Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zTKOSLBo9eTp4bxzFk0GEGqB2eU.roa
File: zTKOSLBo9eTp4bxzFk0GEGqB2eU.roa (raw, json)
Hash identifier: G0NvrSVy3fJOzLrTfRu2L6GZdIRLQjPuiInjciMkzTA=
Subject key identifier: CD:32:8E:48:B0:68:F5:E4:E9:E1:BC:73:16:4D:06:10:6A:81:D9:E5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0187E6779FCDBC7356280CB997D62C4D214B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zTKOSLBo9eTp4bxzFk0GEGqB2eU.roa
Signing time: Thu 04 May 2023 11:13:32 +0000
ROA not before: Thu 04 May 2023 11:13:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:39c1::/32 maxlen: 32
2a0e:c780::/32 maxlen: 32
2a0f:7f00::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:a00::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a0e:5a80::/29 maxlen: 29
2a0f:1e01:1::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a12:d540::/29 maxlen: 29
2a0f:7d04:1::/48 maxlen: 48
2a0f:39c0::/32 maxlen: 32
2a0f:1e81:cdae::/48 maxlen: 48
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:3d87::/32 maxlen: 32
2a13:8200::/29 maxlen: 29
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac40:f::/48 maxlen: 48
2a0f:2100::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a0f:a01::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:7f01::/32 maxlen: 32
2a0f:e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:77:9f:cd:bc:73:56:28:0c:b9:97:d6:2c:4d:21:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 4 11:13:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd328e48b068f5e4e9e1bc73164d06106a81d9e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ff:47:cc:41:ad:08:81:35:d8:0f:d7:53:b7:16:
f1:a2:23:1c:07:38:02:29:59:83:03:97:51:ab:ff:
70:c5:c9:a3:29:07:c5:61:49:0a:68:d8:e1:73:60:
c8:42:a9:6b:6f:55:a5:d4:da:6e:07:53:81:97:ca:
77:ed:16:df:80:83:35:c2:66:67:d7:8b:ba:56:34:
66:d2:84:4c:af:b6:11:66:20:e2:d9:3f:b3:88:e4:
aa:22:42:91:16:ee:ca:f4:4d:5f:cb:9f:9f:67:3a:
fb:0a:8a:b7:a7:b7:8d:8b:92:b4:9e:29:c4:c8:31:
1a:0b:7f:95:79:ba:95:e7:ac:71:87:97:1a:c1:d0:
c7:db:b9:50:f7:fb:a4:84:48:8c:78:d9:6a:c4:96:
64:3b:6d:18:09:f3:b7:36:03:9e:ff:d5:14:fc:ae:
de:59:7a:92:cc:3c:ce:e4:47:25:68:b2:a6:2c:f2:
58:e7:af:a1:19:07:25:63:18:4e:1e:ad:0e:22:c4:
db:2f:00:ca:81:cd:ea:d5:64:2c:ce:3a:81:22:ec:
10:3d:3d:0c:a8:12:13:42:58:58:28:72:d2:dc:aa:
f3:29:2e:d0:85:db:43:c6:7f:d2:4a:0b:c4:47:4e:
11:ec:19:25:99:ac:e5:d4:6a:62:fb:a2:79:ca:1c:
53:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:32:8E:48:B0:68:F5:E4:E9:E1:BC:73:16:4D:06:10:6A:81:D9:E5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zTKOSLBo9eTp4bxzFk0GEGqB2eU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a0c:4880::/29
2a0e:1a80::/32
2a0e:5a80::/29
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a00::/31
2a0f:e00::/29
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2100::/29
