Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kRQj1uApl16-DR3BmxrxKwM_Mpw.roa
File: kRQj1uApl16-DR3BmxrxKwM_Mpw.roa (raw, json)
Hash identifier: w5/JBk/Sk5lj1fGvi0lPr4L/IdQ69jXV6aulEuWks3M=
Subject key identifier: 91:14:23:D6:E0:29:97:5E:BE:0D:1D:C1:9B:1A:F1:2B:03:3F:32:9C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0187B262F1270BC342681214EDF763C6AAE6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kRQj1uApl16-DR3BmxrxKwM_Mpw.roa
Signing time: Mon 24 Apr 2023 08:30:41 +0000
ROA not before: Mon 24 Apr 2023 08:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:39c1::/32 maxlen: 32
2a0e:c780::/32 maxlen: 32
2a0f:7f00::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:a00::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a0e:5a80::/29 maxlen: 29
2a0f:1e01:1::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a12:d540::/29 maxlen: 29
2a0f:39c0::/32 maxlen: 32
2a0f:1e81:cdae::/48 maxlen: 48
2a07:f300::/29 maxlen: 29
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:3d87::/32 maxlen: 32
2a13:8200::/29 maxlen: 29
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac40:f::/48 maxlen: 48
2a0f:2100::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a0f:a01::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:7f01::/32 maxlen: 32
2a0f:e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b2:62:f1:27:0b:c3:42:68:12:14:ed:f7:63:c6:aa:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 24 08:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=911423d6e029975ebe0d1dc19b1af12b033f329c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e6:56:bd:31:d8:7d:81:20:5a:93:a5:bb:d2:
6e:bf:c2:83:e5:2a:7a:53:9b:af:57:fb:e4:79:e0:
24:66:93:cc:c9:97:aa:32:1b:d6:ba:13:34:4e:77:
ad:ea:4f:38:5a:b8:28:8e:39:f4:99:9c:1f:64:e4:
8e:aa:15:f3:63:fa:9e:85:d9:86:d3:37:db:e9:aa:
ba:c0:fe:57:2a:08:94:b0:81:82:77:79:da:e5:16:
f0:94:30:8b:a4:98:9d:22:2b:6d:87:2b:0a:fd:37:
f3:c7:a8:9e:b6:9b:a8:f6:e0:e1:69:e4:fc:a6:af:
59:d0:b1:5f:6e:b0:d3:e0:7e:c1:17:c2:08:2e:29:
a7:0b:3f:73:b7:f6:b3:d2:7a:1b:e7:69:3b:15:9d:
39:87:5f:93:f9:00:45:43:b6:89:ed:db:e9:2b:9c:
4a:58:9e:be:e6:c7:49:a3:e9:fb:57:dc:1f:f9:b3:
66:0f:ea:04:0f:16:75:ce:e6:96:99:c3:7f:09:53:
37:27:2b:ac:60:fd:7d:12:d6:d0:39:d6:a8:7f:a4:
9a:4f:a0:a2:a9:59:88:cd:47:7d:c9:74:ba:ec:5a:
cb:68:31:df:f7:1e:1d:4b:e2:d8:75:13:44:de:17:
b2:99:78:5c:de:a3:ad:65:3a:4a:d2:31:43:42:d9:
ae:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:14:23:D6:E0:29:97:5E:BE:0D:1D:C1:9B:1A:F1:2B:03:3F:32:9C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kRQj1uApl16-DR3BmxrxKwM_Mpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a07:f300::/29
2a0c:4880::/29
2a0e:1a80::/32
2a0e:5a80::/29
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a00::/31
2a0f:e00::/29
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2100::/29
