Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sXwvhCECe0k472wkP5oFowzWnPM.roa
File: sXwvhCECe0k472wkP5oFowzWnPM.roa (raw, json)
Hash identifier: MsAnA/J6o4/uDY1DvFY6FZk09mJVGpPU54kXyj0KLAQ=
Subject key identifier: B1:7C:2F:84:21:02:7B:49:38:EF:6C:24:3F:9A:05:A3:0C:D6:9C:F3
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018502059F08CE156B3716DFAE99501E5CA0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sXwvhCECe0k472wkP5oFowzWnPM.roa
Signing time: Sun 11 Dec 2022 16:30:00 +0000
ROA not before: Sun 11 Dec 2022 16:30:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 45.118.248.0/24 maxlen: 24
2a0f:7d00:1::/48 maxlen: 48
2a0e:15c1::/32 maxlen: 32
2a12:d6c1::/32 maxlen: 32
2a12:d6c0::/29 maxlen: 29
2a0a:2d00:1::/48 maxlen: 48
2a0e:2240:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:02:05:9f:08:ce:15:6b:37:16:df:ae:99:50:1e:5c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 11 16:30:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b17c2f8421027b4938ef6c243f9a05a30cd69cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9f:6f:78:00:44:03:61:dd:53:2d:29:97:39:
ee:94:27:2e:52:1b:aa:00:24:a4:7d:95:02:63:6e:
2b:61:e3:a2:59:db:7b:5a:e4:39:bc:df:29:8e:74:
24:d1:6b:ce:b9:76:a7:50:dc:2f:92:8e:29:cf:a0:
da:a3:84:90:2c:f8:be:df:9a:4f:84:06:f0:86:a5:
61:1d:02:20:40:b6:ba:4f:26:00:a5:88:43:0b:2d:
40:e1:fa:ca:b3:2e:9e:a0:fc:45:97:db:4c:95:62:
e2:d6:d9:c1:7f:88:f7:eb:0d:3e:5e:73:7e:5d:16:
46:21:d9:73:28:67:dc:dd:d7:c0:85:04:b9:b8:1d:
75:7b:00:42:63:7a:05:9f:fc:b4:2d:de:be:cb:90:
71:87:f8:f1:e1:66:f4:22:4a:d9:c4:8a:6c:41:d7:
0c:c1:69:b9:9d:fb:c0:86:44:b4:1e:e9:8e:32:31:
5c:34:8b:f5:d2:b7:08:ca:71:bd:6f:44:5d:96:b6:
50:35:52:7d:cc:85:05:00:96:ed:f2:a5:ae:46:80:
45:51:a6:30:97:eb:b1:ba:2a:3e:d0:53:8e:4b:bd:
1c:84:4d:f8:cc:62:9d:36:7e:c0:c7:e1:2f:3c:a8:
d8:c3:fd:4e:52:2c:06:1c:34:15:a0:9e:f0:79:60:
9c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:7C:2F:84:21:02:7B:49:38:EF:6C:24:3F:9A:05:A3:0C:D6:9C:F3
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sXwvhCECe0k472wkP5oFowzWnPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.118.248.0/24
IPv6:
2a0a:2d00:1::/48
2a0e:15c1::/32
2a0e:2240:1::/48
2a0f:7d00:1::/48
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
19:c5:27:47:82:d7:ab:a1:68:1a:11:46:bc:b8:3c:cd:85:e6:
82:fa:90:ba:32:c1:31:6f:cf:df:84:e9:b4:15:e4:67:fc:1a:
e2:09:aa:0b:d0:3e:58:31:d5:5f:b2:33:98:c9:d2:1d:5a:cc:
8e:ab:2a:b0:87:a3:a5:fe:25:b1:60:04:89:b9:d5:65:b1:4b:
b5:16:53:79:ea:45:30:1f:6b:22:6e:ce:72:c3:a4:33:24:25:
57:f3:55:01:8c:b9:9c:df:3f:00:29:1e:6b:22:9a:58:97:f3:
f5:b3:24:a9:f2:11:ec:9a:70:30:25:ae:b7:a8:84:e3:64:87:
84:63:ea:e7:10:3d:2e:25:78:61:6d:a9:67:e0:cb:a7:14:39:
5e:fd:6f:a7:49:f6:85:9e:68:f5:d7:52:65:6e:a8:08:6d:65:
d2:21:23:8c:bc:6d:44:24:0e:d1:d7:bf:14:d9:ce:f8:24:fe:
85:2d:82:c3:27:d2:76:c5:f4:77:68:98:19:da:9b:86:57:49:
61:21:9e:da:27:88:30:f9:cb:96:0a:40:a8:43:79:64:2c:f4:
db:ba:8f:7e:1b:93:8e:66:6c:9d:0d:ae:5b:ea:1b:68:2f:ee:
b1:a5:6b:8f:95:81:94:f1:f6:b2:76:23:4f:bf:9d:22:ef:bf:
62:aa:bf:01
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYUCBZ8IzhVrNxbfrplQHlygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjExMTYzMDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTdjMmY4NDIxMDI3YjQ5MzhlZjZjMjQzZjlhMDVhMzBjZDY5Y2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ9veABEA2HdUy0plznulCcuUhuq
ACSkfZUCY24rYeOiWdt7WuQ5vN8pjnQk0WvOuXanUNwvko4pz6Dao4SQLPi+35pP
hAbwhqVhHQIgQLa6TyYApYhDCy1A4frKsy6eoPxFl9tMlWLi1tnBf4j36w0+XnN+
XRZGIdlzKGfc3dfAhQS5uB11ewBCY3oFn/y0Ld6+y5Bxh/jx4Wb0IkrZxIpsQdcM
wWm5nfvAhkS0HumOMjFcNIv10rcIynG9b0RdlrZQNVJ9zIUFAJbt8qWuRoBFUaYw
l+uxuio+0FOOS70chE34zGKdNn7Ax+EvPKjYw/1OUiwGHDQVoJ7weWCcJQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFLF8L4QhAntJOO9sJD+aBaMM1pzzMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvc1h3dmhDRUNlMGs0NzJ3a1A1b0Zvd3pXblBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAMBAIAATAGAwQALXb4MC8E
AgACMCkDBwAqCi0AAAEDBQAqDhXBAwcAKg4iQAABAwcAKg99AAABAwUDKhLWwDAN
BgkqhkiG9w0BAQsFAAOCAQEAGcUnR4LXq6FoGhFGvLg8zYXmgvqQujLBMW/P34Tp
tBXkZ/wa4gmqC9A+WDHVX7IzmMnSHVrMjqsqsIejpf4lsWAEibnVZbFLtRZTeepF
MB9rIm7OcsOkMyQlV/NVAYy5nN8/ACkeayKaWJfz9bMkqfIR7JpwMCWut6iE42SH
hGPq5xA9LiV4YW2pZ+DLpxQ5Xv1vp0n2hZ5o9ddSZW6oCG1l0iEjjLxtRCQO0de/
FNnO+CT+hS2CwyfSdsX0d2iYGdqbhldJYSGe2ieIMPnLlgpAqEN5ZCz027qPfhuT
jmZsnQ2uW+obaC/usaVrj5WBlPH2snYjT7+dIu+/Yqq/AQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:41 2025 by rpki-client