Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/b9JZbZjPDJM288pcGmG0q5qM8SI.roa
File: b9JZbZjPDJM288pcGmG0q5qM8SI.roa (raw, json)
Hash identifier: iqJlCbM1AV/Xh84sqhSaUCyaFHqFbPsVQ/lTMzFQMaE=
Subject key identifier: 6F:D2:59:6D:98:CF:0C:93:36:F3:CA:5C:1A:61:B4:AB:9A:8C:F1:22
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018B89CDED76A7980ADED34BF9B9C349DD93
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/b9JZbZjPDJM288pcGmG0q5qM8SI.roa
Signing time: Wed 01 Nov 2023 07:34:16 +0000
ROA not before: Wed 01 Nov 2023 07:34:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0f:3d83::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:e940::/29 maxlen: 29
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:a00::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a10:67c5:1::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a13:18c0:1::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0c:9247:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:3d87::/32 maxlen: 32
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac41::/32 maxlen: 32
2a12:ac40:f::/48 maxlen: 48
2a0f:ea42::/32 maxlen: 32
2a0c:4880::/29 maxlen: 29
2a0f:a01::/32 maxlen: 32
2a12:ecc2::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a13:1940::/29 maxlen: 29
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a13:18c3::/32 maxlen: 32
2a07:f306:123::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:89:cd:ed:76:a7:98:0a:de:d3:4b:f9:b9:c3:49:dd:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 1 07:34:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fd2596d98cf0c9336f3ca5c1a61b4ab9a8cf122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:e5:4a:c6:db:f9:e4:87:b0:18:f1:c4:15:f4:
8d:2c:12:06:68:4c:d0:17:0b:32:79:1d:0f:11:90:
0b:ea:62:f3:77:03:d4:c4:2f:51:90:c8:66:32:c7:
bb:da:28:10:e0:09:7a:f5:48:79:cc:ad:4e:f0:22:
33:92:d7:66:be:cb:ca:01:aa:12:2f:31:d6:15:45:
49:30:4d:18:f9:17:fb:1d:a8:56:b7:be:8f:7d:00:
7e:07:ed:76:18:66:e6:de:62:a8:a1:b1:3f:6e:df:
e1:fb:9e:fa:cf:d9:74:a0:85:09:d3:c4:7a:80:6b:
46:fa:d7:88:ba:ae:2b:25:37:21:4d:cd:e6:2e:b5:
09:08:eb:9c:f0:a8:53:33:a2:9c:cc:d6:d7:26:4b:
e2:05:a4:f9:63:4b:44:a6:03:f0:7b:29:43:0c:0b:
79:02:73:22:da:46:6f:3a:f1:d0:72:e1:b0:32:f3:
5a:8a:67:42:33:6c:c1:31:59:6f:51:5d:5c:19:6c:
d9:6a:99:c8:4d:6f:51:a5:d3:10:d3:5f:4a:fc:fa:
65:e9:d4:d5:08:92:a1:38:c8:d3:00:f3:8d:41:0b:
6a:f2:f6:00:6b:d6:c0:9a:50:10:54:91:d7:09:02:
83:d6:27:81:23:5b:ba:dd:8f:a4:7a:ff:ba:42:38:
93:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D2:59:6D:98:CF:0C:93:36:F3:CA:5C:1A:61:B4:AB:9A:8C:F1:22
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/b9JZbZjPDJM288pcGmG0q5qM8SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a07:f306:123::/48
2a0c:4880::/29
2a0c:9247:1::/48
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a00::/31
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:3d80:123::/48