2a0f:39c0::/31
2a0f:3d80:123::/48
2a0f:3d82::/32
2a0f:3d84::/32
2a0f:3d87::/32
2a0f:7d04:1::/48
2a0f:7f00::/31
2a10:6d40::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:d540::/29
2a13:4900::/29
2a13:8200::/29
Signature Algorithm: sha256WithRSAEncryption
c4:23:17:56:d4:88:9b:4a:cf:2e:59:f8:d0:dc:5a:f2:ec:28:
ab:d6:94:8b:4c:b9:09:1f:c3:f7:a5:25:93:71:cc:65:b8:18:
31:64:99:63:f3:7a:54:b7:af:26:dd:28:43:2e:ec:9d:6b:bb:
26:b2:87:64:ea:8c:c8:24:6f:24:8d:81:9d:bb:00:c1:16:19:
e7:07:95:0b:9a:58:8d:53:d1:ef:db:f9:0b:0b:68:32:cf:49:
4a:46:f6:2a:bf:08:09:93:17:d3:20:af:dc:1e:b3:7a:9e:05:
2a:65:0b:4c:ca:db:09:93:bc:0a:ed:2b:b1:51:e7:cc:f2:62:
8e:92:5f:2f:50:2a:cc:93:98:14:8b:2b:39:6f:5d:9d:a1:60:
df:68:c9:08:02:36:9d:5e:75:10:0b:5e:3c:79:64:56:7b:84:
74:b7:fd:fe:04:8a:ee:0c:76:64:87:21:23:ce:b4:97:8e:82:
e8:76:d8:ba:f2:25:44:80:a4:b7:5e:22:08:4f:42:5a:84:e2:
7a:87:31:17:7f:a2:d5:7b:10:c1:f8:88:f9:8d:09:c3:ea:35:
86:67:d5:b5:08:1b:d3:69:76:76:3d:4c:e5:02:b2:72:b3:a5:
4a:06:6c:8c:44:06:ef:51:d2:ca:ab:1e:3f:23:be:5b:46:e0:
e7:0c:3b:8b
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgISAYfmd5/NvHNWKAy5l9YsTSFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNTA0MTExMzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDMyOGU0OGIwNjhmNWU0ZTllMWJjNzMxNjRkMDYxMDZhODFkOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/0fMQa0IgTXYD9dTtxbxoiMcBzgC
KVmDA5dRq/9wxcmjKQfFYUkKaNjhc2DIQqlrb1Wl1NpuB1OBl8p37RbfgIM1wmZn
14u6VjRm0oRMr7YRZiDi2T+ziOSqIkKRFu7K9E1fy5+fZzr7Coq3p7eNi5K0ninE
yDEaC3+VebqV56xxh5cawdDH27lQ9/ukhEiMeNlqxJZkO20YCfO3NgOe/9UU/K7e
WXqSzDzO5EclaLKmLPJY56+hGQclYxhOHq0OIsTbLwDKgc3q1WQszjqBIuwQPT0M
qBITQlhYKHLS3KrzKS7QhdtDxn/SSgvER04R7Bklmazl1Gpi+6J5yhxT+wIDAQAB
o4IDMDCCAywwHQYDVR0OBBYEFM0yjkiwaPXk6eG8cxZNBhBqgdnlMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvelRLT1NMQm85ZVRwNGJ4ekZrMEdFR3FCMmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRAYIKwYBBQUHAQcBAf8EggEzMIIBLzAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBEQQCAAIwggEJAwUDKgxIgAMFACoOGoADBQMqDlqA
AwUAKg7HgAMHACoO8gEAAQMFASoPCgADBQMqDw4AAwcAKg8eAAEjAwcAKg8eAARW
AwcAKg8eAAmHAwcAKg8eAAq8AwcAKg8eAN75AwcAKg8eAQABAwcAKg8egQACAwcA
Kg8egRKTAwcAKg8egUMZAwcAKg8egZLoAwcAKg8egaPQAwcAKg8egc2uAwUDKg8h
AAMFASoPOcADBwAqDz2AASMDBQAqDz2CAwUAKg89hAMFACoPPYcDBwAqD30EAAED
BQEqD38AAwUDKhBtQAMHACoSrEAAAAMHACoSrEAADwMFAyoS1UADBQMqE0kAAwUD
KhOCADANBgkqhkiG9w0BAQsFAAOCAQEAxCMXVtSIm0rPLln40Nxa8uwoq9aUi0y5
CR/D96Ulk3HMZbgYMWSZY/N6VLevJt0oQy7snWu7JrKHZOqMyCRvJI2BnbsAwRYZ
5weVC5pYjVPR79v5CwtoMs9JSkb2Kr8ICZMX0yCv3B6zep4FKmULTMrbCZO8Cu0r
sVHnzPJijpJfL1AqzJOYFIsrOW9dnaFg32jJCAI2nV51EAtePHlkVnuEdLf9/gSK
7gx2ZIchI860l46C6HbYuvIlRICkt14iCE9CWoTieocxF3+i1XsQwfiI+Y0Jw+o1
hmfVtQgb02l2dj1M5QKycrOlSgZsjEQG71HSyqsePyO+W0bg5ww7iw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:18 2025 by rpki-client