Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dZDgwXH0ZrRDU-I1Je2Rvlxs7O8.roa
File: dZDgwXH0ZrRDU-I1Je2Rvlxs7O8.roa (raw, json)
Hash identifier: ybQGyMlAn4xzdqiNi6Zr77BDDjEHlQ9t8xQPj2exbVE=
Subject key identifier: 75:90:E0:C1:71:F4:66:B4:43:53:E2:35:25:ED:91:BE:5C:6C:EC:EF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0188F76F73EF64B455BA04B84F176B872BFF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dZDgwXH0ZrRDU-I1Je2Rvlxs7O8.roa
Signing time: Mon 26 Jun 2023 11:20:56 +0000
ROA not before: Mon 26 Jun 2023 11:20:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.141.179.0/24 maxlen: 24
193.41.69.0/24 maxlen: 24
45.153.217.0/24 maxlen: 24
194.41.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f7:6f:73:ef:64:b4:55:ba:04:b8:4f:17:6b:87:2b:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 26 11:20:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7590e0c171f466b44353e23525ed91be5c6cecef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:27:cb:3a:2e:a3:a0:b2:fc:93:f1:de:47:15:
b2:96:bf:fc:20:a0:2f:02:1c:04:13:cb:4d:c9:c6:
65:0d:15:dd:77:f2:51:51:c8:55:ff:c6:ba:24:8f:
c7:fd:51:70:77:4b:d2:a5:b8:92:2b:ef:d0:12:50:
e8:12:a6:6f:45:52:d4:ca:7b:8c:1a:87:b3:8c:9b:
ae:45:8b:0e:dc:b5:3c:d3:f0:1c:ab:5c:f7:d8:70:
5a:27:09:44:16:93:f5:1b:f4:7b:c5:57:14:ba:81:
66:97:25:f8:dc:49:67:bc:27:ce:24:3c:91:f3:cd:
b5:28:ff:37:f8:ad:07:67:7d:58:db:fc:44:e8:12:
49:72:3a:26:09:b8:94:96:16:63:4a:f3:09:86:33:
93:0f:48:ad:6c:77:5c:de:61:33:79:f4:8a:05:31:
c3:a4:f3:54:e7:f6:7a:e0:97:df:c6:3e:db:9b:02:
17:e8:92:0b:9c:c4:c6:c7:10:b2:57:c1:46:73:d0:
f3:9a:cf:e2:74:c0:7e:b9:8e:2d:bf:e6:9e:b2:8f:
d5:bc:b1:fe:10:ac:cb:8e:7f:7d:bd:b3:5b:21:f5:
c7:a3:57:10:ff:cf:e0:f9:c9:0a:72:6d:7e:ad:45:
98:c1:af:a0:8a:60:2b:1e:fc:0f:24:52:a8:a1:ef:
66:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:90:E0:C1:71:F4:66:B4:43:53:E2:35:25:ED:91:BE:5C:6C:EC:EF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dZDgwXH0ZrRDU-I1Je2Rvlxs7O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.179.0/24
45.153.217.0/24
193.41.69.0/24
194.41.8.0/24
Signature Algorithm: sha256WithRSAEncryption
13:9d:9a:f0:5f:a4:d3:06:7e:b8:c5:35:e9:4b:79:93:8d:ee:
f2:f2:d5:f8:f6:d8:25:07:8a:00:98:a5:c8:5f:b7:1f:5b:df:
dd:47:ee:fe:99:51:5e:99:00:b8:69:8e:2e:de:c4:09:5e:19:
b2:c1:7e:d6:61:23:ac:f6:67:db:c5:e3:41:18:92:60:b1:2d:
33:42:d1:cb:c7:61:f1:59:89:5e:4c:6e:c8:41:11:96:bf:8c:
ab:a1:af:dd:f2:2a:3c:d0:ce:d2:4f:74:f5:87:03:c5:29:9d:
8c:48:75:19:5e:15:63:85:82:9f:7e:ef:27:7b:fa:1e:14:8a:
bc:66:c2:0e:f3:59:80:c6:09:19:f4:37:a8:81:cd:1a:b3:75:
9f:67:e2:a1:1d:4d:67:5d:f1:be:ff:03:bf:50:8a:bf:a8:d4:
f9:71:96:60:ef:25:14:a4:aa:04:63:84:63:8e:55:db:fa:f8:
fa:86:80:09:b6:ec:64:54:13:de:75:75:a1:12:f4:d4:2e:a9:
c5:7d:6a:10:03:5e:78:a2:6f:62:9e:f2:8c:04:84:96:f5:e2:
f4:f2:bf:54:dd:27:93:53:4b:ed:e0:07:13:bc:c1:cd:9b:38:
f6:22:d8:3b:68:1c:6b:19:67:bc:40:c8:02:95:94:f2:e3:81:
8b:6a:5b:91
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYj3b3PvZLRVugS4Txdrhyv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNjI2MTEyMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTkwZTBjMTcxZjQ2NmI0NDM1M2UyMzUyNWVkOTFiZTVjNmNlY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyfLOi6joLL8k/HeRxWylr/8IKAv
AhwEE8tNycZlDRXdd/JRUchV/8a6JI/H/VFwd0vSpbiSK+/QElDoEqZvRVLUynuM
GoezjJuuRYsO3LU80/Acq1z32HBaJwlEFpP1G/R7xVcUuoFmlyX43ElnvCfOJDyR
8821KP83+K0HZ31Y2/xE6BJJcjomCbiUlhZjSvMJhjOTD0itbHdc3mEzefSKBTHD
pPNU5/Z64Jffxj7bmwIX6JILnMTGxxCyV8FGc9Dzms/idMB+uY4tv+aeso/VvLH+
EKzLjn99vbNbIfXHo1cQ/8/g+ckKcm1+rUWYwa+gimArHvwPJFKooe9mGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHWQ4MFx9Ga0Q1PiNSXtkb5cbOzvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZFpEZ3dYSDBaclJEVS1JMUplMlJ2bHhzN084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY2zAwQA
LZnZAwQAwSlFAwQAwikIMA0GCSqGSIb3DQEBCwUAA4IBAQATnZrwX6TTBn64xTXp
S3mTje7y8tX49tglB4oAmKXIX7cfW9/dR+7+mVFemQC4aY4u3sQJXhmywX7WYSOs
9mfbxeNBGJJgsS0zQtHLx2HxWYleTG7IQRGWv4yroa/d8io80M7ST3T1hwPFKZ2M
SHUZXhVjhYKffu8ne/oeFIq8ZsIO81mAxgkZ9Deogc0as3WfZ+KhHU1nXfG+/wO/
UIq/qNT5cZZg7yUUpKoEY4RjjlXb+vj6hoAJtuxkVBPedXWhEvTULqnFfWoQA154
om9invKMBISW9eL08r9U3SeTU0vt4AcTvMHNmzj2Itg7aBxrGWe8QMgClZTy44GL
aluR
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:19:28 2025 by rpki-client