Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cYBeKqT2k1ZgSh93I_Rppw6Muqk.roa
File: cYBeKqT2k1ZgSh93I_Rppw6Muqk.roa (raw, json)
Hash identifier: dxNGPBPgctUfBhdHiGw52uFj+/Qw0Axr5vKIgClhAnc=
Subject key identifier: 71:80:5E:2A:A4:F6:93:56:60:4A:1F:77:23:F4:69:A7:0E:8C:BA:A9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0257A69D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cYBeKqT2k1ZgSh93I_Rppw6Muqk.roa
Signing time: Mon 14 Mar 2022 13:32:15 +0000
ROA not before: Mon 14 Mar 2022 13:32:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 45.95.98.0/24 maxlen: 24
193.39.209.0/24 maxlen: 24
194.33.32.0/24 maxlen: 24
45.152.197.0/24 maxlen: 24
45.91.211.0/24 maxlen: 24
45.91.208.0/24 maxlen: 24
45.137.86.0/24 maxlen: 24
45.153.23.0/24 maxlen: 24
45.153.21.0/24 maxlen: 24
193.111.4.0/24 maxlen: 24
193.111.5.0/24 maxlen: 24
193.111.19.0/24 maxlen: 24
193.111.18.0/24 maxlen: 24
45.154.230.0/24 maxlen: 24
45.13.186.0/24 maxlen: 24
113.30.152.0/24 maxlen: 24
45.128.77.0/24 maxlen: 24
113.30.155.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
113.30.153.0/24 maxlen: 24
45.137.41.0/24 maxlen: 24
193.41.39.0/24 maxlen: 24
45.158.197.0/24 maxlen: 24
45.157.38.0/24 maxlen: 24
45.153.219.0/24 maxlen: 24
45.147.31.0/24 maxlen: 24
45.153.218.0/24 maxlen: 24
2a0e:e980::/29 maxlen: 29
2a0f:ac00::/29 maxlen: 29
2a0f:e1c2::/32 maxlen: 32
2a0f:1f80::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0e:2240:2::/48 maxlen: 48
2a0f:a02::/32 maxlen: 32
2a0f:e1c0::/32 maxlen: 32
2a0f:e600:1::/48 maxlen: 48
2a0f:a03::/32 maxlen: 32
2a0f:da40::/29 maxlen: 29
2a0f:e1c7::/32 maxlen: 32
2a0e:f200:2::/48 maxlen: 48
2a0f:a04::/32 maxlen: 32
2a0e:2440::/29 maxlen: 29
2a0f:e143::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39298717 (0x257a69d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 14 13:32:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71805e2aa4f69356604a1f7723f469a70e8cbaa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:88:a4:66:08:d2:cf:a4:39:6c:66:52:f2:50:
3b:70:9e:45:f7:5c:e5:e6:e5:3e:22:d0:31:de:67:
f0:2f:9c:bc:d9:2a:9b:4e:d7:9d:4d:4b:66:cf:1e:
ec:85:88:17:f8:40:e4:87:fc:7c:34:67:e6:0b:a8:
07:7d:e2:fa:bd:d4:33:dd:74:17:93:3b:5d:84:68:
a9:53:48:75:55:85:0a:10:9c:68:b6:8a:2d:3e:bf:
bb:55:a1:a2:0a:a1:a7:ec:9a:10:d7:eb:08:7b:cb:
66:0e:b6:09:bd:c0:e3:1e:55:5a:29:9a:69:7a:5a:
f6:2e:44:2d:ac:66:ef:cb:68:ab:8b:a6:21:78:14:
b6:05:b4:47:72:dc:6d:8a:63:7f:cd:f1:1b:0a:81:
d7:87:3b:9c:aa:88:41:42:5f:21:3d:a6:a9:d8:aa:
d2:3a:6c:79:04:28:66:7f:3f:ce:6e:79:c4:47:5e:
58:f7:d0:99:3d:f1:12:44:54:02:00:0c:29:f5:b4:
18:e5:e4:e5:f9:db:01:53:78:c3:c3:a8:de:12:4a:
fa:71:25:5a:0f:f5:a9:53:8a:38:e5:03:00:90:cc:
16:e8:80:75:23:82:6e:82:fd:41:75:16:27:e7:10:
48:31:79:90:f3:07:ed:ca:a0:7d:c3:db:fe:5f:06:
65:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:80:5E:2A:A4:F6:93:56:60:4A:1F:77:23:F4:69:A7:0E:8C:BA:A9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cYBeKqT2k1ZgSh93I_Rppw6Muqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.186.0/24
45.91.208.0/24
45.91.211.0/24
45.95.98.0/24
