Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x43ktomfDNthlb_SVzbpDO5aEgE.roa
File: x43ktomfDNthlb_SVzbpDO5aEgE.roa (raw, json)
Hash identifier: I7VlXOItCj0YCUVqVoMi3jxGHIIGbFw6FcKOvWL0W74=
Subject key identifier: C7:8D:E4:B6:89:9F:0C:DB:61:95:BF:D2:57:36:E9:0C:EE:5A:12:01
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018BBE16A6583883393FBEAEADA053D49C2C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x43ktomfDNthlb_SVzbpDO5aEgE.roa
Signing time: Sat 11 Nov 2023 11:13:57 +0000
ROA not before: Sat 11 Nov 2023 11:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a13:9580::/29 maxlen: 29
2a0e:c780::/32 maxlen: 32
2a13:9680::/29 maxlen: 29
2a0f:3d83::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:e940::/29 maxlen: 29
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:a00::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a10:67c5:1::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0c:9247:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:3d87::/32 maxlen: 32
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac41::/32 maxlen: 32
2a12:ac40:f::/48 maxlen: 48
2a0f:ea42::/32 maxlen: 32
2a0c:4880::/29 maxlen: 29
2a0f:a01::/32 maxlen: 32
2a12:ecc2::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a13:1940::/29 maxlen: 29
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a13:18c3::/32 maxlen: 32
2a07:f306:123::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:be:16:a6:58:38:83:39:3f:be:ae:ad:a0:53:d4:9c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 11 11:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c78de4b6899f0cdb6195bfd25736e90cee5a1201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ac:95:48:c8:74:20:11:6c:93:28:df:28:f0:
28:9d:76:ae:72:f7:2d:99:e6:75:07:d3:39:c7:51:
b9:63:af:03:60:2c:5f:b7:0f:14:09:53:73:46:81:
41:2d:76:e7:26:8c:4a:61:77:75:53:c4:3d:c0:f5:
cb:74:9e:f2:2b:7c:13:91:8c:5f:c3:79:6e:22:0c:
ce:38:1f:d6:95:66:7f:4d:47:ea:27:45:1b:a0:dc:
99:a1:b1:df:37:39:78:5b:24:70:d8:ed:8e:36:23:
b0:bc:88:5d:ed:16:65:77:5c:17:fc:62:86:4a:60:
2d:f4:3f:ab:d8:63:96:44:ac:38:62:24:7d:3f:1a:
0d:aa:50:9e:d2:df:91:b0:60:9e:2c:4f:d9:9f:71:
14:36:89:b9:75:5d:6c:1c:f1:ba:03:60:cc:05:0a:
98:51:9f:ed:c3:ab:db:bd:d8:80:31:6b:3e:a7:28:
f2:88:83:da:08:aa:20:86:eb:03:b1:50:a2:7c:37:
97:0c:ca:73:97:b2:0a:a4:4f:0e:12:46:56:ec:95:
97:fc:cb:17:5b:bd:f1:54:a5:10:47:4f:77:70:e3:
91:76:01:98:59:45:0a:1d:15:d6:8a:f4:35:e7:ca:
c0:e8:71:45:14:ec:a4:8d:be:a7:fc:48:2b:80:2b:
57:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8D:E4:B6:89:9F:0C:DB:61:95:BF:D2:57:36:E9:0C:EE:5A:12:01
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x43ktomfDNthlb_SVzbpDO5aEgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a07:f306:123::/48
2a0c:4880::/29
2a0c:9247:1::/48
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a00::/31
