Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/X4H0RXqd9LYNhwn1icfCZ_c1dgs.roa
File: X4H0RXqd9LYNhwn1icfCZ_c1dgs.roa (raw, json)
Hash identifier: YPc3t3pgx1/xowvflJx1GlySA5yK0lVHFtY3sVyD0sc=
Subject key identifier: 5F:81:F4:45:7A:9D:F4:B6:0D:87:09:F5:89:C7:C2:67:F7:35:76:0B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CAA81A138B26F6031EE4A383D25AABD94
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/X4H0RXqd9LYNhwn1icfCZ_c1dgs.roa
Signing time: Wed 27 Dec 2023 09:01:11 +0000
ROA not before: Wed 27 Dec 2023 09:01:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0f:3d83::/32 maxlen: 32
2a11:fd80::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0e:f201:1::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a13:fc00::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a06:5280::/29 maxlen: 29
2a0f:3d80:123::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a07:f300::/29 maxlen: 29
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a13:2b40::/29 maxlen: 29
2a0f:3d87::/32 maxlen: 32
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:7d01::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a0f:2100::/29 maxlen: 29
2a0f:a01::/32 maxlen: 32
2a12:ac40::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a13:18c3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:aa:81:a1:38:b2:6f:60:31:ee:4a:38:3d:25:aa:bd:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 27 09:01:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f81f4457a9df4b60d8709f589c7c267f735760b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:12:7e:98:c7:29:78:12:ed:ad:16:73:6c:
88:93:3d:f6:c2:0a:d8:82:e5:33:f0:1d:b3:27:28:
fe:44:66:85:69:bb:69:34:78:b0:9c:7a:e2:b2:07:
a7:8c:06:72:da:c4:98:47:1a:d7:d6:2b:d2:d1:bf:
de:27:60:53:d8:ed:ab:5c:1d:34:7c:bc:3c:10:3b:
1b:e4:3c:89:68:d8:75:d4:ee:1a:00:8c:72:48:76:
7e:0d:fa:6b:b4:dc:85:22:a0:0b:97:35:94:9d:83:
18:1c:29:38:81:9d:b3:16:4a:ae:79:35:5a:4b:71:
0b:63:0c:5c:2f:01:4f:0a:a2:38:e9:91:77:5f:47:
da:4d:80:d0:12:aa:70:4d:7e:bd:78:52:ff:08:58:
25:2e:07:c4:58:fd:43:93:53:6a:83:68:45:39:99:
62:85:57:1e:ec:c2:6f:68:4e:a5:db:bd:f7:9e:7c:
0c:2f:0e:03:c4:41:99:9b:f3:d3:ee:10:61:09:d0:
8b:8f:97:0b:63:45:74:90:3b:00:7e:8f:ca:49:c7:
d1:f2:e2:25:65:e1:ac:bb:1a:bd:de:ba:f5:c4:5d:
e6:2f:36:63:21:ab:7c:e3:05:64:d5:a5:29:21:bd:
d1:05:b7:34:e6:42:69:53:1b:85:d5:ff:4f:ee:4f:
61:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:81:F4:45:7A:9D:F4:B6:0D:87:09:F5:89:C7:C2:67:F7:35:76:0B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/X4H0RXqd9LYNhwn1icfCZ_c1dgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a06:5280::/29
2a07:f300::/29
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a01::/32
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2100::/29
2a0f:3d80:123::/48
