Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qY-AwXNfgQAJaNStUP4BfUh5_fg.roa
File: qY-AwXNfgQAJaNStUP4BfUh5_fg.roa (raw, json)
Hash identifier: B3kGOQPRztJCC3HZvFYg4mpIMtiXMgLSxSgBSPnEmo4=
Subject key identifier: A9:8F:80:C1:73:5F:81:00:09:68:D4:AD:50:FE:01:7D:48:79:FD:F8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0188677FBCE51E753EA00D7EBF2395016FC3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qY-AwXNfgQAJaNStUP4BfUh5_fg.roa
Signing time: Mon 29 May 2023 12:33:24 +0000
ROA not before: Mon 29 May 2023 12:33:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:39c1::/32 maxlen: 32
2a0e:c780::/32 maxlen: 32
2a0f:7f00::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:a00::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a10:67c5:1::/48 maxlen: 48
2a0f:e847:ffff::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a13:18c0:1::/48 maxlen: 48
2a0e:5a80::/29 maxlen: 29
2a0f:1e01:1::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0c:9247:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a12:d540::/29 maxlen: 29
2a0f:39c0::/32 maxlen: 32
2a0f:1e81:cdae::/48 maxlen: 48
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:3d87::/32 maxlen: 32
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac40:f::/48 maxlen: 48
2a0f:2100::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a0f:a01::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:7f01::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:67:7f:bc:e5:1e:75:3e:a0:0d:7e:bf:23:95:01:6f:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 29 12:33:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a98f80c1735f81000968d4ad50fe017d4879fdf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:48:c6:a4:95:bf:d0:e9:d2:22:84:33:ac:ab:
89:0f:51:db:d6:43:55:48:d6:4c:91:dd:e5:85:f7:
ac:97:9e:d6:1d:95:ef:19:89:4e:95:69:f0:4b:c3:
1b:8f:e3:53:99:b4:97:a1:d8:1d:da:47:a0:7a:6c:
31:f0:ce:b2:1f:bc:a7:bb:0d:e7:13:00:4d:f9:c2:
84:da:5a:4f:90:b0:71:f9:9b:5a:3a:2e:44:92:31:
57:86:cf:34:18:f7:7e:a6:e6:a3:bc:b9:5c:61:79:
41:fb:31:1f:a3:29:9b:5d:a8:15:62:cb:c2:6c:4d:
df:40:cb:15:80:c6:5f:12:09:e9:76:60:43:4e:98:
16:3c:06:86:48:82:ce:fa:05:16:b3:04:28:19:89:
32:05:95:e5:a2:18:a8:a9:48:f9:65:88:3a:51:54:
99:e9:77:d3:92:3e:e0:26:e2:95:12:88:d0:ef:dd:
29:be:58:9f:62:92:ac:7f:af:ff:15:c1:bb:55:bb:
91:91:36:b1:9c:aa:e6:bf:74:7b:c0:95:a8:71:54:
d8:7a:26:8c:4d:89:4a:a9:77:63:01:64:15:45:c0:
88:7d:2b:37:b3:3d:d2:8a:23:3a:01:0c:0d:0d:3a:
80:aa:25:06:a7:3c:38:71:e2:19:0b:ca:3a:f7:ab:
f6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8F:80:C1:73:5F:81:00:09:68:D4:AD:50:FE:01:7D:48:79:FD:F8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qY-AwXNfgQAJaNStUP4BfUh5_fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a0c:4880::/29
2a0c:9247:1::/48
2a0e:1a80::/32
2a0e:5a80::/29
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a00::/31
