Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Vh4RWB1pxfvDeGb9if5IKYcmrbY.roa
File: Vh4RWB1pxfvDeGb9if5IKYcmrbY.roa (raw, json)
Hash identifier: A3iS1BMBWqEAHiSU+4U1IwHpbfHCL+VtQWZZafcTEJg=
Subject key identifier: 56:1E:11:58:1D:69:C5:FB:C3:78:66:FD:89:FE:48:29:87:26:AD:B6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018BFB5F7FC486BE4A1BE93CD7886A2D0FD8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Vh4RWB1pxfvDeGb9if5IKYcmrbY.roa
Signing time: Thu 23 Nov 2023 08:50:21 +0000
ROA not before: Thu 23 Nov 2023 08:50:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
2a0f:e840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:5f:7f:c4:86:be:4a:1b:e9:3c:d7:88:6a:2d:0f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 23 08:50:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=561e11581d69c5fbc37866fd89fe48298726adb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:af:96:93:e7:8f:72:bd:7c:d1:ad:a9:d3:67:
36:43:90:4f:04:c4:ba:84:15:e6:dd:9e:b3:6a:e7:
27:c2:91:c4:27:9d:ea:b7:c2:d3:18:bf:bc:a9:40:
da:a1:87:45:59:a2:3c:56:72:02:52:f9:6e:97:0c:
0f:9b:08:23:22:82:51:43:cb:f3:3a:87:5c:c3:4d:
f5:fc:e5:ab:b0:86:99:f0:79:1d:a3:6a:9d:e8:d6:
91:0d:33:1d:3f:e0:37:9f:b4:92:c2:7d:0f:5f:8a:
89:1a:38:7c:a7:90:4a:c4:02:84:bb:45:e4:6f:dc:
f1:6b:aa:8d:4a:a6:5a:d3:0d:fe:ef:b8:98:77:cd:
17:dd:ef:38:73:07:ff:a0:af:15:02:a5:fd:b9:c8:
ad:9e:f6:91:92:90:94:e6:2f:03:25:d0:8f:86:b7:
cc:94:fa:7f:6d:35:98:e8:56:a8:41:77:91:7b:8e:
95:d3:e4:8d:b6:d0:d6:a7:5a:ba:b1:35:d4:2b:39:
37:25:93:e2:69:cd:03:22:09:9c:6e:6c:e1:73:9c:
1f:94:e7:21:dc:e5:24:0c:45:7f:34:be:24:80:c4:
bb:db:12:99:a2:0b:56:82:c2:71:7c:24:ba:13:9d:
a0:4e:80:ac:46:c7:b5:08:1b:80:1d:ff:f1:f6:a9:
9a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1E:11:58:1D:69:C5:FB:C3:78:66:FD:89:FE:48:29:87:26:AD:B6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Vh4RWB1pxfvDeGb9if5IKYcmrbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a0f:e840::/32
Signature Algorithm: sha256WithRSAEncryption
12:01:17:5e:50:70:d2:2b:21:49:24:ec:51:35:2d:65:96:2a:
f6:50:70:13:ce:26:31:4f:9c:19:06:1d:91:db:69:8e:b5:ea:
03:d5:0e:4f:16:7b:ca:ce:79:d7:e2:6b:82:51:64:73:9e:9f:
5c:b7:22:61:af:5f:bc:01:c0:16:38:4f:a4:f8:3e:79:79:43:
ea:4a:65:53:6b:91:6e:ea:10:94:f8:fe:f0:6c:47:67:18:3f:
70:e2:33:62:fe:94:f8:1e:99:b3:c2:25:2a:19:ee:90:cd:86:
41:15:0a:60:c4:03:8c:53:37:2f:4d:45:75:70:91:f9:12:92:
8c:75:c8:79:76:cd:11:9a:ac:9e:37:a4:a5:8f:8f:40:65:79:
96:a8:33:46:8e:63:97:56:93:8f:9b:d4:3e:07:38:ff:cd:51:
01:15:52:34:75:72:fd:da:56:91:15:21:4d:71:81:a7:80:d3:
17:77:1d:20:5b:c1:4d:48:4c:f0:ed:dd:32:00:70:77:d5:d8:
83:3b:28:62:63:63:d8:f8:1a:ec:8a:32:a9:3f:bc:6c:2e:0f:
c4:c0:46:51:e4:8f:4e:c3:3d:fe:67:f5:12:60:64:ed:6a:e4:
dc:99:67:07:b5:fd:97:21:5c:41:6f:65:50:0e:85:b9:0b:86:
e6:1c:93:06
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYv7X3/Ehr5KG+k814hqLQ/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTIzMDg1MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjFlMTE1ODFkNjljNWZiYzM3ODY2ZmQ4OWZlNDgyOTg3MjZhZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla+Wk+ePcr180a2p02c2Q5BPBMS6
hBXm3Z6zaucnwpHEJ53qt8LTGL+8qUDaoYdFWaI8VnICUvlulwwPmwgjIoJRQ8vz
Oodcw031/OWrsIaZ8Hkdo2qd6NaRDTMdP+A3n7SSwn0PX4qJGjh8p5BKxAKEu0Xk
b9zxa6qNSqZa0w3+77iYd80X3e84cwf/oK8VAqX9ucitnvaRkpCU5i8DJdCPhrfM
lPp/bTWY6FaoQXeRe46V0+SNttDWp1q6sTXUKzk3JZPiac0DIgmcbmzhc5wflOch
3OUkDEV/NL4kgMS72xKZogtWgsJxfCS6E52gToCsRse1CBuAHf/x9qmaIQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFYeEVgdacX7w3hm/Yn+SCmHJq22MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVmg0UldCMXB4ZnZEZUdiOWlmNUlLWWNtcmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MA0EAgACMAcDBQAqD+hAMA0GCSqGSIb3DQEBCwUAA4IBAQASARde
UHDSKyFJJOxRNS1llir2UHATziYxT5wZBh2R22mOteoD1Q5PFnvKznnX4muCUWRz
np9ctyJhr1+8AcAWOE+k+D55eUPqSmVTa5Fu6hCU+P7wbEdnGD9w4jNi/pT4Hpmz
wiUqGe6QzYZBFQpgxAOMUzcvTUV1cJH5EpKMdch5ds0RmqyeN6Slj49AZXmWqDNG
jmOXVpOPm9Q+Bzj/zVEBFVI0dXL92laRFSFNcYGngNMXdx0gW8FNSEzw7d0yAHB3
1diDOyhiY2PY+BrsijKpP7xsLg/EwEZR5I9Owz3+Z/USYGTtauTcmWcHtf2XIVxB
b2VQDoW5C4bmHJMG
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:52:29 2025 by rpki-client