2a0f:39c0::/31
2a0f:3d80:123::/48
2a0f:3d82::/32
2a0f:3d84::/32
2a0f:3d87::/32
2a0f:7f00::/31
2a10:6d40::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:d540::/29
2a13:4900::/29
2a13:8200::/29
Signature Algorithm: sha256WithRSAEncryption
7b:bf:a5:6b:3e:97:8e:7c:e5:1a:a9:ce:e5:ca:95:29:84:09:
04:95:f5:04:d2:2d:01:8f:54:18:cf:25:d7:62:e0:17:cc:01:
b1:3e:57:96:1f:ea:49:49:8f:9d:e0:90:25:ab:5c:aa:65:53:
3c:d7:47:da:37:2b:07:ad:e9:2e:b0:f4:73:60:58:f5:78:f9:
0e:0d:a4:a9:91:0b:1f:4a:67:55:65:fd:b1:38:b0:79:40:3b:
35:2c:af:a1:f9:40:ca:78:09:e7:45:ff:52:22:49:f9:9b:a5:
da:bc:74:2a:d7:ea:4b:32:24:27:63:b7:9f:fe:84:8b:ee:fd:
47:8d:03:4e:47:db:db:f7:cd:00:77:a1:d7:4e:22:1f:00:a5:
99:5d:5e:a8:69:f8:b4:cd:98:2e:71:53:79:07:d4:9d:62:9d:
80:25:00:99:79:75:6b:57:7f:14:3e:bb:eb:cb:da:ad:c9:fa:
31:14:0e:04:7e:19:32:1c:01:e6:c5:f5:ee:79:9d:4c:2a:e7:
98:2c:e1:70:63:1f:4f:f6:8d:6c:79:0f:17:87:e8:8b:02:fe:
5a:b7:c6:0b:de:6c:63:57:f3:59:13:11:73:4d:a5:7d:48:71:
25:10:45:3f:ba:ac:58:ae:93:24:f8:ab:3a:67:4d:a9:a9:a7:
ac:b0:74:63
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgISAYeyYvEnC8NCaBIU7fdjxqrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNDI0MDgzMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTE0MjNkNmUwMjk5NzVlYmUwZDFkYzE5YjFhZjEyYjAzM2YzMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+ZWvTHYfYEgWpOlu9Juv8KD5Sp6
U5uvV/vkeeAkZpPMyZeqMhvWuhM0Tnet6k84Wrgojjn0mZwfZOSOqhXzY/qehdmG
0zfb6aq6wP5XKgiUsIGCd3na5RbwlDCLpJidIitthysK/Tfzx6ietpuo9uDhaeT8
pq9Z0LFfbrDT4H7BF8IILimnCz9zt/az0nob52k7FZ05h1+T+QBFQ7aJ7dvpK5xK
WJ6+5sdJo+n7V9wf+bNmD+oEDxZ1zuaWmcN/CVM3JyusYP19EtbQOdaof6SaT6Ci
qVmIzUd9yXS67FrLaDHf9x4dS+LYdRNE3heymXhc3qOtZTpK0jFDQtmurQIDAQAB
o4IDLjCCAyowHQYDVR0OBBYEFJEUI9bgKZdevg0dwZsa8SsDPzKcMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEva1JRajF1QXBsMTYtRFIzQm14cnhLd01fTXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQgYIKwYBBQUHAQcBAf8EggExMIIBLTAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBDwQCAAIwggEHAwUDKgfzAAMFAyoMSIADBQAqDhqA
AwUDKg5agAMFACoOx4ADBwAqDvIBAAEDBQEqDwoAAwUDKg8OAAMHACoPHgABIwMH
ACoPHgAEVgMHACoPHgAJhwMHACoPHgAKvAMHACoPHgDe+QMHACoPHgEAAQMHACoP
HoEAAgMHACoPHoESkwMHACoPHoFDGQMHACoPHoGS6AMHACoPHoGj0AMHACoPHoHN
rgMFAyoPIQADBQEqDznAAwcAKg89gAEjAwUAKg89ggMFACoPPYQDBQAqDz2HAwUB
Kg9/AAMFAyoQbUADBwAqEqxAAAADBwAqEqxAAA8DBQMqEtVAAwUDKhNJAAMFAyoT
ggAwDQYJKoZIhvcNAQELBQADggEBAHu/pWs+l4585RqpzuXKlSmECQSV9QTSLQGP
VBjPJddi4BfMAbE+V5Yf6klJj53gkCWrXKplUzzXR9o3Kwet6S6w9HNgWPV4+Q4N
pKmRCx9KZ1Vl/bE4sHlAOzUsr6H5QMp4CedF/1IiSfmbpdq8dCrX6ksyJCdjt5/+
hIvu/UeNA05H29v3zQB3oddOIh8ApZldXqhp+LTNmC5xU3kH1J1inYAlAJl5dWtX
fxQ+u+vL2q3J+jEUDgR+GTIcAebF9e55nUwq55gs4XBjH0/2jWx5DxeH6IsC/lq3
xgvebGNX81kTEXNNpX1IcSUQRT+6rFiukyT4qzpnTampp6ywdGM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:16:44 2025 by rpki-client