Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/klEWcs3wX1lIoTfIduj5b6OzjFM.roa
File: klEWcs3wX1lIoTfIduj5b6OzjFM.roa (raw, json)
Hash identifier: v9fFsFCChyxdQEXxIAyvPteDWFOETIboogIHorv3xaw=
Subject key identifier: 92:51:16:72:CD:F0:5F:59:48:A1:37:C8:76:E8:F9:6F:A3:B3:8C:53
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C85C19845E12B6817A0AC3E17400FCF55
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/klEWcs3wX1lIoTfIduj5b6OzjFM.roa
Signing time: Wed 20 Dec 2023 05:45:06 +0000
ROA not before: Wed 20 Dec 2023 05:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
2a12:d6c0::/29 maxlen: 29
2a0f:e840::/32 maxlen: 32
2a13:fd00::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
2a13:18c4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:85:c1:98:45:e1:2b:68:17:a0:ac:3e:17:40:0f:cf:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 20 05:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92511672cdf05f5948a137c876e8f96fa3b38c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b1:39:f6:c6:69:4b:b9:e2:58:fc:16:fb:6a:
e0:d7:88:89:f5:60:f4:d4:5c:59:61:15:74:9c:c1:
f9:8b:38:7e:8d:30:5b:99:81:c1:ee:bb:9c:47:92:
34:36:a1:38:15:89:22:69:14:7e:75:a3:80:58:1d:
c8:18:50:54:4d:86:b3:50:08:41:ff:6c:9c:42:ff:
3b:d0:ac:b3:41:38:54:b3:d0:2d:0b:3a:a8:90:9b:
75:d9:9b:19:62:c4:2c:b8:0d:47:52:7b:87:1f:93:
cb:3f:06:9d:d3:47:44:c4:59:cf:a4:36:07:11:14:
8a:2c:2d:16:eb:f7:b6:41:12:6f:14:53:31:be:dd:
9a:cf:86:d9:26:9c:d5:a4:a6:41:ad:8f:58:64:33:
0f:2c:8b:ec:1d:53:1e:78:41:8a:5d:9f:0d:32:87:
2d:e6:d0:8a:f7:69:4d:9f:6c:1a:a1:c0:2a:89:7f:
68:2c:45:82:94:95:99:25:e6:07:a3:8a:04:a0:b1:
3b:8c:31:d0:f8:1f:d0:3a:4f:73:28:bd:15:fc:bf:
79:33:0e:74:3b:53:44:e9:76:81:63:44:f9:4a:db:
1f:9b:06:53:4a:8b:f7:0d:a3:ac:49:0a:8a:8d:b9:
cc:a2:e7:00:80:a8:86:45:80:48:6a:70:c2:15:7c:
29:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:51:16:72:CD:F0:5F:59:48:A1:37:C8:76:E8:F9:6F:A3:B3:8C:53
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/klEWcs3wX1lIoTfIduj5b6OzjFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a0f:2f80::/29
2a0f:e840::/32
2a12:d6c0::/29
2a13:18c4::/32
2a13:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
c9:f1:cc:c6:fc:f5:74:c6:2e:7f:6d:6e:a1:a1:4a:27:81:0d:
36:ce:cc:be:e4:72:5c:3b:21:e6:6e:16:c5:55:07:46:82:54:
ec:3b:77:c5:50:35:ef:49:47:44:82:91:a4:c9:68:dc:4c:3a:
f5:d8:f3:9d:32:b7:e2:7d:fe:b5:bb:b9:5d:00:d9:8e:6e:82:
fb:53:c8:1f:31:b3:7c:17:5f:ba:4e:f5:f6:b5:a0:1c:a9:1c:
74:99:84:6a:48:64:86:a4:23:31:d2:d1:e8:45:68:f6:c8:4f:
08:cc:f1:a0:d9:4a:d7:3c:cb:c7:32:b1:7e:37:e0:6c:ba:a6:
2a:4a:84:c9:e0:d0:d9:2c:70:25:d1:ab:a9:ed:6b:3a:e8:35:
a4:8d:98:c6:0f:94:41:87:f4:bc:1e:29:b1:e3:3b:d6:17:ae:
04:29:cb:03:a0:ce:b3:a0:a4:50:a5:4c:e8:80:25:9a:7a:07:
69:3a:15:e4:4e:5c:bb:0b:15:2c:ec:5d:44:e8:f3:5f:3e:f7:
06:ea:9d:88:56:e0:bf:6b:2b:77:4a:05:60:66:2a:a7:b3:5f:
28:fe:ed:7f:43:c8:06:94:1b:25:30:d9:6f:09:08:cb:d1:1c:
ab:67:b7:33:0f:6c:a9:2d:33:ad:3e:ff:38:23:60:5d:75:22:
40:bf:74:84
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYyFwZhF4StoF6CsPhdAD89VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjIwMDU0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjUxMTY3MmNkZjA1ZjU5NDhhMTM3Yzg3NmU4Zjk2ZmEzYjM4YzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLE59sZpS7niWPwW+2rg14iJ9WD0
1FxZYRV0nMH5izh+jTBbmYHB7rucR5I0NqE4FYkiaRR+daOAWB3IGFBUTYazUAhB
/2ycQv870KyzQThUs9AtCzqokJt12ZsZYsQsuA1HUnuHH5PLPwad00dExFnPpDYH
ERSKLC0W6/e2QRJvFFMxvt2az4bZJpzVpKZBrY9YZDMPLIvsHVMeeEGKXZ8NMoct
5tCK92lNn2waocAqiX9oLEWClJWZJeYHo4oEoLE7jDHQ+B/QOk9zKL0V/L95Mw50
O1NE6XaBY0T5StsfmwZTSov3DaOsSQqKjbnMoucAgKiGRYBIanDCFXwpxQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFJJRFnLN8F9ZSKE3yHbo+W+js4xTMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEva2xFV2NzM3dYMWxJb1RmSWR1ajViNk96akZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MCkEAgACMCMDBQMqDy+AAwUAKg/oQAMFAyoS1sADBQAqExjEAwUD
KhP9ADANBgkqhkiG9w0BAQsFAAOCAQEAyfHMxvz1dMYuf21uoaFKJ4ENNs7MvuRy
XDsh5m4WxVUHRoJU7Dt3xVA170lHRIKRpMlo3Ew69djznTK34n3+tbu5XQDZjm6C
+1PIHzGzfBdfuk719rWgHKkcdJmEakhkhqQjMdLR6EVo9shPCMzxoNlK1zzLxzKx
fjfgbLqmKkqEyeDQ2SxwJdGrqe1rOug1pI2Yxg+UQYf0vB4pseM71heuBCnLA6DO
s6CkUKVM6IAlmnoHaToV5E5cuwsVLOxdROjzXz73BuqdiFbgv2srd0oFYGYqp7Nf
KP7tf0PIBpQbJTDZbwkIy9Ecq2e3Mw9sqS0zrT7/OCNgXXUiQL90hA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:47 2025 by rpki-client