0e:7a:0b:cd:5d:a6:
41:b6:17:3f:bf:f1:d3:ca:6f:52:96:3a:98:2a:f2:8e:ff:5e:
0c:1e:ef:a7:db:08:a5:a8:af:47:84:17:ea:3d:e2:57:93:b2:
39:b8:ca:86:41:73:25:6e:46:77:1c:61:de:a0:db:3c:48:b8:
e0:16:2f:25:2b:8f:d7:32:a1:c3:12:d8:6f:7d:c8:15:45:12:
9e:aa:67:03:05:f8:a8:5f:f1:ae:2f:6e:bf:6b:20:38:9c:91:
34:25:20:ee:ff:de:8a:f6:04:f1:ea:23:d2:02:48:2b:7b:7e:
d8:ca:72:51:05:86:2f:99:95:fa:57:6c:9e:25:c3:ce:8d:3e:
06:a8:e6:8d
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYT21Af9tkZUijs3FjU08253MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjA5MTIyMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2M2YjFlYzc0YWZmYTU1MjJiNDc0ZDBhMmRkMzBhYzQ5M2U3MzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2shZ2SlH+9VwRrMydORJj7gOzo02
9HBpoTqNCETL4H+66E6qh699RpIhKMBqgD1h+ad8GaaZ36N4UUkGlYT0cOTJJd74
iWCq/6azO5z4FIvt72G8V3FY847LHOP+ERM7ygEc/Rn12Ip9rpt4rvSIB/9xxXvr
y+aQPRy5SNog5+grVt3bms/mygBbDpguL53DLt1NJcl5sUb0ggNzTLknQRue11Tt
Aw8l7ngBE7o6kO8gjC3YtH1q770WD98OOXWRO55dn7URKjudH8fWJpIlXqvmTeTH
aIS4FjyQ6NO709JDGfxJ5NbyQ+ye5uy4qO+q/UBbLQGwnMgghFHAsC6/xQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFFfGsex0r/pVIrR00KLdMKxJPnMbMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVjhheDdIU3YtbFVpdEhUUW90MHdyRWstY3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBAAtgBkD
BAAtgBoDBAAtgE8DBAAtgX8wDAMEAC2HJQMEAC2HJgMEAC2SWAMEAC2a5QMEAC2a
9wMEAV2+9jANBAIAAjAHAwUAKg/oQDANBgkqhkiG9w0BAQsFAAOCAQEAJdiORhJM
lg+DUj1wGteCvp1WXkB1YExS43zh7QdkYXcF2xBFElp8E/hjY5VUVs+McnL3oo6U
3dPR9V8xM+5jy/esEH5aNeliTdIVoZooD/NVkR9PEANHMEc4nCVVG2ydyYtAckUF
A2D8AM4W6/4wktGVw0ADmqfhDnoLzV2mQbYXP7/x08pvUpY6mCryjv9eDB7vp9sI
paivR4QX6j3iV5OyObjKhkFzJW5Gdxxh3qDbPEi44BYvJSuP1zKhwxLYb33IFUUS
nqpnAwX4qF/xri9uv2sgOJyRNCUg7v/eivYE8eoj0gJIK3t+2MpyUQWGL5mV+lds
niXDzo0+BqjmjQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:17 2025 by rpki-client