Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aT7_A3PsY8ny4wd82bwt3q5XWMg.roa
File: aT7_A3PsY8ny4wd82bwt3q5XWMg.roa (raw, json)
Hash identifier: D6JAYS6hgyJvMmhZh4zP9lWXPMkGXhn11VFw+x++R2Y=
Subject key identifier: 69:3E:FF:03:73:EC:63:C9:F2:E3:07:7C:D9:BC:2D:DE:AE:57:58:C8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018611060460879860C43C8D6D506E2E1C34
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aT7_A3PsY8ny4wd82bwt3q5XWMg.roa
Signing time: Thu 02 Feb 2023 07:27:32 +0000
ROA not before: Thu 02 Feb 2023 07:27:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 45.128.79.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
45.135.38.0/24 maxlen: 24
45.154.247.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
45.128.25.0/24 maxlen: 24
93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.146.88.0/24 maxlen: 24
45.154.229.0/24 maxlen: 24
2a0f:7d01::/32 maxlen: 32
2a0f:e840::/32 maxlen: 32
2a0c:4880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:11:06:04:60:87:98:60:c4:3c:8d:6d:50:6e:2e:1c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 2 07:27:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=693eff0373ec63c9f2e3077cd9bc2ddeae5758c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5e:3f:b4:59:49:b0:f4:33:27:94:d1:ad:f8:
5d:e9:41:6b:15:e9:6d:93:20:82:ae:02:b7:34:cb:
b1:95:97:9e:e6:85:04:14:f2:19:f5:0f:e3:8c:80:
f1:fd:d1:01:f1:7d:83:7f:b1:93:55:f5:84:10:47:
70:7d:e5:78:03:76:87:16:f9:45:d9:7a:0d:c1:6f:
a9:dd:eb:de:1a:6f:b6:ca:2a:95:e9:d2:cc:35:09:
20:c3:25:46:db:e8:60:e1:a6:dc:69:06:54:41:7f:
bd:c2:28:51:5d:65:8e:5f:45:33:9b:5f:b8:ac:e6:
5a:eb:6a:68:f7:11:55:b5:68:8d:36:ee:6b:b4:91:
e3:49:fd:4f:d5:a0:0a:3f:a4:17:4a:b4:58:af:ca:
d9:77:86:d2:35:6c:aa:73:a8:59:af:17:bb:5f:c4:
de:f2:03:86:c5:3a:1d:b5:bf:0e:1f:b6:fe:47:de:
5e:cf:f0:5c:29:ea:2a:6d:8c:30:42:15:e2:1b:29:
d4:16:e8:77:2f:b5:ad:af:15:55:34:43:58:2f:2e:
62:31:35:a4:d8:8d:72:5d:ea:1e:58:fd:dc:d3:4e:
ba:1a:8d:31:bd:23:c1:30:30:37:26:95:9a:f9:da:
47:32:55:d0:88:e9:4a:04:6a:cb:ba:95:ac:d4:89:
fc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3E:FF:03:73:EC:63:C9:F2:E3:07:7C:D9:BC:2D:DE:AE:57:58:C8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aT7_A3PsY8ny4wd82bwt3q5XWMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.25.0-45.128.26.255
45.128.79.0/24
45.129.127.0/24
45.135.37.0-45.135.38.255
45.146.88.0/24
45.154.229.0/24
45.154.247.0/24
93.190.246.0/23
IPv6:
2a0c:4880::/32
2a0f:7d01::/32
2a0f:e840::/32
Signature Algorithm: sha256WithRSAEncryption
5c:51:b9:32:4c:81:6d:bb:f8:01:3b:28:33:9f:d0:81:e7:f4:
96:13:64:8b:a2:44:8d:52:9a:39:38:92:ce:57:02:c9:db:28:
29:fe:f5:0f:11:3f:20:b4:ac:52:a1:3d:29:6e:93:78:c1:e7:
36:bb:39:f6:0d:98:67:3e:8b:3e:cc:27:2e:b6:aa:6b:2a:e8:
34:2b:d3:75:fb:30:61:3c:12:f6:bc:1b:40:95:02:a1:93:d3:
47:41:7b:3d:fc:d8:d6:73:7d:41:4e:de:c3:a5:fb:72:ba:60:
c0:df:f6:bf:a5:80:2d:4d:0d:a3:f2:05:03:ee:85:59:ab:c5:
65:ac:5c:e9:7b:c8:46:14:ee:02:ce:54:3a:96:86:2f:66:96:
89:06:70:26:71:6f:5d:2e:3a:b5:6e:17:c3:6e:6e:a8:a4:6a:
18:b3:58:50:92:26:8e:85:17:47:03:26:bc:df:62:3c:e9:c9:
ad:68:5e:16:0f:2f:a7:15:9d:71:8e:7a:68:45:22:ff:c1:99:
c0:07:4a:d5:d9:cc:1f:c6:ad:94:2e:76:2d:32:a7:d0:aa:9b:
90:a5:39:c6:22:31:4f:24:e9:93:ca:ac:b9:eb:b6:10:ed:40:
ed:28:b5:69:cc:5d:c9:f9:c3:19:f8:df:be:d8:cd:8e:b5:07:
1d:b3:f4:a6
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYYRBgRgh5hgxDyNbVBuLhw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjAyMDcyNzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTNlZmYwMzczZWM2M2M5ZjJlMzA3N2NkOWJjMmRkZWFlNTc1OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF4/tFlJsPQzJ5TRrfhd6UFrFelt
kyCCrgK3NMuxlZee5oUEFPIZ9Q/jjIDx/dEB8X2Df7GTVfWEEEdwfeV4A3aHFvlF
2XoNwW+p3eveGm+2yiqV6dLMNQkgwyVG2+hg4abcaQZUQX+9wihRXWWOX0Uzm1+4
rOZa62po9xFVtWiNNu5rtJHjSf1P1aAKP6QXSrRYr8rZd4bSNWyqc6hZrxe7X8Te
8gOGxTodtb8OH7b+R95ez/BcKeoqbYwwQhXiGynUFuh3L7WtrxVVNENYLy5iMTWk
2I1yXeoeWP3c0066Go0xvSPBMDA3JpWa+dpHMlXQiOlKBGrLupWs1In8xQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFGk+/wNz7GPJ8uMHfNm8Ld6uV1jIMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYVQ3X0EzUHNZOG55NHdkODJid3QzcTVYV01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBGBAIAATBAMAwDBAAtgBkD
BAAtgBoDBAAtgE8DBAAtgX8wDAMEAC2HJQMEAC2HJgMEAC2SWAMEAC2a5QMEAC2a
9wMEAV2+9jAbBAIAAjAVAwUAKgxIgAMFACoPfQEDBQAqD+hAMA0GCSqGSIb3DQEB
CwUAA4IBAQBcUbkyTIFtu/gBOygzn9CB5/SWE2SLokSNUpo5OJLOVwLJ2ygp/vUP
ET8gtKxSoT0pbpN4wec2uzn2DZhnPos+zCcutqprKug0K9N1+zBhPBL2vBtAlQKh
k9NHQXs9/NjWc31BTt7DpftyumDA3/a/pYAtTQ2j8gUD7oVZq8VlrFzpe8hGFO4C
zlQ6loYvZpaJBnAmcW9dLjq1bhfDbm6opGoYs1hQkiaOhRdHAya832I86cmtaF4W
Dy+nFZ1xjnpoRSL/wZnAB0rV2cwfxq2ULnYtMqfQqpuQpTnGIjFPJOmTyqy567YQ
7UDtKLVpzF3J+cMZ+N++2M2OtQcds/Sm
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:27 2025 by rpki-client