45.128.77.0/24
45.137.41.0/24
45.137.86.0/24
45.147.31.0/24
45.152.197.0/24
45.153.21.0/24
45.153.23.0/24
45.153.218.0/23
45.154.230.0/24
45.157.38.0/24
45.158.197.0/24
113.30.152.0/22
193.39.209.0/24
193.41.39.0/24
193.111.4.0/23
193.111.18.0/23
194.33.32.0/24
IPv6:
2a0e:2240:2::/48
2a0e:2440::/29
2a0e:e980::/29
2a0e:f200:2::/48
2a0f:a02::-2a0f:a04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:1f80::/29
2a0f:ac00::/29
2a0f:da40::/29
2a0f:dac0::/29
2a0f:e143::/32
2a0f:e1c0::/32
2a0f:e1c2::/32
2a0f:e1c7::/32
2a0f:e600:1::/48
2a0f:e940::/29
Signature Algorithm: sha256WithRSAEncryption
49:2a:48:71:ff:ff:99:cc:ce:59:52:6f:00:88:0f:83:07:b2:
fc:91:8e:14:58:06:3c:79:fd:76:0f:4c:58:52:2f:fd:56:78:
49:f9:19:8d:83:e0:03:5f:50:f1:16:cb:5c:09:69:ed:47:d0:
b8:56:ff:7d:80:6e:31:bb:59:03:79:45:40:dd:d7:c1:99:de:
92:a2:27:81:3c:64:7a:8e:82:48:96:c1:a2:5c:e3:81:fc:18:
18:e0:6e:1a:7e:fb:da:ba:38:dd:02:6a:ac:17:18:61:f9:82:
44:9a:03:d6:45:f9:70:62:b4:8a:cd:1c:51:23:76:89:95:67:
8c:27:d2:25:81:56:95:4b:09:58:29:8c:e7:32:5e:7e:13:c7:
e2:13:86:fd:a6:cb:99:a0:1d:04:19:06:3b:c2:48:09:fa:95:
48:e6:82:e7:58:47:dd:4e:82:46:76:cf:87:3f:bc:52:c5:fc:
e4:d4:2f:92:d4:d7:0d:66:4d:5d:24:af:80:c0:2f:83:1d:64:
d7:5d:97:c2:f9:97:0f:e1:aa:fd:32:5c:49:73:76:04:f7:db:
29:27:c4:81:76:29:61:5e:6e:00:69:ee:ab:cb:a7:ed:7d:c7:
da:e5:8e:f0:c0:44:f7:bf:e7:2b:8c:f0:b4:54:74:1a:02:7c:
a4:68:7a:09
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgIEAlemnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDMx
NDEzMzIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE4MDVlMmFhNGY2
OTM1NjYwNGExZjc3MjNmNDY5YTcwZThjYmFhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGIpGYI0s+kOWxmUvJQO3CeRfdc5eblPiLQMd5n8C+cvNkq
m07XnU1LZs8e7IWIF/hA5If8fDRn5guoB33i+r3UM910F5M7XYRoqVNIdVWFChCc
aLaKLT6/u1Whogqhp+yaENfrCHvLZg62Cb3A4x5VWimaaXpa9i5ELaxm78toq4um
IXgUtgW0R3LcbYpjf83xGwqB14c7nKqIQUJfIT2mqdiq0jpseQQoZn8/zm55xEde
WPfQmT3xEkRUAgAMKfW0GOXk5fnbAVN4w8Oo3hJK+nElWg/1qVOKOOUDAJDMFuiA
dSOCboL9QXUWJ+cQSDF5kPMH7cqgfcPb/l8GZX0CAwEAAaOCAwgwggMEMB0GA1Ud
DgQWBBRxgF4qpPaTVmBKH3cj9GmnDoy6qTAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L2NZQmVLcVQyazFaZ1NoOTNJX1JwcHc2TXVxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ARwGCCsGAQUFBwEHAQH/BIIBCzCCAQcwgYQEAgABMH4DBAAtDboDBAAtW9ADBAAt
W9MDBAAtX2IDBAAtgE0DBAAtiSkDBAAtiVYDBAAtkx8DBAAtmMUDBAAtmRUDBAAt
mRcDBAEtmdoDBAAtmuYDBAAtnSYDBAAtnsUDBAJxHpgDBADBJ9EDBADBKScDBAHB
bwQDBAHBbxIDBADCISAwfgQCAAIweAMHACoOIkAAAgMFAyoOJEADBQMqDumAAwcA
Kg7yAAACMA4DBQEqDwoCAwUAKg8KBAMFAyoPH4ADBQMqD6wAAwUDKg/aQAMFAyoP
2sADBQAqD+FDAwUAKg/hwAMFACoP4cIDBQAqD+HHAwcAKg/mAAABAwUDKg/pQDAN
BgkqhkiG9w0BAQsFAAOCAQEASSpIcf//mczOWVJvAIgPgwey/JGOFFgGPHn9dg9M
WFIv/VZ4SfkZjYPgA19Q8RbLXAlp7UfQuFb/fYBuMbtZA3lFQN3XwZnekqIngTxk
eo6CSJbBolzjgfwYGOBuGn772ro43QJqrBcYYfmCRJoD1kX5cGK0is0cUSN2iZVn
jCfSJYFWlUsJWCmM5zJefhPH4hOG/abLmaAdBBkGO8JICfqVSOaC51hH3U6CRnbP
hz+8UsX85NQvktTXDWZNXSSvgMAvgx1k112XwvmXD+Gq/TJcSXN2BPfbKSfEgXYp
YV5uAGnuq8un7X3H2uWO8MBE97/nK4zwtFR0GgJ8pGh6CQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:28 2025 by rpki-client