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:3d80:123::/48
2a0f:3d82::/31
2a0f:3d87::/32
2a0f:e940::/29
2a0f:ea42::/32
2a10:67c5:1::/48
2a10:6d40::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:ac41::/32
2a12:ecc2::/32
2a13:18c0:1::/48
2a13:18c3::/32
2a13:1940::/29
2a13:4900::/29
2a13:9580::/29
2a13:9680::/29
Signature Algorithm: sha256WithRSAEncryption
19:95:5e:1c:d2:d6:31:b3:65:f0:c0:3b:ef:3d:09:c4:b8:bf:
e1:d3:6d:74:aa:34:57:a9:c9:c4:a5:f8:09:4b:2d:cf:da:c3:
81:56:d0:4b:61:18:d9:ec:06:52:40:25:0b:28:52:af:8b:30:
9d:9e:3d:aa:a9:92:22:cf:5b:0e:c7:61:e7:b7:25:5d:90:8e:
e9:b3:c8:27:e7:9b:67:4d:b9:17:c1:f4:7e:ed:31:de:3c:bb:
a9:9a:08:3f:c8:cc:db:ec:5c:bb:34:0c:43:34:28:c8:cb:b2:
d2:12:86:e0:ae:6c:65:3a:5e:38:8e:ff:90:6e:a4:9c:4c:24:
2a:f0:f3:c8:26:1d:4f:4d:85:f3:30:8f:e6:42:a9:74:f3:08:
30:73:36:a7:2a:78:2d:2e:b0:b2:7d:cc:81:38:2f:fa:50:55:
77:95:27:8e:df:e5:0f:01:51:e0:aa:47:8b:bf:05:d2:27:90:
37:a1:67:d7:29:b2:60:67:91:ce:33:da:7d:dd:1c:57:6d:5d:
03:bb:5a:a0:1a:2f:ad:90:08:95:c8:17:26:53:0d:ee:c1:62:
65:2b:37:4c:d0:15:84:1d:7b:a3:73:38:95:a7:72:bf:4a:4f:
0e:b8:c6:c5:64:15:18:3b:f9:0a:1e:50:6d:cf:2a:20:1a:b2:
33:9f:a5:c5
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAYu+FqZYOIM5P76uraBT1JwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTExMTExMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzhkZTRiNjg5OWYwY2RiNjE5NWJmZDI1NzM2ZTkwY2VlNWExMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6yVSMh0IBFskyjfKPAonXaucvct
meZ1B9M5x1G5Y68DYCxftw8UCVNzRoFBLXbnJoxKYXd1U8Q9wPXLdJ7yK3wTkYxf
w3luIgzOOB/WlWZ/TUfqJ0UboNyZobHfNzl4WyRw2O2ONiOwvIhd7RZld1wX/GKG
SmAt9D+r2GOWRKw4YiR9PxoNqlCe0t+RsGCeLE/Zn3EUNom5dV1sHPG6A2DMBQqY
UZ/tw6vbvdiAMWs+pyjyiIPaCKoghusDsVCifDeXDMpzl7IKpE8OEkZW7JWX/MsX
W73xVKUQR093cOORdgGYWUUKHRXWivQ158rA6HFFFOykjb6n/EgrgCtXewIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFMeN5LaJnwzbYZW/0lc26QzuWhIBMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveDQza3RvbWZETnRobGJfU1Z6YnBETzVhRWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBLAQCAAIwggEkAwcAKgfzBgEjAwUDKgxIgAMHACoM
kkcAAQMFACoOGoADBQAqDseAAwcAKg7yAQABAwUBKg8KAAMHACoPHgABIwMHACoP
HgAEVgMHACoPHgAJhwMHACoPHgAKvAMHACoPHgDe+QMHACoPHgEAAQMHACoPHoEA
AgMHACoPHoESkwMHACoPHoFDGQMHACoPHoGS6AMHACoPHoGj0AMHACoPHoHNrgMH
ACoPPYABIwMFASoPPYIDBQAqDz2HAwUDKg/pQAMFACoP6kIDBwAqEGfFAAEDBQMq
EG1AAwcAKhKsQAAAAwcAKhKsQAAPAwUAKhKsQQMFACoS7MIDBwAqExjAAAEDBQAq
ExjDAwUDKhMZQAMFAyoTSQADBQMqE5WAAwUDKhOWgDANBgkqhkiG9w0BAQsFAAOC
AQEAGZVeHNLWMbNl8MA77z0JxLi/4dNtdKo0V6nJxKX4CUstz9rDgVbQS2EY2ewG
UkAlCyhSr4swnZ49qqmSIs9bDsdh57clXZCO6bPIJ+ebZ025F8H0fu0x3jy7qZoI
P8jM2+xcuzQMQzQoyMuy0hKG4K5sZTpeOI7/kG6knEwkKvDzyCYdT02F8zCP5kKp
dPMIMHM2pyp4LS6wsn3MgTgv+lBVd5Unjt/lDwFR4KpHi78F0ieQN6Fn1ymyYGeR
zjPafd0cV21dA7taoBovrZAIlcgXJlMN7sFiZSs3TNAVhB17o3M4ladyv0pPDrjG
xWQVGDv5Ch5Qbc8qIBqyM5+lxQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:45 2025 by rpki-client