Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Y8ZxmlaHhS7ISlRj0zZJTG0t5-U.roa
File: Y8ZxmlaHhS7ISlRj0zZJTG0t5-U.roa (raw, json)
Hash identifier: yA1h47Eifj1eZf9sLEVm2l7GdtoclsJGyfQfzpxhDd8=
Subject key identifier: 63:C6:71:9A:56:87:85:2E:C8:4A:54:63:D3:36:49:4C:6D:2D:E7:E5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0260135C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Y8ZxmlaHhS7ISlRj0zZJTG0t5-U.roa
Signing time: Wed 16 Mar 2022 07:52:39 +0000
ROA not before: Wed 16 Mar 2022 07:52:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 45.95.98.0/24 maxlen: 24
193.39.209.0/24 maxlen: 24
194.33.32.0/24 maxlen: 24
45.152.197.0/24 maxlen: 24
185.164.59.0/24 maxlen: 24
45.91.211.0/24 maxlen: 24
45.91.208.0/24 maxlen: 24
45.137.86.0/24 maxlen: 24
45.153.23.0/24 maxlen: 24
45.153.21.0/24 maxlen: 24
193.111.4.0/24 maxlen: 24
193.111.5.0/24 maxlen: 24
193.111.19.0/24 maxlen: 24
193.111.18.0/24 maxlen: 24
45.154.230.0/24 maxlen: 24
45.130.253.0/24 maxlen: 24
45.13.186.0/24 maxlen: 24
113.30.152.0/24 maxlen: 24
45.128.77.0/24 maxlen: 24
113.30.155.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
113.30.153.0/24 maxlen: 24
45.137.41.0/24 maxlen: 24
193.41.39.0/24 maxlen: 24
45.158.197.0/24 maxlen: 24
45.157.38.0/24 maxlen: 24
45.153.219.0/24 maxlen: 24
45.147.31.0/24 maxlen: 24
45.147.30.0/24 maxlen: 24
45.153.218.0/24 maxlen: 24
2a0e:e980::/29 maxlen: 29
2a0f:ac00::/29 maxlen: 29
2a0f:e1c2::/32 maxlen: 32
2a0f:1f80::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0e:2240:2::/48 maxlen: 48
2a0f:a02::/32 maxlen: 32
2a0f:e1c0::/32 maxlen: 32
2a0f:e600:1::/48 maxlen: 48
2a0f:a03::/32 maxlen: 32
2a0f:da40::/29 maxlen: 29
2a0f:e1c7::/32 maxlen: 32
2a0e:f200:2::/48 maxlen: 48
2a0f:a04::/32 maxlen: 32
2a0e:2440::/29 maxlen: 29
2a0f:e143::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39850844 (0x260135c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 16 07:52:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63c6719a5687852ec84a5463d336494c6d2de7e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b3:73:60:21:9b:5b:1f:82:57:1a:bc:2e:74:
57:93:01:f7:43:08:36:aa:59:99:2d:ea:86:4e:e1:
a2:ba:fa:a0:89:b9:ed:93:20:06:a0:0d:b2:3a:12:
98:65:a5:23:f7:56:08:75:18:bc:74:ba:9c:30:ed:
11:de:4c:95:bf:cc:32:40:95:03:19:03:8f:72:44:
e4:7f:36:49:40:97:9f:30:8d:65:93:be:e1:18:1d:
9a:b1:2d:86:ab:d1:f8:06:c1:9e:c5:da:f4:a8:d5:
45:0d:bc:42:39:54:cf:17:40:2d:c9:08:d2:6b:b6:
be:de:8e:c1:5d:12:d0:94:87:4d:dc:e3:3a:3e:f0:
06:35:ff:5a:9a:94:5f:8e:09:cd:c5:c2:6f:25:2b:
4b:19:85:12:d0:0e:7e:be:1b:fa:58:df:3d:7b:56:
48:00:f6:eb:8a:ef:30:cf:11:d4:f5:9d:71:5b:40:
cf:5b:e8:f5:1d:7e:89:d1:49:0b:cb:d9:d2:d2:06:
49:14:cf:89:5b:08:81:e9:e8:94:46:84:9c:0b:62:
c0:75:27:33:dd:7d:0f:b4:da:32:af:1c:ab:90:1d:
7e:ca:6b:ba:ca:7f:5a:21:2e:76:89:88:02:bd:c9:
6b:f0:3f:72:e9:ab:33:43:f3:ba:30:2a:03:a7:71:
20:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C6:71:9A:56:87:85:2E:C8:4A:54:63:D3:36:49:4C:6D:2D:E7:E5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Y8ZxmlaHhS7ISlRj0zZJTG0t5-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.186.0/24
45.91.208.0/24
45.91.211.0/24