2a0f:3d82::-2a0f:3d84:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:3d87::/32
2a0f:e940::/29
2a0f:ea42::/32
2a10:67c5:1::/48
2a10:6d40::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:ac41::/32
2a12:ecc2::/32
2a13:18c0:1::/48
2a13:18c3::/32
2a13:1940::/29
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
33:b5:f9:4e:01:d5:a5:05:2c:50:05:d9:01:61:c7:17:c5:60:
18:37:a0:d8:96:60:3d:87:65:f5:5e:c0:0e:0b:cd:b5:dc:ac:
86:a2:00:2b:1e:51:17:a5:f3:09:c9:14:55:93:72:95:f5:b0:
14:2d:9b:d8:ee:c8:92:28:d6:33:7b:df:8b:5f:b0:f1:43:f0:
e6:d9:ea:57:a6:66:e8:0b:12:39:7b:3b:66:da:26:42:25:92:
92:ab:0c:ad:3f:0e:ae:22:4c:83:b4:15:b8:09:63:e6:92:38:
be:b7:d4:66:7f:17:5d:78:a2:e0:1f:f7:c8:74:97:d7:59:86:
4d:92:ca:fb:51:b2:6b:7f:8b:1c:01:2f:23:39:28:d5:bc:20:
83:21:20:12:60:1c:0d:d1:a0:59:76:f7:60:58:55:b2:95:af:
11:4f:7c:99:d7:db:52:12:68:88:4f:f1:ab:61:33:bf:d3:ae:
a4:bf:45:ac:d5:95:83:9c:7a:02:48:c5:1d:c4:af:ad:97:a2:
2c:55:cc:3e:19:ab:2d:12:ea:87:86:f1:a6:ed:70:8b:78:6d:
31:3f:12:50:37:53:35:1c:4b:f4:d5:9d:a4:5f:08:f7:7d:8f:
ce:fa:bc:a6:5d:a2:6b:06:52:e9:c8:00:c5:ae:12:f4:b5:3d:
20:2c:97:7c
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgISAYuJze12p5gK3tNL+bnDSd2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTAxMDczNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQyNTk2ZDk4Y2YwYzkzMzZmM2NhNWMxYTYxYjRhYjlhOGNmMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9uVKxtv55IewGPHEFfSNLBIGaEzQ
FwsyeR0PEZAL6mLzdwPUxC9RkMhmMse72igQ4Al69Uh5zK1O8CIzktdmvsvKAaoS
LzHWFUVJME0Y+Rf7HahWt76PfQB+B+12GGbm3mKoobE/bt/h+576z9l0oIUJ08R6
gGtG+teIuq4rJTchTc3mLrUJCOuc8KhTM6KczNbXJkviBaT5Y0tEpgPweylDDAt5
AnMi2kZvOvHQcuGwMvNaimdCM2zBMVlvUV1cGWzZapnITW9RpdMQ019K/Ppl6dTV
CJKhOMjTAPONQQtq8vYAa9bAmlAQVJHXCQKD1ieBI1u63Y+kev+6QjiTNwIDAQAB
o4IDRjCCA0IwHQYDVR0OBBYEFG/SWW2YzwyTNvPKXBphtKuajPEiMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYjlKWmJaalBESk0yODhwY0dtRzBxNXFNOFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWgYIKwYBBQUHAQcBAf8EggFJMIIBRTAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBJwQCAAIwggEfAwcAKgfzBgEjAwUDKgxIgAMHACoM
kkcAAQMFACoOGoADBQAqDseAAwcAKg7yAQABAwUBKg8KAAMHACoPHgABIwMHACoP
HgAEVgMHACoPHgAJhwMHACoPHgAKvAMHACoPHgDe+QMHACoPHgEAAQMHACoPHoEA
AgMHACoPHoESkwMHACoPHoFDGQMHACoPHoGS6AMHACoPHoGj0AMHACoPHoHNrgMH
ACoPPYABIzAOAwUBKg89ggMFACoPPYQDBQAqDz2HAwUDKg/pQAMFACoP6kIDBwAq
EGfFAAEDBQMqEG1AAwcAKhKsQAAAAwcAKhKsQAAPAwUAKhKsQQMFACoS7MIDBwAq
ExjAAAEDBQAqExjDAwUDKhMZQAMFAyoTSQAwDQYJKoZIhvcNAQELBQADggEBADO1
+U4B1aUFLFAF2QFhxxfFYBg3oNiWYD2HZfVewA4LzbXcrIaiACseURel8wnJFFWT
cpX1sBQtm9juyJIo1jN734tfsPFD8ObZ6lemZugLEjl7O2baJkIlkpKrDK0/Dq4i
TIO0FbgJY+aSOL631GZ/F114ouAf98h0l9dZhk2SyvtRsmt/ixwBLyM5KNW8IIMh
IBJgHA3RoFl292BYVbKVrxFPfJnX21ISaIhP8athM7/TrqS/RazVlYOcegJIxR3E
r62XoixVzD4Zqy0S6oeG8abtcIt4bTE/ElA3UzUcS/TVnaRfCPd9j876vKZdomsG
UunIAMWuEvS1PSAsl3w=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:01:02 2025 by rpki-client