Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mkl7kXjOjyBkEbtaia_LX_oWjf4.roa
File: mkl7kXjOjyBkEbtaia_LX_oWjf4.roa (raw, json)
Hash identifier: wfpS7XhRkdDYmlbSlPG9pSjPvDu+9jwsv26s5rtCR1U=
Subject key identifier: 9A:49:7B:91:78:CE:8F:20:64:11:BB:5A:89:AF:CB:5F:FA:16:8D:FE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018601F7E5999F2A53BC0DEAE1F485F429A0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mkl7kXjOjyBkEbtaia_LX_oWjf4.roa
Signing time: Mon 30 Jan 2023 09:17:47 +0000
ROA not before: Mon 30 Jan 2023 09:17:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 45.128.79.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
45.135.38.0/24 maxlen: 24
45.154.247.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
45.128.25.0/24 maxlen: 24
93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.146.88.0/24 maxlen: 24
45.154.229.0/24 maxlen: 24
2a0f:dec0::/32 maxlen: 32
2a0f:7d01::/32 maxlen: 32
2a0f:e840::/32 maxlen: 32
2a0c:4880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:01:f7:e5:99:9f:2a:53:bc:0d:ea:e1:f4:85:f4:29:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 30 09:17:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a497b9178ce8f206411bb5a89afcb5ffa168dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c9:46:ae:1e:5d:f8:62:eb:52:ac:0f:3f:4b:
04:ff:03:51:40:8b:96:26:d0:94:96:b6:6b:79:07:
ff:73:0b:03:b3:fb:21:95:4f:22:ce:13:8e:c6:a9:
6c:6e:c9:de:eb:45:f2:6c:b1:78:59:5a:65:d6:d4:
eb:d3:c8:cd:2a:c1:df:45:ea:6c:4e:8f:0e:f7:0f:
4f:4a:0f:cb:b9:fc:3d:61:ad:51:9f:6c:b0:d1:44:
7f:ff:1d:18:25:92:21:d3:0c:7a:2b:27:ce:c0:e1:
25:f9:c0:0c:5b:e8:54:39:6a:57:7f:4d:35:af:80:
5c:ab:cb:3c:64:3b:81:24:2c:7f:20:e0:85:5e:e0:
c4:b0:45:01:76:5d:ed:79:b3:f4:96:77:3b:f4:72:
37:c5:a2:b2:30:65:d6:1b:00:8f:a9:39:3f:26:ab:
00:a8:7e:93:21:dc:a1:13:64:6c:51:c2:64:d9:1f:
9a:b4:ad:74:61:a2:a0:c6:87:81:12:a2:01:35:6c:
d3:53:2c:07:c8:2a:07:af:6c:4a:fb:e8:89:e4:1e:
28:6a:23:53:c2:89:00:7d:d5:4b:85:e1:a4:a8:56:
8d:35:df:5e:c2:43:8e:5e:cc:a9:6a:2c:d1:f4:8d:
cb:82:a2:ed:86:0d:c0:f6:36:12:e8:24:26:9e:3c:
b1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:49:7B:91:78:CE:8F:20:64:11:BB:5A:89:AF:CB:5F:FA:16:8D:FE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mkl7kXjOjyBkEbtaia_LX_oWjf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.25.0-45.128.26.255
45.128.79.0/24
45.129.127.0/24
45.135.37.0-45.135.38.255
45.146.88.0/24
45.154.229.0/24
