Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yxv2imxrYVUo1dHmMYc9r8MAW1M.roa
File: yxv2imxrYVUo1dHmMYc9r8MAW1M.roa (raw, json)
Hash identifier: VEnMw3WAKHT1aYwZQn3m9U/HvYvvUzFYnb9GyUUXzRM=
Subject key identifier: CB:1B:F6:8A:6C:6B:61:55:28:D5:D1:E6:31:87:3D:AF:C3:00:5B:53
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 02B8C8D0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yxv2imxrYVUo1dHmMYc9r8MAW1M.roa
Signing time: Tue 12 Apr 2022 07:55:07 +0000
ROA not before: Tue 12 Apr 2022 07:55:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 193.39.209.0/24 maxlen: 24
194.33.32.0/24 maxlen: 24
185.164.59.0/24 maxlen: 24
45.137.86.0/24 maxlen: 24
193.111.4.0/24 maxlen: 24
193.111.5.0/24 maxlen: 24
193.111.19.0/24 maxlen: 24
193.111.18.0/24 maxlen: 24
45.154.230.0/24 maxlen: 24
45.130.253.0/24 maxlen: 24
45.137.41.0/24 maxlen: 24
45.157.38.0/24 maxlen: 24
45.157.37.0/24 maxlen: 24
45.153.219.0/24 maxlen: 24
45.153.218.0/24 maxlen: 24
45.95.98.0/24 maxlen: 24
45.91.211.0/24 maxlen: 24
45.91.208.0/24 maxlen: 24
45.153.23.0/24 maxlen: 24
45.153.21.0/24 maxlen: 24
91.212.107.0/24 maxlen: 24
45.13.186.0/24 maxlen: 24
113.30.152.0/24 maxlen: 24
45.128.77.0/24 maxlen: 24
113.30.155.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
113.30.153.0/24 maxlen: 24
193.41.39.0/24 maxlen: 24
45.158.198.0/24 maxlen: 24
45.158.197.0/24 maxlen: 24
2a0f:ac00::/29 maxlen: 29
2a0f:e1c2::/32 maxlen: 32
2a0f:1f80::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
2a09:17c0::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0e:2240:2::/48 maxlen: 48
2a0f:e6c0:fe1::/48 maxlen: 48
2a0f:e1c0::/32 maxlen: 32
2a0f:a03::/32 maxlen: 32
2a0f:da40::/29 maxlen: 29
2a0f:e1c7::/32 maxlen: 32
2a0e:f200:2::/48 maxlen: 48
2a0f:e6c0:991::/48 maxlen: 48
2a0f:e842::/32 maxlen: 32
2a0e:2440::/29 maxlen: 29
2a0e:e980::/29 maxlen: 29
2a0f:df40::/29 maxlen: 29
2a0f:a02::/32 maxlen: 32
2a0f:e600:1::/48 maxlen: 48
2a0f:e6c0:123::/48 maxlen: 48
2a0f:a04::/32 maxlen: 32
2a0f:e143::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45664464 (0x2b8c8d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 12 07:55:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb1bf68a6c6b615528d5d1e631873dafc3005b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6f:c7:84:0e:32:8f:1b:c4:bf:b6:79:d0:9b:
f1:ca:a7:78:b6:09:de:73:76:ec:d0:b2:1f:2e:98:
d5:d9:a5:43:ad:36:1a:f7:a7:27:da:d8:b3:37:63:
ea:21:fb:dd:5c:81:47:ff:13:8b:d0:12:a3:66:b0:
67:31:1d:da:92:b3:86:1a:2e:65:97:be:48:d8:f1:
ac:7b:e9:28:35:f9:4e:8d:11:34:4d:4d:9c:4a:cc:
a4:6b:52:40:a5:48:55:35:0e:1d:c5:80:71:df:5f:
08:3c:07:cc:ef:15:ec:01:4b:3b:ee:66:69:b7:bb:
78:1a:2a:ec:d9:1b:1e:1c:a0:5a:9a:8d:66:ee:3b:
d6:27:35:0b:cd:58:17:4d:3f:aa:28:89:c6:a3:6b:
92:a8:5e:f7:54:47:74:2c:1b:48:3e:99:68:01:7e:
a9:72:5d:38:c3:13:44:5b:a1:7a:60:55:41:78:01:
db:97:06:1b:36:09:4a:96:68:b3:93:ae:80:e1:37:
09:51:a5:23:66:f0:01:ed:09:7f:f8:0c:1f:41:7f:
6d:2d:06:33:74:c7:0a:28:b0:b9:68:2a:53:b9:04:
69:cd:29:b3:0e:15:09:d6:25:24:1d:7b:da:06:12:
df:83:02:7d:94:7e:8b:66:b9:5d:d6:89:32:5e:06:
30:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:1B:F6:8A:6C:6B:61:55:28:D5:D1:E6:31:87:3D:AF:C3:00:5B:53
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yxv2imxrYVUo1dHmMYc9r8MAW1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.186.0/24
45.91.208.0/24
