Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8GBdVGtraQ7AkOlji0DsO_7fcys.roa
File: 8GBdVGtraQ7AkOlji0DsO_7fcys.roa (raw, json)
Hash identifier: KWO5PgQQ0UvXA0Sb4tGV5b3zig3jPPQxuzW/jgnlKRg=
Subject key identifier: F0:60:5D:54:6B:6B:69:0E:C0:90:E9:63:8B:40:EC:3B:FE:DF:73:2B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01874612E4E00DFB117912FA5282FAB84C23
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8GBdVGtraQ7AkOlji0DsO_7fcys.roa
Signing time: Mon 03 Apr 2023 07:44:16 +0000
ROA not before: Mon 03 Apr 2023 07:44:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12695
IP address blocks: 91.233.54.0/24 maxlen: 24
45.137.82.0/24 maxlen: 24
91.233.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:12:e4:e0:0d:fb:11:79:12:fa:52:82:fa:b8:4c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 3 07:44:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0605d546b6b690ec090e9638b40ec3bfedf732b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:70:f9:9f:43:b0:57:9f:ca:3d:be:bc:b0:9c:
78:d7:a8:af:46:8a:63:3f:7d:c6:07:36:ab:e8:d7:
6f:08:5e:38:58:15:a1:82:77:14:51:5d:79:3b:a9:
42:71:e2:7c:ef:8f:ad:1f:b2:ff:1c:46:55:39:e6:
39:fa:b9:4e:6b:9a:45:87:e5:d5:38:93:87:55:d3:
5a:d8:18:76:91:8e:23:75:ee:dd:45:a6:b0:df:eb:
3f:c9:a3:f6:65:ae:2b:6a:22:92:94:04:03:62:db:
3c:2d:ff:0f:f5:94:08:16:e0:ec:4b:dd:56:ec:7c:
72:32:c3:1c:f8:a4:fd:3f:0b:8b:34:17:02:51:e0:
bd:7d:d3:73:e8:65:cf:e9:e4:50:24:a1:c2:bd:73:
e2:98:5f:57:be:88:ec:46:a5:1a:e1:ac:96:90:e9:
a0:f9:26:80:f1:db:72:06:dd:bf:0d:57:f2:d2:17:
15:d3:b4:bc:a9:32:df:8f:c7:fb:69:2f:76:33:f4:
55:a3:d7:cd:07:34:e7:f6:21:6b:30:01:18:e9:5b:
27:85:bd:df:22:6b:95:17:5f:4a:ce:73:b2:b1:c1:
48:12:ea:02:7e:48:97:28:bd:5d:0b:66:88:c4:ec:
57:9f:9c:2b:49:f4:2c:8f:ff:7a:ec:07:7e:10:d3:
34:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:60:5D:54:6B:6B:69:0E:C0:90:E9:63:8B:40:EC:3B:FE:DF:73:2B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8GBdVGtraQ7AkOlji0DsO_7fcys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.82.0/24
91.233.54.0/24
91.233.89.0/24
Signature Algorithm: sha256WithRSAEncryption
53:c9:04:66:76:4b:ac:96:a3:37:68:8d:c1:57:04:46:41:c9:
59:2f:9d:5d:a7:03:8d:82:fb:50:c1:e5:df:17:9b:57:6d:d7:
b6:a1:76:d7:de:1c:5e:02:58:c5:9d:f3:a3:0f:ba:8c:57:14:
57:38:01:eb:0c:95:86:b8:f4:77:d1:aa:c7:2a:6e:fb:71:37:
3f:93:b9:b5:fd:be:db:76:7b:57:fd:44:a2:3f:68:0c:92:2e:
c0:7d:23:fe:93:62:41:d5:aa:85:43:93:23:2b:32:35:08:fb:
93:1f:f3:57:12:ce:94:72:5c:f1:22:de:ee:2b:56:34:9b:cc:
e7:c5:f5:a8:7f:43:20:9e:38:f9:e4:93:94:2f:e5:d1:f1:d2:
ec:0d:9e:15:ef:d1:43:12:d2:85:ab:93:d9:9d:ec:6a:58:89:
0b:3f:61:71:dc:51:46:6f:73:24:3c:3a:76:f6:ab:2f:46:dc:
97:b1:b3:6f:23:84:eb:10:25:c3:71:7b:fb:79:3f:64:ea:e8:
eb:68:cc:7e:e2:56:3e:f3:fe:99:a2:9b:a8:db:6c:8d:a1:ba:
49:5f:a3:17:3b:5e:4e:c2:c1:92:ad:fc:26:53:47:65:39:84:
81:d6:e1:5b:6c:22:e1:42:1c:24:d6:91:fb:a9:cc:d4:c1:dc:
34:2d:76:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdGEuTgDfsReRL6UoL6uEwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNDAzMDc0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDYwNWQ1NDZiNmI2OTBlYzA5MGU5NjM4YjQwZWMzYmZlZGY3MzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XD5n0OwV5/KPb68sJx416ivRopj
P33GBzar6NdvCF44WBWhgncUUV15O6lCceJ874+tH7L/HEZVOeY5+rlOa5pFh+XV
OJOHVdNa2Bh2kY4jde7dRaaw3+s/yaP2Za4raiKSlAQDYts8Lf8P9ZQIFuDsS91W
7HxyMsMc+KT9PwuLNBcCUeC9fdNz6GXP6eRQJKHCvXPimF9XvojsRqUa4ayWkOmg
+SaA8dtyBt2/DVfy0hcV07S8qTLfj8f7aS92M/RVo9fNBzTn9iFrMAEY6Vsnhb3f
ImuVF19KznOyscFIEuoCfkiXKL1dC2aIxOxXn5wrSfQsj/967Ad+ENM0MwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPBgXVRra2kOwJDpY4tA7Dv+33MrMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOEdCZFZHdHJhUTdBa09samkwRHNPXzdmY3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYlSAwQA
W+k2AwQAW+lZMA0GCSqGSIb3DQEBCwUAA4IBAQBTyQRmdkuslqM3aI3BVwRGQclZ
L51dpwONgvtQweXfF5tXbde2oXbX3hxeAljFnfOjD7qMVxRXOAHrDJWGuPR30arH
Km77cTc/k7m1/b7bdntX/USiP2gMki7AfSP+k2JB1aqFQ5MjKzI1CPuTH/NXEs6U
clzxIt7uK1Y0m8znxfWof0Mgnjj55JOUL+XR8dLsDZ4V79FDEtKFq5PZnexqWIkL
P2Fx3FFGb3MkPDp29qsvRtyXsbNvI4TrECXDcXv7eT9k6ujraMx+4lY+8/6Zopuo
22yNobpJX6MXO15OwsGSrfwmU0dlOYSB1uFbbCLhQhwk1pH7qczUwdw0LXaA
-----END CERTIFICATE-----
Generated at Thu May 8 04:57:56 2025 by rpki-client