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2100::/29
2a0f:39c0::/31
2a0f:3d80:123::/48
2a0f:3d82::/32
2a0f:3d84::/32
2a0f:3d87::/32
2a0f:7f00::/31
2a0f:e847:ffff::/48
2a10:67c5:1::/48
2a10:6d40::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:d540::/29
2a13:18c0:1::/48
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
32:aa:80:4a:f2:db:f7:58:dd:7f:04:99:a8:37:86:63:67:79:
cf:60:3e:66:05:2b:e7:58:a8:3a:8f:86:2b:14:6e:7f:34:5a:
87:e6:8a:ee:7f:4d:f0:6f:31:3f:45:1d:5a:be:c7:9a:48:27:
59:44:59:38:1d:b1:a5:bf:d1:4d:5a:85:8f:a4:54:8a:74:66:
f5:6f:a1:b4:62:f5:a6:d9:ee:45:1a:67:9c:27:33:73:9b:b4:
61:4f:50:46:cc:06:04:aa:14:56:43:8e:23:94:39:e5:95:49:
6a:f0:40:21:ab:82:13:08:36:bf:12:d1:97:91:62:3a:eb:d4:
a0:b6:c1:aa:43:52:94:26:0c:b2:60:97:1e:a0:8a:d3:32:f5:
02:25:75:15:7a:57:b7:d6:d3:ad:da:62:54:ca:60:a6:05:0b:
36:0d:95:03:ca:08:6a:10:3e:68:5f:bc:02:0a:ee:64:39:4b:
b7:ac:1f:64:44:0b:40:e9:00:47:82:3d:98:0a:00:13:18:4f:
f6:08:8e:bb:88:f9:85:47:46:3a:3b:3c:84:ac:9f:05:42:fa:
97:3a:fa:b9:75:21:ba:85:2d:46:29:99:b7:59:ea:27:0d:46:
18:f6:e1:de:0e:e4:fa:d9:47:45:9d:1a:6b:05:11:52:97:bc:
eb:b5:0d:ab
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgISAYhnf7zlHnU+oA1+vyOVAW/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNTI5MTIzMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThmODBjMTczNWY4MTAwMDk2OGQ0YWQ1MGZlMDE3ZDQ4NzlmZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0jGpJW/0OnSIoQzrKuJD1Hb1kNV
SNZMkd3lhfesl57WHZXvGYlOlWnwS8Mbj+NTmbSXodgd2kegemwx8M6yH7ynuw3n
EwBN+cKE2lpPkLBx+ZtaOi5EkjFXhs80GPd+puajvLlcYXlB+zEfoymbXagVYsvC
bE3fQMsVgMZfEgnpdmBDTpgWPAaGSILO+gUWswQoGYkyBZXlohioqUj5ZYg6UVSZ
6XfTkj7gJuKVEojQ790pvlifYpKsf6//FcG7VbuRkTaxnKrmv3R7wJWocVTYeiaM
TYlKqXdjAWQVRcCIfSs3sz3SiiM6AQwNDTqAqiUGpzw4ceIZC8o696v2cQIDAQAB
o4IDPTCCAzkwHQYDVR0OBBYEFKmPgMFzX4EACWjUrVD+AX1Ief34MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcVktQXdYTmZnUUFKYU5TdFVQNEJmVWg1X2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUQYIKwYBBQUHAQcBAf8EggFAMIIBPDAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBHgQCAAIwggEWAwUDKgxIgAMHACoMkkcAAQMFACoO
GoADBQMqDlqAAwUAKg7HgAMHACoO8gEAAQMFASoPCgADBwAqDx4AASMDBwAqDx4A
BFYDBwAqDx4ACYcDBwAqDx4ACrwDBwAqDx4A3vkDBwAqDx4BAAEDBwAqDx6BAAID
BwAqDx6BEpMDBwAqDx6BQxkDBwAqDx6BkugDBwAqDx6Bo9ADBwAqDx6Bza4DBQMq
DyEAAwUBKg85wAMHACoPPYABIwMFACoPPYIDBQAqDz2EAwUAKg89hwMFASoPfwAD
BwAqD+hH//8DBwAqEGfFAAEDBQMqEG1AAwcAKhKsQAAAAwcAKhKsQAAPAwUDKhLV
QAMHACoTGMAAAQMFAyoTSQAwDQYJKoZIhvcNAQELBQADggEBADKqgEry2/dY3X8E
mag3hmNnec9gPmYFK+dYqDqPhisUbn80Wofmiu5/TfBvMT9FHVq+x5pIJ1lEWTgd
saW/0U1ahY+kVIp0ZvVvobRi9abZ7kUaZ5wnM3ObtGFPUEbMBgSqFFZDjiOUOeWV
SWrwQCGrghMINr8S0ZeRYjrr1KC2wapDUpQmDLJglx6gitMy9QIldRV6V7fW063a
YlTKYKYFCzYNlQPKCGoQPmhfvAIK7mQ5S7esH2REC0DpAEeCPZgKABMYT/YIjruI
+YVHRjo7PISsnwVC+pc6+rl1IbqFLUYpmbdZ6icNRhj24d4O5PrZR0WdGmsFEVKX
vOu1Das=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:51 2025 by rpki-client