45.154.247.0/24
93.190.246.0/23
IPv6:
2a0c:4880::/32
2a0f:7d01::/32
2a0f:dec0::/32
2a0f:e840::/32
Signature Algorithm: sha256WithRSAEncryption
3e:17:1c:b1:3a:2f:eb:ef:9d:55:ae:54:b7:a2:1a:a0:20:22:
8f:bc:b8:39:f5:af:c2:e8:1f:49:45:23:ad:14:ee:b6:8f:32:
65:04:26:4b:87:d8:41:54:d0:c5:a9:b0:82:95:12:ca:be:a2:
60:7f:b3:33:60:25:6a:8e:7f:d5:e0:75:c6:3e:62:55:2a:c5:
eb:51:1c:32:be:39:3f:1e:9e:77:5b:9c:e4:57:4a:24:8c:7b:
88:c6:f2:d6:4b:88:45:07:4f:ea:57:0c:f2:ed:47:27:99:bb:
2f:c3:bf:61:6c:6e:ba:a6:e1:08:06:f2:aa:d2:82:7b:17:42:
c4:eb:5d:9b:89:95:04:e3:b6:1d:0c:14:59:0e:bb:19:79:12:
41:b0:09:ba:d8:05:62:62:c8:1f:55:d7:a3:37:66:bd:1a:bd:
c2:27:03:a6:11:a9:53:ac:99:48:e5:92:b7:d3:54:e2:18:6e:
28:d5:98:a1:fd:6f:f5:cf:1d:34:be:ea:33:ef:38:66:bf:33:
56:ff:44:a8:a1:40:7a:35:40:c0:55:b8:d3:f0:b8:1e:f1:c0:
e3:8a:63:ad:4c:b9:e0:66:e2:b5:a6:99:00:40:6e:1d:67:95:
51:b0:f4:6c:98:cc:74:ac:10:82:f2:c2:f9:81:a5:29:a3:9d:
a1:9d:6e:85
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYYB9+WZnypTvA3q4fSF9CmgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTMwMDkxNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTQ5N2I5MTc4Y2U4ZjIwNjQxMWJiNWE4OWFmY2I1ZmZhMTY4ZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnclGrh5d+GLrUqwPP0sE/wNRQIuW
JtCUlrZreQf/cwsDs/shlU8izhOOxqlsbsne60XybLF4WVpl1tTr08jNKsHfReps
To8O9w9PSg/Lufw9Ya1Rn2yw0UR//x0YJZIh0wx6KyfOwOEl+cAMW+hUOWpXf001
r4Bcq8s8ZDuBJCx/IOCFXuDEsEUBdl3tebP0lnc79HI3xaKyMGXWGwCPqTk/JqsA
qH6TIdyhE2RsUcJk2R+atK10YaKgxoeBEqIBNWzTUywHyCoHr2xK++iJ5B4oaiNT
wokAfdVLheGkqFaNNd9ewkOOXsypaizR9I3LgqLthg3A9jYS6CQmnjyxhQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFJpJe5F4zo8gZBG7Womvy1/6Fo3+MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbWtsN2tYak9qeUJrRWJ0YWlhX0xYX29XamY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBGBAIAATBAMAwDBAAtgBkD
BAAtgBoDBAAtgE8DBAAtgX8wDAMEAC2HJQMEAC2HJgMEAC2SWAMEAC2a5QMEAC2a
9wMEAV2+9jAiBAIAAjAcAwUAKgxIgAMFACoPfQEDBQAqD97AAwUAKg/oQDANBgkq
hkiG9w0BAQsFAAOCAQEAPhccsTov6++dVa5Ut6IaoCAij7y4OfWvwugfSUUjrRTu
to8yZQQmS4fYQVTQxamwgpUSyr6iYH+zM2Alao5/1eB1xj5iVSrF61EcMr45Px6e
d1uc5FdKJIx7iMby1kuIRQdP6lcM8u1HJ5m7L8O/YWxuuqbhCAbyqtKCexdCxOtd
m4mVBOO2HQwUWQ67GXkSQbAJutgFYmLIH1XXozdmvRq9wicDphGpU6yZSOWSt9NU
4hhuKNWYof1v9c8dNL7qM+84Zr8zVv9EqKFAejVAwFW40/C4HvHA44pjrUy54Gbi
taaZAEBuHWeVUbD0bJjMdKwQgvLC+YGlKaOdoZ1uhQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:06:37 2025 by rpki-client