45.91.211.0/24
45.95.98.0/24
45.128.77.0/24
45.130.253.0/24
45.137.41.0/24
45.137.86.0/24
45.153.21.0/24
45.153.23.0/24
45.153.218.0/23
45.154.230.0/24
45.157.37.0-45.157.38.255
45.158.197.0-45.158.198.255
91.212.107.0/24
113.30.152.0/22
185.164.59.0/24
193.39.209.0/24
193.41.39.0/24
193.111.4.0/23
193.111.18.0/23
194.33.32.0/24
IPv6:
2a09:17c0::/29
2a0e:2240:2::/48
2a0e:2440::/29
2a0e:e980::/29
2a0e:f200:2::/48
2a0f:a02::-2a0f:a04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:1f80::/29
2a0f:ac00::/29
2a0f:da40::/29
2a0f:dac0::/29
2a0f:df40::/29
2a0f:e143::/32
2a0f:e1c0::/32
2a0f:e1c2::/32
2a0f:e1c7::/32
2a0f:e600:1::/48
2a0f:e6c0:123::/48
2a0f:e6c0:991::/48
2a0f:e6c0:fe1::/48
2a0f:e842::/32
2a0f:e940::/29
Signature Algorithm: sha256WithRSAEncryption
05:ec:b8:6f:ee:8b:83:a6:dd:4d:4a:ba:ad:e9:28:44:4c:14:
10:d1:5b:c5:a0:48:65:61:a3:de:d1:3e:62:a6:b0:ed:b0:c5:
85:27:00:79:d0:d0:af:d7:70:77:ba:ea:2e:75:13:3b:41:94:
85:d4:5a:fa:81:73:2a:d1:23:10:8c:1b:cd:df:08:48:ac:84:
cb:ba:aa:02:be:d2:b4:2f:e8:5c:78:0f:4b:ea:df:46:06:ac:
9c:f3:5c:48:f9:dd:ed:6c:6c:2e:30:9a:54:3e:cc:de:aa:5b:
b2:1c:61:f6:a5:b9:cd:42:58:bb:87:00:cb:6f:a9:90:dd:44:
4c:b4:bb:f8:ff:9e:aa:46:77:68:6e:7f:b5:3a:18:1a:1a:fa:
d2:4d:9a:29:16:5d:39:cd:f1:85:83:b5:51:6a:ba:5c:85:66:
01:d5:10:50:df:a7:b6:03:8c:b5:dc:04:02:90:a7:f4:c4:f1:
d8:c8:4c:38:8b:b1:72:83:51:a2:7c:92:15:cf:35:10:ce:6b:
93:17:c0:35:0b:91:90:e6:2b:be:c7:83:4c:11:65:80:72:58:
40:51:f2:e0:1b:31:43:f7:42:db:87:6e:c4:8a:2b:11:37:fc:
01:1e:84:9e:c8:68:38:d2:5a:d2:20:61:45:e4:d1:cf:d9:2c:
de:3d:37:5c
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIEArjI0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDQx
MjA3NTUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2IxYmY2OGE2YzZi
NjE1NTI4ZDVkMWU2MzE4NzNkYWZjMzAwNWI1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtvx4QOMo8bxL+2edCb8cqneLYJ3nN27NCyHy6Y1dmlQ602
GvenJ9rYszdj6iH73VyBR/8Ti9ASo2awZzEd2pKzhhouZZe+SNjxrHvpKDX5To0R
NE1NnErMpGtSQKVIVTUOHcWAcd9fCDwHzO8V7AFLO+5mabe7eBoq7NkbHhygWpqN
Zu471ic1C81YF00/qiiJxqNrkqhe91RHdCwbSD6ZaAF+qXJdOMMTRFuhemBVQXgB
25cGGzYJSpZos5OugOE3CVGlI2bwAe0Jf/gMH0F/bS0GM3THCiiwuWgqU7kEac0p
sw4VCdYlJB172gYS34MCfZR+i2a5XdaJMl4GMNECAwEAAaOCA1EwggNNMB0GA1Ud
DgQWBBTLG/aKbGthVSjV0eYxhz2vwwBbUzAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L3l4djJpbXhyWVZVbzFkSG1NWWM5cjhNQVcxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AWUGCCsGAQUFBwEHAQH/BIIBVDCCAVAwgZsEAgABMIGUAwQALQ26AwQALVvQAwQA
LVvTAwQALV9iAwQALYBNAwQALYL9AwQALYkpAwQALYlWAwQALZkVAwQALZkXAwQB
LZnaAwQALZrmMAwDBAAtnSUDBAAtnSYwDAMEAC2exQMEAC2exgMEAFvUawMEAnEe
mAMEALmkOwMEAMEn0QMEAMEpJwMEAcFvBAMEAcFvEgMEAMIhIDCBrwQCAAIwgagD
BQMqCRfAAwcAKg4iQAACAwUDKg4kQAMFAyoO6YADBwAqDvIAAAIwDgMFASoPCgID
BQAqDwoEAwUDKg8fgAMFAyoPrAADBQMqD9pAAwUDKg/awAMFAyoP30ADBQAqD+FD
AwUAKg/hwAMFACoP4cIDBQAqD+HHAwcAKg/mAAABAwcAKg/mwAEjAwcAKg/mwAmR
AwcAKg/mwA/hAwUAKg/oQgMFAyoP6UAwDQYJKoZIhvcNAQELBQADggEBAAXsuG/u
i4Om3U1Kuq3pKERMFBDRW8WgSGVho97RPmKmsO2wxYUnAHnQ0K/XcHe66i51EztB
lIXUWvqBcyrRIxCMG83fCEishMu6qgK+0rQv6Fx4D0vq30YGrJzzXEj53e1sbC4w
mlQ+zN6qW7IcYfaluc1CWLuHAMtvqZDdREy0u/j/nqpGd2huf7U6GBoa+tJNmikW
XTnN8YWDtVFqulyFZgHVEFDfp7YDjLXcBAKQp/TE8djITDiLsXKDUaJ8khXPNRDO
a5MXwDULkZDmK77Hg0wRZYByWEBR8uAbMUP3QtuHbsSKKxE3/AEehJ7IaDjSWtIg
YUXk0c/ZLN49N1w=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:24 2025 by rpki-client