2a0f:3d82::-2a0f:3d84:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:3d87::/32
2a0f:7d01::/32
2a0f:e940::/29
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a13:18c0:1::/48
2a13:18c3::/32
2a13:2b40::/29
2a13:4900::/29
2a13:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
0d:24:6d:c8:32:58:ed:54:c0:05:e1:cc:82:8b:55:c7:49:7b:
82:fc:75:e7:84:56:1a:f6:9e:62:45:14:17:e7:46:a5:07:ac:
0a:9e:99:b6:22:a0:b5:e2:7c:32:94:c1:55:32:a8:e3:c9:12:
3d:5f:86:c2:77:ac:68:6c:d7:e9:ad:23:d2:c9:76:56:d3:0d:
36:3a:29:fc:95:94:07:54:7d:65:8f:05:5e:97:77:b0:64:a4:
68:9b:f6:60:4f:06:0f:d5:7c:e2:48:a5:61:ed:fb:3a:a0:87:
d3:3b:f2:57:f5:b9:cd:43:82:ca:ec:66:6e:e7:7f:81:82:5d:
71:3b:90:7c:b9:e7:1a:2d:c6:0e:7d:83:42:f7:bb:25:c1:5a:
a9:b7:e8:1f:6b:4e:f7:9b:a8:2e:52:0e:a2:13:0c:16:1e:4c:
9b:e8:f1:07:3c:76:a5:1b:92:58:79:d1:ac:fc:56:7f:c4:04:
a5:2a:76:2f:b4:61:bc:7d:f3:ae:24:f6:5c:cd:20:da:6b:18:
c7:47:45:fe:c3:b8:d5:6f:3c:af:33:c5:11:69:a2:c5:d9:9f:
9d:ea:90:56:e1:95:53:98:2b:31:b7:57:16:55:45:2f:4a:e9:
e2:45:ac:09:f8:51:26:fa:19:e1:f3:aa:0d:2a:41:65:a6:fa:
11:0b:dd:5a
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgISAYyqgaE4sm9gMe5KOD0lqr2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjI3MDkwMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjgxZjQ0NTdhOWRmNGI2MGQ4NzA5ZjU4OWM3YzI2N2Y3MzU3NjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojcSfpjHKXgS7a0Wc2yIkz32wgrY
guUz8B2zJyj+RGaFabtpNHiwnHrisgenjAZy2sSYRxrX1ivS0b/eJ2BT2O2rXB00
fLw8EDsb5DyJaNh11O4aAIxySHZ+DfprtNyFIqALlzWUnYMYHCk4gZ2zFkqueTVa
S3ELYwxcLwFPCqI46ZF3X0faTYDQEqpwTX69eFL/CFglLgfEWP1Dk1Nqg2hFOZli
hVce7MJvaE6l2733nnwMLw4DxEGZm/PT7hBhCdCLj5cLY0V0kDsAfo/KScfR8uIl
ZeGsuxq93rr1xF3mLzZjIat84wVk1aUpIb3RBbc05kJpUxuF1f9P7k9hVwIDAQAB
o4IDLjCCAyowHQYDVR0OBBYEFF+B9EV6nfS2DYcJ9YnHwmf3NXYLMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWDRIMFJYcWQ5TFlOaHduMWljZkNaX2MxZGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQgYIKwYBBQUHAQcBAf8EggExMIIBLTAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBDwQCAAIwggEHAwUDKgZSgAMFAyoH8wADBQAqDhqA
AwUAKg7HgAMHACoO8gEAAQMFACoPCgEDBwAqDx4AASMDBwAqDx4ABFYDBwAqDx4A
CYcDBwAqDx4ACrwDBwAqDx4A3vkDBwAqDx4BAAEDBwAqDx6BAAIDBwAqDx6BEpMD
BwAqDx6BQxkDBwAqDx6BkugDBwAqDx6Bo9ADBwAqDx6Bza4DBQMqDyEAAwcAKg89
gAEjMA4DBQEqDz2CAwUAKg89hAMFACoPPYcDBQAqD30BAwUDKg/pQAMFAyoQbUAD
BQMqEf2AAwUBKhKsQAMHACoTGMAAAQMFACoTGMMDBQMqEytAAwUDKhNJAAMFAyoT
/AAwDQYJKoZIhvcNAQELBQADggEBAA0kbcgyWO1UwAXhzIKLVcdJe4L8deeEVhr2
nmJFFBfnRqUHrAqembYioLXifDKUwVUyqOPJEj1fhsJ3rGhs1+mtI9LJdlbTDTY6
KfyVlAdUfWWPBV6Xd7BkpGib9mBPBg/VfOJIpWHt+zqgh9M78lf1uc1DgsrsZm7n
f4GCXXE7kHy55xotxg59g0L3uyXBWqm36B9rTvebqC5SDqITDBYeTJvo8Qc8dqUb
klh50az8Vn/EBKUqdi+0Ybx9864k9lzNINprGMdHRf7DuNVvPK8zxRFposXZn53q
kFbhlVOYKzG3VxZVRS9K6eJFrAn4USb6GeHzqg0qQWWm+hEL3Vo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:16:09 2025 by rpki-client