45.95.98.0/24
45.128.77.0/24
45.130.253.0/24
45.137.41.0/24
45.137.86.0/24
45.147.30.0/23
45.152.197.0/24
45.153.21.0/24
45.153.23.0/24
45.153.218.0/23
45.154.230.0/24
45.157.38.0/24
45.158.197.0/24
113.30.152.0/22
185.164.59.0/24
193.39.209.0/24
193.41.39.0/24
193.111.4.0/23
193.111.18.0/23
194.33.32.0/24
IPv6:
2a0e:2240:2::/48
2a0e:2440::/29
2a0e:e980::/29
2a0e:f200:2::/48
2a0f:a02::-2a0f:a04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:1f80::/29
2a0f:ac00::/29
2a0f:da40::/29
2a0f:dac0::/29
2a0f:e143::/32
2a0f:e1c0::/32
2a0f:e1c2::/32
2a0f:e1c7::/32
2a0f:e600:1::/48
2a0f:e940::/29
Signature Algorithm: sha256WithRSAEncryption
27:1e:51:74:65:38:b1:e7:c4:11:1c:15:13:f8:09:b3:2c:e4:
50:ec:c3:55:fe:8d:2e:bc:7d:4a:91:49:a7:c9:f7:dc:61:bb:
d3:4b:6d:17:59:32:52:8a:fc:bb:f4:9a:4b:02:04:d0:ec:c1:
ae:30:84:4d:4e:93:9e:a4:81:af:e9:5f:5b:2f:eb:15:88:a9:
9a:5a:ca:aa:b0:34:36:f4:d1:06:86:ce:44:ae:3c:4a:ec:43:
f1:a2:06:1d:07:b2:7f:33:c4:43:94:ec:29:bf:ac:0f:4a:d1:
24:01:ac:16:af:9a:95:f5:0a:9f:fb:6c:e1:04:ef:29:59:ec:
f7:d8:8c:88:a1:a1:eb:da:e8:63:db:fb:09:d7:c8:30:96:cf:
0f:3f:9f:ca:e7:69:4b:0d:e4:5d:c7:09:a0:08:81:dd:c1:3f:
c3:e4:4a:97:16:5d:d4:ba:e1:71:5f:33:5e:a8:74:3b:75:55:
b4:fb:ce:3c:00:ed:e0:a3:be:97:0e:b6:24:71:36:d2:9e:5e:
a4:f2:3a:23:8c:48:c0:cd:0e:dd:b5:41:c3:72:e7:10:d6:bf:
95:f9:54:35:2c:68:3a:52:f7:55:3d:5c:76:72:b9:f7:f7:ae:
b5:d1:f8:ed:0d:af:5b:ba:c7:55:e9:fd:2e:db:a9:c4:cf:69:
58:1e:03:e6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIEAmATXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDMx
NjA3NTIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjNjNjcxOWE1Njg3
ODUyZWM4NGE1NDYzZDMzNjQ5NGM2ZDJkZTdlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6zc2Ahm1sfglcavC50V5MB90MINqpZmS3qhk7horr6oIm5
7ZMgBqANsjoSmGWlI/dWCHUYvHS6nDDtEd5Mlb/MMkCVAxkDj3JE5H82SUCXnzCN
ZZO+4RgdmrEthqvR+AbBnsXa9KjVRQ28QjlUzxdALckI0mu2vt6OwV0S0JSHTdzj
Oj7wBjX/WpqUX44JzcXCbyUrSxmFEtAOfr4b+ljfPXtWSAD264rvMM8R1PWdcVtA
z1vo9R1+idFJC8vZ0tIGSRTPiVsIgenolEaEnAtiwHUnM919D7TaMq8cq5Adfspr
usp/WiEudomIAr3Ja/A/cumrM0PzujAqA6dxIEMCAwEAAaOCAxUwggMRMB0GA1Ud
DgQWBBRjxnGaVoeFLshKVGPTNklMbS3n5TAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L1k4WnhtbGFIaFM3SVNsUmowelpKVEcwdDUtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ASkGCCsGAQUFBwEHAQH/BIIBGDCCARQwgZEEAgABMIGKAwQALQ26AwQALVvQAwQA
LVvTAwQALV9iAwQALYBNAwQALYL9AwQALYkpAwQALYlWAwQBLZMeAwQALZjFAwQA
LZkVAwQALZkXAwQBLZnaAwQALZrmAwQALZ0mAwQALZ7FAwQCcR6YAwQAuaQ7AwQA
wSfRAwQAwSknAwQBwW8EAwQBwW8SAwQAwiEgMH4EAgACMHgDBwAqDiJAAAIDBQMq
DiRAAwUDKg7pgAMHACoO8gAAAjAOAwUBKg8KAgMFACoPCgQDBQMqDx+AAwUDKg+s
AAMFAyoP2kADBQMqD9rAAwUAKg/hQwMFACoP4cADBQAqD+HCAwUAKg/hxwMHACoP
5gAAAQMFAyoP6UAwDQYJKoZIhvcNAQELBQADggEBACceUXRlOLHnxBEcFRP4CbMs
5FDsw1X+jS68fUqRSafJ99xhu9NLbRdZMlKK/Lv0mksCBNDswa4whE1Ok56kga/p
X1sv6xWIqZpayqqwNDb00QaGzkSuPErsQ/GiBh0Hsn8zxEOU7Cm/rA9K0SQBrBav
mpX1Cp/7bOEE7ylZ7PfYjIihoeva6GPb+wnXyDCWzw8/n8rnaUsN5F3HCaAIgd3B
P8PkSpcWXdS64XFfM16odDt1VbT7zjwA7eCjvpcOtiRxNtKeXqTyOiOMSMDNDt21
QcNy5xDWv5X5VDUsaDpS91U9XHZyuff3rrXR+O0Nr1u6x1Xp/S7bqcTPaVgeA+Y=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:17 2025 by rpki-client