Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yzsl7NlvWeA1PAjHtfhCEOi1Du8.roa
File: yzsl7NlvWeA1PAjHtfhCEOi1Du8.roa (raw, json)
Hash identifier: qAYCOg4afY6KwmVfuCfeK2R7ls3ENyzQKHVuiiPmdVc=
Subject key identifier: CB:3B:25:EC:D9:6F:59:E0:35:3C:08:C7:B5:F8:42:10:E8:B5:0E:EF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C7BEDB96798680D9F7D28BDEFDF43F212
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yzsl7NlvWeA1PAjHtfhCEOi1Du8.roa
Signing time: Mon 18 Dec 2023 07:57:06 +0000
ROA not before: Mon 18 Dec 2023 07:57:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
2a12:d6c0::/29 maxlen: 29
2a0f:e840::/32 maxlen: 32
2a13:fd00::/29 maxlen: 29
2a13:18c4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:ed:b9:67:98:68:0d:9f:7d:28:bd:ef:df:43:f2:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 18 07:57:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb3b25ecd96f59e0353c08c7b5f84210e8b50eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:87:eb:be:38:74:83:84:5a:14:05:34:da:84:
07:38:b9:99:4f:0d:b7:fa:80:fb:02:46:ea:3b:0d:
4f:a5:81:c8:7e:88:bd:19:fb:a3:43:0b:b2:75:92:
22:56:66:a0:5b:9e:03:fa:2e:49:49:ea:cc:7a:84:
6b:90:47:3b:ed:9e:59:ff:1e:b5:bf:8d:8e:b2:7c:
6b:9e:8b:d5:64:2d:fe:cf:4e:01:d8:c1:8a:c3:1b:
78:d3:94:61:c3:56:ac:cb:33:fc:4e:92:85:1d:5a:
d2:a7:19:aa:dc:5a:83:5a:13:87:79:7b:da:48:01:
92:17:99:9f:d4:b0:6c:c2:0e:af:c8:8a:26:c5:66:
7d:27:19:2a:ff:b0:52:67:e9:c8:8d:a4:53:ec:91:
dd:f7:2e:35:66:56:56:1f:97:f9:6f:0c:bc:cc:47:
79:69:df:8c:42:a3:3b:ea:8f:55:bf:82:05:66:d4:
75:ba:9f:0e:f6:9e:1e:7b:18:da:e6:66:10:0c:f8:
38:8b:10:2a:7f:e9:80:9c:9d:d8:17:d7:31:da:59:
39:ab:6d:8c:b1:c3:62:ce:b4:65:10:af:fa:35:1a:
6f:66:b7:84:48:1c:1d:94:24:62:3e:10:37:51:0d:
84:b6:d5:9b:e0:08:d3:59:26:0a:9e:49:8a:52:6d:
9b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3B:25:EC:D9:6F:59:E0:35:3C:08:C7:B5:F8:42:10:E8:B5:0E:EF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yzsl7NlvWeA1PAjHtfhCEOi1Du8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a0f:e840::/32
2a12:d6c0::/29
2a13:18c4::/32
2a13:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
92:dd:f3:8f:f1:09:60:49:e4:3a:48:75:31:d6:fe:e7:f3:8f:
c9:6d:76:ce:01:64:c9:6d:23:83:97:f4:4b:3c:19:13:3d:e9:
3f:5b:93:93:3e:a7:8b:41:4f:7d:aa:dd:73:53:27:d8:05:f9:
30:0d:07:a1:b2:f1:c8:24:3b:20:55:61:36:5b:5a:2c:77:0d:
c6:8d:4b:0b:31:0f:a6:e7:8c:2d:52:ab:9c:8d:ce:e4:3e:1f:
8c:fe:ae:92:7b:2c:75:e6:b8:b1:92:e7:80:bf:5b:7a:cd:2a:
94:52:41:75:7b:0e:19:eb:e9:49:37:a8:fa:34:75:27:96:d9:
30:f2:7d:da:a5:5f:67:c5:ea:d8:43:07:10:68:04:12:29:f6:
78:d8:d1:68:24:5f:80:b4:0f:7d:cd:3c:56:b8:55:ee:91:7b:
38:7c:54:5e:55:be:34:ff:68:a6:da:bf:76:83:1f:3a:ee:56:
32:c1:7e:d3:97:87:d5:92:27:72:ea:1b:29:3d:08:f0:f4:63:
24:f8:30:74:50:f4:c9:e7:4a:19:ca:b9:53:d5:05:24:77:9a:
50:c2:a1:94:a8:3a:33:df:08:95:71:72:8c:a5:d6:15:1c:bf:
c8:cd:79:70:80:fa:db:6a:e0:51:8c:ac:df:c5:8e:d9:bb:93:
a9:8f:43:d4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYx77blnmGgNn30ove/fQ/ISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjE4MDc1NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjNiMjVlY2Q5NmY1OWUwMzUzYzA4YzdiNWY4NDIxMGU4YjUwZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYfrvjh0g4RaFAU02oQHOLmZTw23
+oD7AkbqOw1PpYHIfoi9GfujQwuydZIiVmagW54D+i5JSerMeoRrkEc77Z5Z/x61
v42OsnxrnovVZC3+z04B2MGKwxt405Rhw1asyzP8TpKFHVrSpxmq3FqDWhOHeXva
SAGSF5mf1LBswg6vyIomxWZ9Jxkq/7BSZ+nIjaRT7JHd9y41ZlZWH5f5bwy8zEd5
ad+MQqM76o9Vv4IFZtR1up8O9p4eexja5mYQDPg4ixAqf+mAnJ3YF9cx2lk5q22M
scNizrRlEK/6NRpvZreESBwdlCRiPhA3UQ2EttWb4AjTWSYKnkmKUm2bzQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMs7JezZb1ngNTwIx7X4QhDotQ7vMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveXpzbDdObHZXZUExUEFqSHRmaENFT2kxRHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MCIEAgACMBwDBQAqD+hAAwUDKhLWwAMFACoTGMQDBQMqE/0AMA0G
CSqGSIb3DQEBCwUAA4IBAQCS3fOP8QlgSeQ6SHUx1v7n84/JbXbOAWTJbSODl/RL
PBkTPek/W5OTPqeLQU99qt1zUyfYBfkwDQehsvHIJDsgVWE2W1osdw3GjUsLMQ+m
54wtUqucjc7kPh+M/q6Seyx15rixkueAv1t6zSqUUkF1ew4Z6+lJN6j6NHUnltkw
8n3apV9nxerYQwcQaAQSKfZ42NFoJF+AtA99zTxWuFXukXs4fFReVb40/2im2r92
gx867lYywX7Tl4fVkidy6hspPQjw9GMk+DB0UPTJ50oZyrlT1QUkd5pQwqGUqDoz
3wiVcXKMpdYVHL/IzXlwgPrbauBRjKzfxY7Zu5Opj0PU
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:39:36 2025 by rpki-client